It’s no secret that a secure sockets layer (SSL) encrypts data as it moves between a visitor’s browser and the site host. For many people, a single SSL appears to be sufficient for protecting data exchanged between visitors and their website. But what happens to your SSL protection when you add a web application firewall […]
Tag Archives: sucuri
Hacked Website Threat Report – 2019
The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities to massively exploit, our team works diligently around the clock to identify, analyze, and protect website owners from compromise. Education is key to protecting yourself […]
CCPA: Sucuri’s Commitment to Protecting Your Data
Protecting our users’ information and privacy is extremely important to us. As a cloud-based security service, we’re fully committed to complying with the requirements of the California Consumer Privacy Act (CCPA) along with other global data protection laws and regulations. The CCPA went into effect Jan. 1, 2020, and we’ve updated our Privacy Policy and […]
Most Common Attacks Affecting Today’s Websites
New web-based attack types and vectors are coming out every day, this is causing businesses, communities and individuals to take security seriously now more than they ever have in the past. This is a huge win for the World Wide Web and it’s a trend that is pushing technology further towards more robust and securely […]
Microsof IIS Web Server – CMD Process Contributing to Website Reinfections
We often spend a lot of time talking about application level malware, but from time to time we do like to dabble in the ever so interesting web server infections as well. It is one of those things that comes with the job. Today, we’re going to chat about an interesting reinfection case in which […]
My WordPress Website Was Hacked
Before you freak out, allow me to clarify. It was one of several honeypots we have running. The honeypots are spread across the most commonly employed hosting companies. From Virtual Private Servers (VPS) to shared environments, to managed environments. In most instances we pay and configure them like any other consumer would so that we […]
Thoughts on WordPress Security and Vulnerabilities
As avid readers of this blog know, we’ve discovered or written about multiple vulnerabilities within the WordPress ecosystem over the last couple of weeks specifically relating to popular plugins. MailPoet and Custom Contact Forms drove the bulk of the engagement, but those using WPTouch, TimThumb and vBulletin were also made aware of vulnerabilities. If it […]
Website Security Analysis: A “simple” piece of malware
For regular readers of this blog, there is one constant that pops up over and over: malware gets more complex. When malware researchers, like myself, unlock new obfuscated code, it’s a signal to the black hats that they need to up their game. For me, figuring out their new hack attempts and then putting the […]
Yoast and Sucuri Partner to Create a Safer Web
We’re very excited to finally talk about a partnership that’s been in the works for a few months and in light of the serious nature of the Security in the WordPress ecosystem it only makes sense. It also comes at a time where we, as an organization, are reinvesting into Website Security space through extensive […]
Responsible Disclosure – Sucuri Open Letter to MailPoet and Future Disclosures
Many don’t know who I am. My name is Tony Perez, I’m the CEO of Sucuri. I have the pleasure of calling this company my family and everyday I work for every person at this company. My partner is Daniel Cid. He is one of the foremost thought leaders in the website security domain, his […]