What is Cross-Site Contamination? Cross-site contamination happens when a hacked site infects other sites on a shared server. Think of it as your kid in daycare catching the flu, next thing you know, everybody in the family has it as well. The same happens with websites. A site can be negatively affected by neighboring sites […]
Tag Archives: Website Security
New Year Tips from Security Professionals
Have you included website security as a part of your new year’s resolutions for 2019? Here is a quick retrospective on tips some of our team members shared with us throughout the year. The cost for neglecting security is 10 times greater than the effort to keep it safe. Your brand value takes 10 times […]
My Website Was Hacked on Christmas Eve
Christmas is a wonderful time to spend with family and friends. A lot of kids look forward to opening their presents under the Christmas tree, but not all of them have a present to open. This is why our family started a charity project in 2007 called the Shoebox Project. A few years later, my […]
Sucuri Named December 2018 Gartner Customers’ Choice for Web Application Firewalls
The Sucuri team is excited to announce that we have been recognized as a December 2018 Gartner Peer Insights Customers’ Choice for the Sucuri Firewall. Our team takes great pride in this distinction, as customer feedback continues to shape our products and services. In its announcement, Gartner explains, “The Gartner Peer Insights Customers’ Choice is […]
Clever SEO Spam Injection
It’s very common for us here at Sucuri to face SEO injections on almost any type of CMS-based site. Today, I’ll be presenting how one particularly ingenious malware manages to hide so well inside a WordPress website. The Traditional Approach There are two common approaches attackers use to inject SEO spam on websites: Injecting HTML […]
Naughty or Nice Websites
Santa Claus is coming! Was your website naughty or nice this year? Here is a quick checklist of the top 10 bad things that can harm your website security and the top 10 good things that can improve your website security. Naughty Websites List If your website falls into any of these categories, this is […]
Fake Volkswagen Campaign Spreads Through Social Networks
We recently investigated a suspicious link received by one of my colleagues on WhatsApp. The message (in Portuguese) states that Volkswagen is offering 20 free cars until the end of the year, and directs users to participate on a site that has been apparently crafted especially for this “event”. After an initial investigation, it became […]
Localization and Customization of Credit Card Stealing Malware
Credit card stealing malware is becoming more and more customized. We’ve been regularly seeing injected scripts with URLs that either mimic or include a portion of the victim’s site domain. Sometimes the injected code also references the victim’s site. Recently, we’ve come across another level of customization. Fake Payment Form in Bulgarian A compromised Magento […]
What is Phishing?
Phishing is a serious threat to any industry. We have seen this topic appear in the news more each day. You might have already received a fraudulent email from what seemed to be your bank or even seen the hacking that took place during the 2016 US presidential election. But what do you know about phishing? […]
Fear, Uncertainty, and Doubt
There’s a term for the practice of scaring potential customers into purchasing products or services they don’t need: FUD; fear, uncertainty, and doubt. This practice is widespread in the computer/IT industries at large, but is especially present in the security industry. People don’t want to get hacked—but may also not understand the issues and forces […]
