Home | News | Sucuri Security News (page 4)

Sucuri Security News

Website Hosting: Security Awareness Can Reduce Costs

Website hosting security has matured in recent years. Naturally, the types of security issues have changed because of it. For example, cross-contamination over multiple shared hosting accounts used to be a major problem for large website hosting providers,  but this isn’t really a huge threat today. However, malware attacks and other website security-related issues at the account level are still very ...

Read More »

Fake Plugins, Fake Security

WordPress users are becoming increasingly more aware of security threats and as a result they are taking more actions to secure their websites (e.g. by installing security plugins). While this is a good thing, there are always black hats trying to take an advantage of new opportunities to compromise websites. For example, we’re seeing a rising number of fake plugins ...

Read More »

Stored Cross-Site Scripting Vulnerability in WordPress 4.8.1

During regular research audits for our Sucuri Firewall (WAF), we discovered a source-based stored Cross-Site Scripting (XSS) vulnerability affecting WordPress 4.8.1. Are You at Risk? The vulnerability requires an account on the victim’s site with the Contributor role – or any account in a WordPress installation with bbPress plugin, as long as it has posting capabilities (if anonymous posting is allowed ...

Read More »

Hacked Websites Mine Cryptocurrencies

Cryptocurrencies are all the rage now. Bitcoin, altcoins, blockchain, ICO, mining farms, skyrocketing exchange rates – you see or hear this everyday in news now. Everyone seems to be trying to jump on this bandwagon. This trend resulted in emergence of online platforms that allow webmasters to install coin miners into their websites as an alternative means of monetization. The ...

Read More »

Ecommerce Security: Fake Jquery Used as CC Scraper

In the last few months, we noticed an increase in attacks targeting ecommerce platforms aiming to steal credit card information. We saw a similar rise last year after the summer ended, and believe that trend will continue now that the holiday season is quickly approaching. Most of these attacks are based on intercepting the communication between the online store and ...

Read More »

Using a VeraCrypt File Container to Encrypt Local Website Files

If you are doing website development and have a local repository, or store website backups on your computer, you should strongly consider encrypting these sensitive files. In the event that your computer is compromised, the encrypted container prevents an attacker from gaining access to your website (via database configuration files) and other private data. This guide shows you how to ...

Read More »

Malicious Backdoors: Fake Images and Strrev Functions

When a website is compromised, attackers frequently leave behind a backdoor – according to our research around 70% of all website hacks include a backdoor. These backdoors are not designed to attack a website or destroy data, instead they allow an attacker to re-enter a targeted website with little to no authentication, providing them with unauthorized access to the system. ...

Read More »

Old Themes, Abandoned Scripts and Pitfalls of Cleaning Serialized Data

Over the summer we’ve seen waves of WordPress database infections that use vulnerabilities in tagDiv’s Newspaper/Newsmag themes or InterconnectIT Search and Replace scripts (searchreplacedb2.php). The injections range from ad scripts coming from established ad networks like shorte.st to new domains created specifically for those attacks. Typical injected scripts look like this: <s cript type='text/javascript' src='hxxps://con1.sometimesfree[.]biz/c.js’> Or: var t = document.createElement(“script”); ...

Read More »