It feels like yesterday, but it has been 10 years since the domain sucuri.net was registered. Happy 10th Birthday, Sucuri! For us, 2009 marks the birth of the brand as it represents the day when the open-source project secured its name. The first Sucuri service was originally called NBIM (Network Based Integrity Monitoring). Sucuri intended […]
Tag Archives: Website Security
Reset Email Account Passwords After a Website Malware Infection
It’s not uncommon for bad actors to use compromised websites to send large amounts of email spam. This can cause major headaches for website owners — spam can lead to the blacklisting of a web host’s mail server IPs, or the domain name itself may be placed on blacklists like Spamhaus DBL. Reset Email Passwords […]
PCI for SMB: Requirement 12 – Maintain an Information Security Policy
Welcome to the final post to conclude our series on understanding the Payment Card Industry Data Security Standard–PCI DSS. We want to show how PCI DSS affects anyone going through the compliance process using the PCI SAQ’s (Self Assessment Questionnaires). In the previous articles written about PCI, we covered the following: Requirement 1: Build and […]
ThinkPHP 5.x Remote Code Execution
Earlier this year, we noticed an increase in attacks aiming at ThinkPHP, which is a PHP framework that is very popular in Asia. If you keep track of your site’s activity, the following log may look familiar: POST: /index.php?s=captcha HTTP/1.1 Data: _method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=uname&ipconfig In December 2018, a working exploit was released for the versions v5.0.23 and […]
From .tk Redirects to PushKa Browser Notification Scam
In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites. This campaign leverages old vulnerabilities (patched a long time ago) found in a variety of outdated themes and plugins. However, it also adds new vulnerabilities as soon as they are disclosed—like the recent Social Warfare […]
Attacks on Closed WordPress Plugins
The WordPress plugin repository team may “close” plugins and restrict downloads when they become aware of a security issue that the developer cannot fix quickly. However, bad actors are actively monitoring the WordPress plugin repository, paying close attention to these closed plugins. This may result in massive attacks if the attacker is able to identify the […]
DDoS Targeting WordPress Search
Have you ever stopped to think about how many resources a search engine has or if your website could handle the same amount of search traffic that Google does? Search engines play an important role on the internet and with how websites perform. One may say that they are the actual doorway to the online […]
Malware Campaigns Sharing Network Resources: r00ts.ninja
We recently noticed an interesting example of network infrastructure resources being used over a period of time by more than one large scale malware campaign (e.g redirected traffic, cryptomining). This was discovered when reviewing sources of the various malicious domains used in a recent WordPress plugin exploit wave. Mass Infection of WordPress Websites The latest Easy […]
TYPO3 Overtakes WordPress as Most Attacked CMS Due to Popularity
It all started with a Twitter Poll we put out a couple of weeks ago, trying to find out what is the most used CMS by our customers. We added the usual suspects in the poll options; WordPress, Joomla, Drupal. We casually added an “Other” option, just in case someone was using a rare CMS […]
How to Choose a Website Security Provider
As more people are creating websites and becoming aware of website security, companies are popping up everywhere to help with the problem. And just like website security plugins, not all website security services are created equal. Here at Sucuri, we believe that you should do your website security comparison research so you know the options available […]
