Sometimes just a few lines of access logs can tell a whole story… Many ongoing attacks against WordPress and Joomla sites use a collection of known vulnerabilities in many different plugins, themes and components. This helps hackers maximize the number of sites they can compromise. Google Dorks Do you ever think about how hackers findRead […]
Tag Archives: Website Security
Return of the EXIF PHP Joomla Backdoor
Our Remediation and Research teams are in constant communication and collaboration. It’s how we stay ahead of the latest threats, but it also presents an opportunity to identify interesting threats that aren’t new but may be reoccuring. Such as today’s post, in which we explore a case we shared close to two years ago whereRead […]
Phishing for Anonymous Alligators
Everyone has encountered phishing at some point – fake emails and web pages designed to look legitimate. This tactic is becoming more popular as attackers are learning how to produce new and convincing phishing lures. You might receive spam emails claiming to have some important document for you. Some of them have malicious attachments andRead […]
Analyzing Black Hat URL Shorteners
Hackers are known to use URL shortening services to obfuscate their real landing pages. It’s very effective in clickbait scams on social networks. Some hackers think that using URL shorteners in site injections makes it less likely to be flagged as malicious because authorities cannot simply blacklist a link from bitly.com or goo.gl, so weRead […]
Analyzing Proxy Based Spam Networks
We are no strangers to Blackhat SEO techniques, we’ve actually spent a great deal of time working and sharing various bits of information related to Blackhat SEO techniques over the years. What we haven’t shared, however, is the idea of Proxy-based Spam Networks (PSN). It’s not because it wasn’t interesting, it’s just not something we’d seenRead […]
WordPress Brute Force Attacks – 2015 Threat Landscape
One of the first server-level compromises I had to deal with in my life was around 15 years ago, and it was caused by an SSH brute force attack. A co-worker set up a test server and chose a very weak root password. A few days later, the box was compromised and the attackers installedRead […]
Ask Sucuri: How to Create Website Backups?
Recently I had the good fortune of being able to present at Wordcamp Vancouver 2015. My presentation was titled ‘Why Security Matters‘ and I mentioned website backups several times. One of the people who attended asked me a great question: I backup my computer, and I backup the backup of my computer, but how doRead […]
Analyzing Popular Layer 7 Application DDoS Attacks
Distributed Denial of Service (DDoS) attacks have been a major concern for website owners for a while. All types of sites, from small to big, have been taken down and kept offline because of them. Even over-provisioned servers can be taken offline by the smallest of DDoS attacks; caused by IP addresses being null routed byRead […]
Demystifying File and Folder Permissions
If you have poked around a server before you have probably encountered file permissions. In fact, all computer file systems offer permissions based on the same core ideas. The file permissions in Linux, Mac, and Windows computers are very similar to the file and folder permissions in Apache, Nginx, and IIS servers. You can right-clickRead […]
FunWebProducts UserAgent Bloating Traffic
Every once in a while we get a case that makes us dig deep to find answers. We have spoken before about the trouble with forensics and reasons why websites get hacked. Sometimes though, the answer is not clear and we can only gather clues to make an educated guess. Our main business is preventingRead […]
