Home | News | Sucuri Security News

Sucuri Security News

Magento Credit Card Stealer Reinfector

In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal credentials. That is why we have reported on a credit card stealer reinfector of Magento websites in one of our recent Labs Notes. In this post, we describe one of the methods hackers use to ...

Read More »

The Importance of Website Backups

Imagine waking up in the morning to see that a couple of calls were missed and your email is overloaded with messages saying that your website is down. You go to your computer to check your server and it’s working fine – but oh no,  all your files are deleted from the database. What would you do? Backing up everything ...

Read More »

How to Improve Website Resilience for DDoS Attacks – Part I

Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks are unforgiving. They test the limits of your web server and application resources by sending spikes of fake traffic to your website. It is also notoriously difficult to conduct forensics on a DDoS attack, making the source of the attack a mystery. DDoS attacks are getting cheaper, more sophisticated ...

Read More »

How APIs Can Streamline Your Operations

Day-to-day operations can present many challenges. Whether you’re wearing multiple hats within the same department or a project lead managing dozens, even hundreds of web applications – time is always the concern. How late do I need to stay up tonight? How much longer will this take? What did I miss? I’ve heard this communicated a number of different ways, but ...

Read More »

Shell Logins as a Magento Reinfection Vector

Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files: app/Mage.php; lib/Varien/Autoload.php; index.php; app/code/core/Mage/Core/functions.php; These are common files for attackers to target as they operate throughout Magento sites, but these instances were special as they had a very peculiar reinfection rate. Malicious Scripts Loaded Through .bashrc ...

Read More »

New Guide on How to Position Website Security for Customers

Website security is challenging, especially when dealing with a large network of sites. That is why we have created a guide for web professionals and web service providers. Our main objective is to help you understand how to leverage a website security plan for your clients. In the guide, we provide content you can add to your business portfolio to ...

Read More »

Sucuri is Committed to the Protection of Your Data

Protecting our users’ information and privacy is extremely important to us. As a cloud-based security service, we’re fully committed to complying with the requirements of the General Data Protection Regulation (GDPR). What is the GDPR? The GDPR is a new data privacy law effective May 25th, 2018 that mandates how companies collect, modify, process, store, and delete the personal data ...

Read More »