Home | News | Sucuri Security News (page 5)

Sucuri Security News

New Guide on How to Implement HTTPS / SSL Certificate

HTTPS is a hot topic among online marketers and SEO professionals who understand the future of the web needs to be more secure. Not just for the good of the internet, but to increase visibility and lower the chances of being penalized. Search engines and web traffic authorities are ramping up efforts to encourage website owners to learn how to ...

Read More »

Creating a Basic Website Security Framework

When you build or remodel a house, construction workers create a strong framework that can withstand the elements to keep your home and possessions secure. But what happens if you ignore proper building codes and inspections? The resulting risks to health and security are unacceptable. The same concept applies to how you secure your websites and the environments they reside ...

Read More »

Affiliate Cookie Stuffing in iFrames

Inline frames (iFrames) are an easy way to embed content from another site onto your own. This element allows you to insert another document inside an HTML page and can be really useful for embedding interactive applications like Google maps, advertisements and ecommerce applications. iFrame elements are also popular with website attackers because it allows them to easily load malicious ...

Read More »

Intro to Securing an Online Store

Ecommerce websites have one of the most difficult challenges in the web security space – keeping the implicit trust of a customer in order to make them feel safe shopping on the site. Whether the business started as a local brick-and-mortar shop, or deployed online from the start, it’s easy to design a website and organize content. It’s not as ...

Read More »

Mining Adminers – Hackers Scan the Internet For DB Scripts

Hackers are constantly scanning the internet for exploitable sites, which is why even small, new sites should be fully patched and protected. At the same time, it is not feasible to scan the whole internet with 330+ million domains and billions of web pages. Even Google can’t do it, but hackers are always getting better at reconnaissance. Despite these limitations, ...

Read More »

Google Warnings For Form Input Over HTTP Coming in October

For years, Google has been actively seeking ways to encourage website owners to implement SSL certificates. SSL allows websites to be accessed over HTTPS, which encrypts information sent between the visitor and web server. Recently, we discussed how Google is moving from a reward system to a punitive one. Websites using SSL continue to get an SEO boost since it ...

Read More »

Expired Domain Leads to WordPress Plugin Redirects

A malicious redirect is a snippet of code used by attackers with the intention of redirecting visitors to another site; a very common tactic seen in compromised websites. These redirects often take visitors to phishing, malware, or advertising sites with the intention of capturing sensitive user data, distributing malware and backdoors, or generating advertisement impressions. We’ve written before about how ...

Read More »

Evasion Techniques in Phishing Attacks

We all know that we shouldn’t click on links from sketchy looking emails. But what if the website you’re viewing takes you to a spoofed page at the Apple ID store and asks for your login information to proceed? This tactic is called phishing, and attacks are exponentially on the rise. Used by hackers to encourage unsuspecting victims to hand ...

Read More »