Home | News | Sucuri Security News (page 3)

Sucuri Security News

Web Marketers Should Learn Security

Most online marketers think of themselves as T-shaped individuals. The theory behind this concept is that individuals possess a wide range of skills, with some abilities running deeper than others. Website security awareness is in short supply and we need more champions — especially among small and medium-sized businesses. Digital marketers are in a prime position to add security know-how ...

Read More »

Saskmade[.]net Redirects

Earlier this week, we published a blog post about an ongoing massive malware campaign describing multiple infection vectors that it uses. This same week, we started detecting new modifications of the scripts injected by this attack. The general idea of the malware is the same, but the domain name and obfuscation has changed slightly. For example, in the wp_post table ...

Read More »

OWASP Top 10 Security Risks – Part II

It is National Cyber Security Awareness Month and in order to bring awareness to what threatens the integrity of websites, we have started a series of posts on the OWASP top 10 security risks. The OWASP Top 10 list consists of the 10 most seen application vulnerabilities: Injection Broken Authentication Sensitive data exposure XML External Entities (XXE) Broken Access control ...

Read More »

Multiple Ways to Inject the Same Tech Support Scam Malware

Last month, we shared information about yet another series of ongoing massive infections using multiple different vectors to inject malicious scripts into WordPress websites. Shortly after, the campaign changed the domain names used in its scripts. Now it mainly uses hotopponents[.]site and learningtoolkit[.]club. At the time of this writing, PublicWWW finds the most common patterns of this malware on thousands ...

Read More »

Creating a Response Plan You Can Trust

As a website owner, you may have experienced your website being down for any number of reasons. Maybe due to errors in code, server related difficulties or even being under attack from bad actors. I once shared my own experience of a hacked website in a webinar. Whether you have one site or hundreds, when restoring your online presence it ...

Read More »

Malicious Redirects from NewShareCounts.com Tweet Counter

When Twitter announced their new design for “Tweet” and “follow” buttons back in October 2015, marketers across the web developed a mild anxiety—the new design came with a decision to nuke their beloved Tweet count feature. Social signals can be a huge credibility indicator for visitors and site content. Who doesn’t think there’s a psychological relationship between the number of ...

Read More »

Product Update: Sucuri Firewall in Singapore and Amsterdam

Over three years ago, we transitioned the Sucuri Firewall (WAF) away from the cloud and expanded it to run on top of our own Anycast content delivery network (CDN). We provide security for websites with the protection of our WAF as well as performance benefits of a CDN. We have been adding data centers in key regions of the world: San ...

Read More »

Security Monitoring Saves the Day

For the second week of  National Cyber Security Awareness Month, we would like to focus on a very important part in having a good website security posture: monitoring. How can security monitoring save your day? Most people only care about their website security after something bad has already happened. However, how can you tell when something is attempting to harm ...

Read More »