Spotlight on Women in Cybersecurity

less than 1 minute read

Sucuri is committed to helping women develop their careers in technology. On International Women’s Day, Sucuri team members share their insights into workin...

CONTINUE READING
CONTINUE READING

Hacked Website Trend Report – 2018

less than 1 minute read

We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / ...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

The Importance of Website Logs

less than 1 minute read

As a security company, we deal with a lot of compromised websites. Unfortunately, in most cases, we have limited access to customer logs, which is one of th...

CONTINUE READING

Add Security to Your Website Agency Portfolio

less than 1 minute read

As a website industry professional, you are aware of the importance of website security. This is especially true when managing 10 or more sites. How can you...

CONTINUE READING

Googlebot or a DDoS Attack?

less than 1 minute read

A bot is a software application that uses automation to run scripts on the internet. Also called crawlers or spiders, these guys take on the simple yet repe...

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

Improvements to SiteCheck Website Scanner

less than 1 minute read

<p>SiteCheck is Sucuri’s free website malware and security scanner offered to anyone who wants to scan their websites for malware and blacklist status....

CONTINUE READING

OWASP Top 10 Security Risks – Part V

less than 1 minute read

<p>To bring awareness to what threatens the integrity of websites, we are continuing a series of posts on the OWASP top 10 security risks.</p> Th...

CONTINUE READING
CONTINUE READING
CONTINUE READING

OWASP Top 10 Security Risks – Part IV

less than 1 minute read

<p>To bring awareness to what threatens the integrity of websites, we are continuing a series of posts on the OWASP top 10 security risks.</p> Th...

CONTINUE READING
CONTINUE READING

New Year Tips from Security Professionals

less than 1 minute read

<p>Have you included website security as a part of your new year’s resolutions for 2019?</p> Here is a quick retrospective on tips some of our te...

CONTINUE READING

My Website Was Hacked on Christmas Eve

less than 1 minute read

<p>Christmas is a wonderful time to spend with family and friends. A lot of kids look forward to opening their presents under the Christmas tree, but n...

CONTINUE READING
CONTINUE READING

Clever SEO Spam Injection

less than 1 minute read

<p>It’s very common for us here at Sucuri to face SEO injections on almost any type of CMS-based site. Today, I’ll be presenting how one particularly i...

CONTINUE READING

Naughty or Nice Websites

less than 1 minute read

<p>Santa Claus is coming! Was your website naughty or nice this year?</p> Here is a quick checklist of the top 10 bad things that can harm your w...

CONTINUE READING

OWASP Top 10 Security Risks – Part III

less than 1 minute read

<p>To bring awareness to what threatens the integrity of websites, we are continuing a series of posts on the OWASP top 10 security risks.</p> Th...

CONTINUE READING
CONTINUE READING
CONTINUE READING

Using Innocent Roles to Hide Admin Users

less than 1 minute read

<p>All across the internet, we find guides and tutorials on how to keep your WordPress site secure. Most of them approach the concept of user roles, bu...

CONTINUE READING

What is Phishing?

less than 1 minute read

<p>Phishing is a serious threat to any industry. We have seen this topic appear in the news more each day. You might have already received a fraudulent...

CONTINUE READING

Fear, Uncertainty, and Doubt

less than 1 minute read

<p>There’s a term for the practice of scaring potential customers into purchasing products or services they don’t need: FUD; fear, uncertainty, and dou...

CONTINUE READING

Navigating Data Responsibility

less than 1 minute read

<p>As we take a step back and think about how much the Internet has grown over the past 20 years, we realize how much content/data has been made availa...

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

Real-Time Fine-Tuning of the WAF via API

less than 1 minute read

<p>Though the Sucuri Firewall is simple to set up and protects your website immediately, it’s possible to have granular control of the WAF by using an ...

CONTINUE READING

Hackers Change WordPress Siteurl to Pastebin

less than 1 minute read

<p>Last Friday, we reported on a hack that used a vulnerability in the popular WP GDPR Compliance plugin to change WordPress siteurl settings to ereali...

CONTINUE READING
CONTINUE READING

10 Tips to Improve Your Website Security

less than 1 minute read

<p>Having a website has become easier than ever due to the proliferation of great tools and services in the web development space. Content management s...

CONTINUE READING

New WordPress Security Email Course

less than 1 minute read

<p>Recent statistics show that over 32% of website administrators across the web use WordPress.</p> Unfortunately, the CMSs popularity comes at a...

CONTINUE READING

Website Security Tips for Marketers

less than 1 minute read

<p>In our previous post, we have discussed why marketers should have a proactive approach to website security. Today we are going to discuss some secur...

CONTINUE READING

Web Marketers Should Learn Security

less than 1 minute read

<p>Most online marketers think of themselves as T-shaped individuals. The theory behind this concept is that individuals possess a wide range of skills...

CONTINUE READING

Saskmade[.]net Redirects

less than 1 minute read

<p>Earlier this week, we published a blog post about an ongoing massive malware campaign describing multiple infection vectors that it uses. This same ...

CONTINUE READING

OWASP Top 10 Security Risks – Part II

less than 1 minute read

<p>It is National Cyber Security Awareness Month and in order to bring awareness to what threatens the integrity of websites, we have started a series ...

CONTINUE READING
CONTINUE READING

Creating a Response Plan You Can Trust

less than 1 minute read

<p>As a website owner, you may have experienced your website being down for any number of reasons. Maybe due to errors in code, server related difficul...

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

Security Monitoring Saves the Day

less than 1 minute read

<p>For the second week of  National Cyber Security Awareness Month, we would like to focus on a very important part in having a good website security p...

CONTINUE READING

Obfuscated JavaScript Cryptominer

less than 1 minute read

<p>During an incident response investigation, we detected an interesting piece of heavily obfuscated JavaScript malware. Once decoded, we found out tha...

CONTINUE READING

OWASP Top 10 Security Risks – Part I

less than 1 minute read

<p>It is National Cyber Security Awareness Month and in order to bring awareness to what threatens the integrity of websites, we would like to start a ...

CONTINUE READING

October Cybersecurity Month

less than 1 minute read

<p>Since 2003, October has been recognized as National Cybersecurity Awareness Month. It is an annual campaign to raise awareness about the importance ...

CONTINUE READING

less than 1 minute read

CONTINUE READING

SSL vs. Website Security

less than 1 minute read

<p>Having a website today is way easier than it was 10 or 15 years ago. Tools like content management systems (CMS), website builders, static site gene...

CONTINUE READING
CONTINUE READING

Backdoor Uses Paste Site to Host Payload

less than 1 minute read

<p>Finding backdoors is one of the biggest challenges of a website security analyst, as backdoors are designed to be hidden in case the malware is foun...

CONTINUE READING

Outdated Duplicator Plugin RCE Abused

less than 1 minute read

<p>We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file.</p...

CONTINUE READING

Unsuccessfully Defaced Websites

less than 1 minute read

<p>Defaced websites are a type of hack that is easy to notice and a pain for website owners. Recently, we came across some defacement pages with a pecu...

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

WordPress Database Upgrade Phishing Campaign

less than 1 minute read

<p>We have recently been notified of phishing emails that target WordPress users. The content informs site owners that their database requires an updat...

CONTINUE READING
CONTINUE READING

Core Integrity Verifications

less than 1 minute read

<p>In order to clean a malware infection, the first thing we need to know is which files have been compromised. At Sucuri, we use several techniques in...

CONTINUE READING

Fake Font Dropper

less than 1 minute read

<p>Every day we see different website infections. When we receive unusual or interesting cases, our researcher instincts are triggered to investigate t...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

Switching to HTTPS Before It’s Too Late

less than 1 minute read

<p>Google, Mozilla, and other web authorities are pushing for website owners to adopt HTTPS. Soon, Google Chrome will start flagging sites by displayin...

CONTINUE READING
CONTINUE READING
CONTINUE READING

Persistent Malicious Redirect Variants

less than 1 minute read

<p>It’s always nice to meet an old friend or someone you used to know well. You have news to share and talk about, stories to tell, etc. But what if yo...

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

What are Website Backdoors?

less than 1 minute read

<p>When a site gets compromised, the attackers will often leave some piece of malware behind to allow them access back to the site. Hackers want to lea...

CONTINUE READING
CONTINUE READING

Magento Credit Card Stealer Reinfector

less than 1 minute read

<p>In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit ...

CONTINUE READING

The Importance of Website Backups

less than 1 minute read

<p>Imagine waking up in the morning to see that a couple of calls were missed and your email is overloaded with messages saying that your website is do...

CONTINUE READING
CONTINUE READING

How APIs Can Streamline Your Operations

less than 1 minute read

<p>Day-to-day operations can present many challenges. Whether you’re wearing multiple hats within the same department or a project lead managing dozens...

CONTINUE READING

Shell Logins as a Magento Reinfection Vector

less than 1 minute read

<p>Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following fi...

CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

The Impacts of a Data Breach

less than 1 minute read

<p>Have you ever wondered what happens if your e-commerce site is breached?</p> Usually, when you think about data breaches, you think about big ...

CONTINUE READING

What is PCI Compliance?

less than 1 minute read

<p>Sucuri aims at keeping the internet safe. That is why we are so keen on informing our customers of potential threats. We have posted many articles r...

CONTINUE READING

Massive localstorage[.]tk Drupal Infection

less than 1 minute read

<p>After a series of critical Drupal vulnerabilities disclosed this spring, it’s not surprising to see a surge of massive Drupal infections like this o...

CONTINUE READING

A Puzzling Backdoor Upload

less than 1 minute read

<p>After a successful compromise, backdoors are frequently left behind and function as a point of re-entry into the website environment. These maliciou...

CONTINUE READING

less than 1 minute read

CONTINUE READING

Analysis of a Malicious Blackhat SEO Script

less than 1 minute read

<p>An enormous number of SEO spam infections are handled by us here at Sucuri. In our most recent hacked website trend report, we analyzed over 34,000+...

CONTINUE READING

less than 1 minute read

CONTINUE READING

From Baidu to Google’s Open Redirects

less than 1 minute read

<p>Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam page...

CONTINUE READING

Malicious Activities with Google Tag Manager

less than 1 minute read

<p>If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say “yes” or even “absolutely”...

CONTINUE READING

Content Security Policy

less than 1 minute read

<p>As a website owner, it’s a good idea to be aware of the security issues that might affect your site. For example, Cross-site Scripting (XSS) attacks...

CONTINUE READING

Unwanted Ads via Baidu Links

less than 1 minute read

<p>The malware attack that began as an installation of malicious Injectbody/Injectscr WordPress plugins back in February has evolved since then.</p&...

CONTINUE READING

Hacked Website Trend Report – 2017

less than 1 minute read

<p>We are proud to be releasing our latest Hacked Website Trend Report for 2017.</p> This report is based on data collected and analyzed by the S...

CONTINUE READING

Obfuscation Through Legitimate Appearances

less than 1 minute read

<p>Recently, I analyzed a malware sample provided by our analyst Edward C. Woelke and noticed that it had been placed in a core WordPress folder. This ...

CONTINUE READING

What is Virtual Hardening?

less than 1 minute read

<p>If you want to make your website security more robust, you need to think about hardening. To harden your website means to add different layers of pr...

CONTINUE READING

less than 1 minute read

CONTINUE READING

GitHub Hosts Lokibot Infostealer

less than 1 minute read

<p>A few months ago, we reported on how cybercriminals were using GitHub to load a variety of cryptominers on hacked websites. We have now discovered t...

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

Intro to Securing an Online Store – Part 2

less than 1 minute read

<p>Last year, we introduced the theme of Securing an Online Store. We talked about how to identify the potential risks and what to look out for. These ...

CONTINUE READING

The Impacts of Zero-Day Attacks

less than 1 minute read

<p>Last week, we explained what zero-day vulnerabilities and attacks are. Essentially, zero-day vulnerabilities exist in the wild, with no patch availa...

CONTINUE READING

New Guide on How to Clean a Hacked Website

less than 1 minute read

<p>Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research websit...

CONTINUE READING
CONTINUE READING

Wikipedia Page Review Reveals Minr Malware

less than 1 minute read

<p>Since December, we’ve seen a number of websites with this funny looking obfuscated script injected at the very top of the HTML code (before the tag...

CONTINUE READING
CONTINUE READING

Sucuri Website Backups Product Update

less than 1 minute read

<p>We’re excited to be sharing some changes we’ve recently pushed for our Website Backups product.</p> If you’re not familiar with this feature, ...

CONTINUE READING
CONTINUE READING
CONTINUE READING

What is a WAF?

less than 1 minute read

<p>Have you ever wondered what WAF means?</p> WAF stands for Website Application Firewall. In order to make it simple to understand, imagine your...

CONTINUE READING
CONTINUE READING

11 minute read

CONTINUE READING

3 minute read

CONTINUE READING

Deprecating SPDY

4 minute read

Democratizing the Internet and making new features available to all Cloudflare customers is a core part of what we do. We're proud to be early adopters and h...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

7 minute read

CONTINUE READING
CONTINUE READING

4 minute read

CONTINUE READING
CONTINUE READING

14 minute read

CONTINUE READING

The Curious Case of Caching CSRF Tokens

15 minute read

<p>It is now commonly accepted as fact that web performance is critical for business. Slower sites can affect conversion rates on e-commerce stores, th...

CONTINUE READING

2 minute read

CONTINUE READING

Malicious Cryptominers from GitHub

less than 1 minute read

<p>Recently, a webmaster contacted us when his AVG antivirus reported that the JS:Miner-C [Trj] infection was found on their site.</p> Our invest...

CONTINUE READING

16 minute read

CONTINUE READING
CONTINUE READING

Make SSL boring again

7 minute read

It may (or may not!) come as surprise, but a few months ago we migrated Cloudflare’s edge SSL connection termination stack to use BoringSSL: Google's crypto ...

CONTINUE READING
CONTINUE READING

The New DDoS Landscape

13 minute read

<p>News outlets and blogs will frequently compare DDoS attacks by the volume of traffic that a victim receives. Surely this makes some sense, right? Th...

CONTINUE READING
CONTINUE READING

Living In A Multi-Cloud World

7 minute read

<p>A few months ago at Cloudflare’s Internet Summit, we hosted a discussion on A Cloud Without Handcuffs with Joe Beda, one of the creators of Kubernet...

CONTINUE READING
CONTINUE READING

SQL Injection in bbPress

less than 1 minute read

<p>During regular audits of our Sucuri Firewall (WAF), one of our researchers at the time, Slavco Mihajloski, discovered an SQL Injection vulnerability...

CONTINUE READING
CONTINUE READING CONTINUE READING

Privacy Pass - “The Math”

17 minute read

<p>This is a guest post by Alex Davidson, a PhD student in Cryptography at Royal Holloway, University of London, who is part of the team that developed...

CONTINUE READING
CONTINUE READING

Why Attackers Hack Small Sites

less than 1 minute read

<p>You would never leave the front door to your house wide open when you’re not home would you? Doing so would allow criminals to seize the opportunity...

CONTINUE READING

9 minute read

CONTINUE READING

14 minute read

CONTINUE READING

New WordPress Security Guide

less than 1 minute read

<p>WordPress has become the most popular CMS and now powers over 28% of the web. With over 60 million downloads, its popularity makes it a prime target...

CONTINUE READING

Cryptominers on Hacked Sites – Part 2

less than 1 minute read

<p>Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive mi...

CONTINUE READING
CONTINUE READING

10 minute read

CONTINUE READING

Malware Serving SEO Spam from External Sites

less than 1 minute read

<p>We handle an enormous number of SEO spam infections here at Sucuri. In Q3 of 2016, approximately 37% of all website infection cases were related to ...

CONTINUE READING
CONTINUE READING
CONTINUE READING

Cloudflare London Meetup Recap

1 minute read

<p>Cloudflare helps make over 6 million websites faster and more secure. In doing so, Cloudflare has a vast and diverse community of users throughout t...

CONTINUE READING
CONTINUE READING CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

A New Cybersecurity Strategy for Europe

3 minute read

October is European Cybersecurity Month, an annual advocacy campaign to raise awareness of cyber risks among citizens and businesses, and to share best pract...

CONTINUE READING

Hacked Websites Mine Cryptocurrencies

less than 1 minute read

<p>Cryptocurrencies are all the rage now. Bitcoin, altcoins, blockchain, ICO, mining farms, skyrocketing exchange rates – you see or hear this everyday...

CONTINUE READING

6 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

6 minute read

CONTINUE READING
CONTINUE READING

A Cloud Without Handcuffs

4 minute read

Brandon Philips, Co-Founder & CTO, CoreOS, and Joe Beda, CTO, Heptio, & Co-Founder, Kubernetes

CONTINUE READING
CONTINUE READING

8 minute read

CONTINUE READING

6 minute read

CONTINUE READING
CONTINUE READING CONTINUE READING
CONTINUE READING

Creating a Basic Website Security Framework

less than 1 minute read

<p>When you build or remodel a house, construction workers create a strong framework that can withstand the elements to keep your home and possessions ...

CONTINUE READING

Affiliate Cookie Stuffing in iFrames

less than 1 minute read

<p>Inline frames (iFrames) are an easy way to embed content from another site onto your own. This element allows you to insert another document inside ...

CONTINUE READING
CONTINUE READING

Intro to Securing an Online Store

less than 1 minute read

<p>Ecommerce websites have one of the most difficult challenges in the web security space – keeping the implicit trust of a customer in order to make t...

CONTINUE READING
CONTINUE READING

16 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

Evasion Techniques in Phishing Attacks

less than 1 minute read

<p>We all know that we shouldn’t click on links from sketchy looking emails. But what if the website you’re viewing takes you to a spoofed page at the ...

CONTINUE READING
CONTINUE READING

Personal Security Guide – iOS/Android

less than 1 minute read

<p>We’ve covered a lot of personal security practices, but many people forget how important it is to secure mobile devices, which are riddled with pers...

CONTINUE READING

12 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

Decoding Complex Malware – Step-by-Step

less than 1 minute read

<p>When cleaning websites, one of the most complicated parts of our job is ensuring we find all backdoors. Most of the time, attackers inject code into...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

How to use Cloudflare for Service Discovery

5 minute read

Cloudflare runs 3,588 containers, making up 1,264 apps and services that all need to be able to find and discover each other in order to communicate -- a pro...

CONTINUE READING

Labs Notes Monthly Recap – June/2017

less than 1 minute read

<p>This month, our Malware Research and Incident Response teams wrote about redirects that deliver malware and ads to visitors, as well as a backdoor m...

CONTINUE READING

2 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

Code Injection in Signed PHP Archives (Phar)

less than 1 minute read

<p>PHP contains an interesting but rarely used feature called Phar, which stands for PHp ARchive, that allows developers to package entire applications...

CONTINUE READING
CONTINUE READING
CONTINUE READING

How to make your site HTTPS-only

2 minute read

<p>The Internet is getting more secure every day as people enable HTTPS, the secure version of HTTP, on their sites and services. Last year, Mozilla re...

CONTINUE READING
CONTINUE READING

A container identity bootstrapping tool

9 minute read

Everybody has secrets. Software developers have many. Often these secrets -- API tokens, TLS private keys, database passwords, SSH keys, and other sensitive ...

CONTINUE READING

SQL Injection Vulnerability in WP Statistics

less than 1 minute read

<p>As part of a vulnerability research project for our Sucuri Firewall, we have been auditing popular open source projects looking for security issues....

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

When Your Plugins Turn Against You

less than 1 minute read

<p>Every day we face countless cases of sites getting compromised and infected by an attacker. From there, the sites can be used for various operations...

CONTINUE READING

Phishing Targeting Sucuri Customers

less than 1 minute read

<p>We are always on guard for phishing emails and websites that might try to compromise our customers or employees, so that we can be on top of the iss...

CONTINUE READING

Labs Notes Monthly Recap – May/2017

less than 1 minute read

<p>Sucuri Labs provides website malware research updates directly from our teams on the front line. You can read past-monthly recaps to catch up on tre...

CONTINUE READING

less than 1 minute read

CONTINUE READING

Personal Security Guide – WiFi Network

less than 1 minute read

<p>This is the third part in our series on personal security that offers methods to strengthen your overall security posture. By taking a holistic appr...

CONTINUE READING
CONTINUE READING

Reflections on reflection (attacks)

14 minute read

Recently Akamai published an article about CLDAP reflection attacks. This got us thinking. We saw attacks from Conectionless LDAP servers back in November 20...

CONTINUE READING

Personal Security Guide – Online Accounts

less than 1 minute read

<p>In our last post on browser security, we talked about how developing a broader security mindset can help keep your website safe. By taking steps to ...

CONTINUE READING

Personal Security Guide – Web Browsers

less than 1 minute read

<p>If your computer is infected, malware can spread to your website through text editors and FTP clients. Weak passwords are also vulnerable to brute f...

CONTINUE READING

SQL Injection Vulnerability in Joomla! 3.7

less than 1 minute read

<p>During regular research audits for our Sucuri Firewall (WAF), we discovered a SQL Injection vulnerability affecting Joomla! 3.7. The vulnerability i...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Anonymity and Abuse Reports

8 minute read

Last Thursday, ProPublica published an article critiquing our handling of some abuse reports that we receive. Feedback from the article caused us to reevalua...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Labs Notes Recap – Apr/2017

less than 1 minute read

<p>This month, our Malware Research and Incident Response teams wrote about several malware techniques that attempt to evade detection by focusing on s...

CONTINUE READING

IoT Security Anti-Patterns

5 minute read

<p>From security cameras to traffic lights, an increasing amount of appliances we interact with on a daily basis are internet connected. A device can b...

CONTINUE READING CONTINUE READING

Sucuri Firewall Dashboard Update

less than 1 minute read

<p>If you are a customer of ours, you may have noticed the recent updates we’ve made to our dashboard. These changes enhance your ability to manage the...

CONTINUE READING

5 minute read

CONTINUE READING

How to Use Splunk with Sucuri Audit Trails

less than 1 minute read

<p>The Sucuri Firewall dashboard provides a rich set of API functions that can be used to control your firewall settings remotely. In addition, there i...

CONTINUE READING

The Principle of Least Privilege

less than 1 minute read

<p>If you own a website and collaborate with others, the principle of least privilege should never be questioned. It is a computer science principle wh...

CONTINUE READING

less than 1 minute read

CONTINUE READING

Sucuri Monitoring Dashboard Update

less than 1 minute read

<p>We are happy to share some big changes to the monitoring dashboard. The Sucuri Platform features a monitoring dashboard that provides information re...

CONTINUE READING

Introducing SSL for SaaS

12 minute read

If you’re running a SaaS company, you know how important it is that your application is performant, highly available, and hardened against attack. Your custo...

CONTINUE READING

Labs Notes Monthly Recap – Mar/2017

less than 1 minute read

<p>Every month we recap the latest posts on Sucuri Labs, written by our Malware Research Team (MRT) and Incident Response Team (IRT).</p> Sucuri ...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING CONTINUE READING

Malicious Subdirectories Strike Again

less than 1 minute read

<p>In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on oth...

CONTINUE READING
CONTINUE READING
CONTINUE READING

Stored XSS in WordPress Core

less than 1 minute read

<p>As you might remember, we recently blogged about a critical Content Injection Vulnerability in WordPress which allowed attackers to deface vulnerabl...

CONTINUE READING
CONTINUE READING

Bank Phishing Incident Analysis

less than 1 minute read

<p>Everyone has received a phishing scam via email at one point or another. Thanks to modern anti-spam technology, most of these messages are blocked f...

CONTINUE READING

Cloudflare at Google NEXT 2017

3 minute read

The Cloudflare team is headed down the street to Google NEXT 2017 from March 8th - 10th at Moscone Center booth C7 in San Francisco, CA. We’re excited to mee...

CONTINUE READING
CONTINUE READING

Labs Notes Monthly Recap – Feb/2017

less than 1 minute read

<p>Every month we recap the latest posts on Sucuri Labs, written by our Malware Research Team (MRT) and Incident Response Team (IRT).</p> The Suc...

CONTINUE READING

The Story of an Expired WHOIS Server

less than 1 minute read

<p>We write quite often about SEO spam injections on compromised websites, but this is the first time we have seen this blackhat tactic spreading into ...

CONTINUE READING

Quantifying the Impact of “Cloudbleed”

19 minute read

Last Thursday we released details on a bug in Cloudflare's parser impacting our customers. It was an extremely serious bug that caused data flowing through C...

CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING CONTINUE READING

New Guide on How to Fix Hacked Magento Sites

less than 1 minute read

<p>Ecommerce refers to websites that involve online purchases. This functionality sparks new challenges, concerns, and requirements for website securit...

CONTINUE READING
CONTINUE READING

Labs Notes Monthly Recap – Jan/2017

less than 1 minute read

<p>Every month we recap the latest posts on Sucuri Labs, written by our Malware Research Team (MRT) and Incident Response Teams (IRT).</p> The Su...

CONTINUE READING
CONTINUE READING
CONTINUE READING

Cloudflare Crypto Meetup

2 minute read

Come join us on Cloudflare HQ in San Francisco on Tuesday, Febrary 28, 2017 for another cryptography meetup. We again had a great time at the last one, we de...

CONTINUE READING
CONTINUE READING

5 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Content Injection Vulnerability in WordPress

less than 1 minute read

<p>As part of a vulnerability research project for our Sucuri Firewall (WAF), we have been auditing multiple open source projects looking for security ...

CONTINUE READING

2 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

WordPress Performance Optimization Guide

less than 1 minute read

<p>Since launching our website performance testing tool we have been getting a lot of questions about how to improve the speed and performance of WordP...

CONTINUE READING
CONTINUE READING

Labs Notes Monthly Recap – Dec/2016

less than 1 minute read

<p>Last month there were a number of interesting website hacks being analyzed by our Malware Research Team (MRT) and Incident Response Teams (IRT).<...

CONTINUE READING

3 minute read

CONTINUE READING
CONTINUE READING

Injection of Unwanted Google AdSense Ads

less than 1 minute read

<p>During the last couple of years, it has become quite prevalent for hackers to monetize compromised sites by injecting unwanted ads. They can be pop-...

CONTINUE READING

less than 1 minute read

CONTINUE READING

Hacked Website Report – 2016/Q3

less than 1 minute read

<p>Today we are proud to release our quarterly Hacked Website Report for 2016/Q3. This report is based on data collected and analyzed by the Sucuri Rem...

CONTINUE READING

Website Malware Targets Mobile Platforms

less than 1 minute read

<p>Navigating the web on a mobile device can be tricky even when you’re browsing clean sites. If hackers are involved, the frustration of a pop-up can ...

CONTINUE READING

6 minute read

CONTINUE READING

Session Stealer Script Used In OpenCart

less than 1 minute read

<p>With so many open-source ecommerce platforms available in the market, selling online is an appealing and easy option for any store owner. In a few c...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

PrestaShop Attack Steals Login Credentials

less than 1 minute read

<p>Attackers compromise sites with a number of goals in mind – also referred to as actions on objective. In some instances they aim to abuse resources ...

CONTINUE READING

Labs Notes Monthly Recap – Nov/2016

less than 1 minute read

<p>Time for another monthly recap! If you haven’t seen the other monthly recaps, make sure to check out October and September. Our malware research and...

CONTINUE READING

less than 1 minute read

CONTINUE READING

Cloudflare acquires Eager

2 minute read

In 2011 we launched the Cloudflare Apps platform in an article that first declared Cloudflare as “not ... the sexiest business in the world.” Sexy or not, Cl...

CONTINUE READING

How Scammers Abuse Baidu Search Results

less than 1 minute read

<p>If you use Skype, recently you may have received Baidu link spam from some of your contacts.</p> The links look like this: www.baidu[.]com/lin...

CONTINUE READING

How to Secure Websites for Clients

less than 1 minute read

<p>In our last webinar, How To Account For Security With Customer Projects, I spoke about maintenance and sustainment contracts – specifically how to u...

CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

Website Spam Infection via Zip File Upload

less than 1 minute read

<p>Since the beginning of November we’ve been cleaning many sites infected with the same SEO spam malware.</p> The malware creates doorways for h...

CONTINUE READING
CONTINUE READING

Cloned Spam Sites in Subdirectories

less than 1 minute read

<p>In a recent post, we covered how attackers were abusing server resources to create WordPress sites in subdirectories and distribute spam. By adding ...

CONTINUE READING

New Guide on How to Fix Hacked Joomla! Sites

less than 1 minute read

<p>Joomla! is one of the most popular open-source content management systems (CMS) on the market, powering a large percentage of websites on the intern...

CONTINUE READING

New XM1RPC SEO Spam and Backdoor Campaign

less than 1 minute read

<p>We have been monitoring a new campaign specifically targeting WordPress sites, using hundreds of them for SEO spam distribution. We call it the XM1R...

CONTINUE READING

Labs Notes Monthly Recap – Oct/2016

less than 1 minute read

<p>In our September Labs Notes Recap, we listed recent discoveries made by our Incident Response and Malware Research Teams. These monthly recaps serve...

CONTINUE READING

less than 1 minute read

CONTINUE READING

Cloudflare Crypto Meetup

2 minute read

Come join us on Cloudflare HQ in San Francisco on Tuesday, November 22 for another cryptography meetup. We had such a great time at the last one, we decided ...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Joomla Account Creation Vulnerability

less than 1 minute read

<p>The Joomla team released a serious security vulnerability affecting all Joomla versions from 3.4.4 and up. If you’re using one of these versions of ...

CONTINUE READING
CONTINUE READING

Credentials Stealer on Prestashop

less than 1 minute read

<p>In a matter of hours, a big e-commerce website can have hundreds of credit card numbers stolen and used by attackers on other websites around the wo...

CONTINUE READING
CONTINUE READING

Magento Credit Card Swiper Exports to Image

less than 1 minute read

Over the past year we have seen a rash of credit card swipers in Magento and other ecommerce-based websites. In fact, we have been finding new variants nearl...

CONTINUE READING

Security through Confusion – The FUD Factor

less than 1 minute read

The FUD factor has been employed by sales and marketing teams from multiple industries for decades. It stands for fear, uncertainty and doubt (FUD) and first...

CONTINUE READING

TLS nonce-nse

5 minute read

One of the base principles of cryptography is that you can't just encrypt multiple messages with the same key. At the very least, what will happen is that tw...

CONTINUE READING

less than 1 minute read

CONTINUE READING

Labs Notes Monthly Recap – Sep/2016

less than 1 minute read

Sharing what we learn in the form of content and tools has been a staple here at Sucuri since our inception. Our greatest challenge is having enough hours to...

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

Introducing Dedicated SSL Certificates

8 minute read

When we launched Universal SSL in September 2014 we eliminated the costly and confusing process of securing a website or application with SSL, and replaced i...

CONTINUE READING
CONTINUE READING

SSH Brute Force Compromises Leading to DDoS

less than 1 minute read

A few weeks ago we ran an experiment to see how long it would take for some IPv4-only and IPv6-only servers to be compromised via SSH brute force attacks. We...

CONTINUE READING

4 minute read

CONTINUE READING
CONTINUE READING

What is the Status of IPv6 Adoption?

less than 1 minute read

The internet is a complex ecosystem of interconnected devices, and at its core is the Internet Protocol (IP). This protocol is currently in its second major ...

CONTINUE READING

An overview of TLS 1.3 and Q&A

9 minute read

The CloudFlare London office hosts weekly internal Tech Talks (with free lunch picked by the speaker). My recent one was an explanation of the latest version...

CONTINUE READING
CONTINUE READING

6 minute read

CONTINUE READING

Hacked Website Report – 2016/Q2

less than 1 minute read

Today we’re releasing our quarterly Hacked Website Report for 2016/Q2. The data in this report is based on compromised websites we worked on, with insights a...

CONTINUE READING
CONTINUE READING

Encryption Week

6 minute read

Since CloudFlare’s inception, we have worked tirelessly to make encryption as simple and as accessible as possible. Over the last two years, we’ve made Cloud...

CONTINUE READING

CloudFlare’s new WordPress plugin

1 minute read

Over 25% of all websites use WordPress, and over 10% of all internet traffic flows through CloudFlare; WordPress + CloudFlare has always been a winning combi...

CONTINUE READING

Hacking WordPress Sites on Shared Servers

less than 1 minute read

A website is only as safe as the weakest link on its shared server. Once a hacker gains access to one site on the server, they can easily infect other sites ...

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

Cleaning the Wp-Page Pharma Hack in WordPress

less than 1 minute read

Pharma hacks are common website infections categorized under SEO spam. With pharma hacks, the attacker exploits vulnerable websites to distribute pharmaceuti...

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING CONTINUE READING
CONTINUE READING

IPv4 vs IPv6 Performance Comparison

less than 1 minute read

IPv6 usage has been growing very slowly through the last 10 to 15 years. Since mid-2015 it started to pick up and increase adoption at a rapid pace. Google, ...

CONTINUE READING

Evenly Distributed Future

7 minute read

Traveling back and forth between the UK and US I often find myself answering the question “What does CloudFlare do?”. That question gets posed by USCIS on ar...

CONTINUE READING

less than 1 minute read

CONTINUE READING

The Cuban CDN

6 minute read

On a recent trip to Cuba I brought with me a smartphone and hoped to get Internet access either via WiFi or 3G. I managed that (at a price) but also saw for ...

CONTINUE READING

SQL Injection Vulnerability in Ninja Forms

less than 1 minute read

As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the Ninja Forms plugin for WordPress, ...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

Large CCTV Botnet Leveraged in DDoS Attacks

less than 1 minute read

Our security operations team investigate and mitigate multiple denial of service (DDoS) attacks every single day. One recent case caught our attention becaus...

CONTINUE READING
CONTINUE READING

Domain Renewal Phishing Scams

less than 1 minute read

When I received a letter in the mail asking me to renew my domain name, I immediately recognized it as a scam. The letter was designed to look like a bill, e...

CONTINUE READING CONTINUE READING

The Growing DDoS Threat to Website Owners

less than 1 minute read

As website attacks continue to evolve, we see growing levels of sophistication in the way attackers are expanding the economics of their industry. The moneti...

CONTINUE READING
CONTINUE READING CONTINUE READING

Phishers Abuse Hosting Temporary URLs

less than 1 minute read

Recently we told you how hackers use alternative domain names provided by web hosts to make their URLs look less suspicious. This time we’ll show a similar t...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

Backdoor in Fake Joomla! Core Files

less than 1 minute read

We usually write a lot about obfuscation methods on Sucuri Labs and here on the blog.  Sometimes we write about free tools to obfuscate your code that aren’t...

CONTINUE READING

Website Hacked Trend Report – 2016/Q1

less than 1 minute read

Our Remediation group is comprised of two distinct teams, the Incident Response Team (IRT) and Malware Research Team (MRT). These teams work closely with our...

CONTINUE READING

The Sleepy User Agent

6 minute read

From time to time a customer writes in and asks about certain requests that have been blocked by the CloudFlare WAF. Recently, a customer couldn’t understand...

CONTINUE READING

less than 1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

New Wave of the Test0/Test5.com Redirect Hack

less than 1 minute read

Last week we described the hack that randomly redirected site visitors either to a parked test0 .com domain or to malicious sites via the default7 .com domai...

CONTINUE READING

4 minute read

CONTINUE READING

5 minute read

CONTINUE READING

Finding Conditional SEO Spam in Drupal

less than 1 minute read

Nobody likes spam. It’s never fun (unless you’re watching Monty Python). For us it comes with the territory; removing SEO spam has been at the core of what w...

CONTINUE READING

Analyzing ImageTragick Exploits in the Wild

less than 1 minute read

Three days ago the ImageMagic (ImageTragick) vulnerability was released to the world. We’ve been actively monitoring as promised, and have started to see a f...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING

Cloned Websites Stealing Google Rankings

less than 1 minute read

We often speak of black hat SEO tactics and content scraping sites are just one example of such tactics. Scraping is the act of copying all content from a we...

CONTINUE READING
CONTINUE READING

5 minute read

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

2 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

2 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

3 minute read

CONTINUE READING

It takes two to ChaCha (Poly)

9 minute read

Not long ago we introduced support for TLS cipher suites based on the ChaCha20-Poly1305 AEAD, for all our customers. Back then those cipher suites were only ...

CONTINUE READING CONTINUE READING

Sucuri – 2016 Redesign

less than 1 minute read

A few weeks ago, while enjoying a fine lunch on a bright sunny day in Southern California, our researcher and marketing teams found themselves across the tab...

CONTINUE READING
CONTINUE READING

Introducing CFSSL 1.2

11 minute read

Continuing our commitment to high quality open-source software, we’re happy to announce release 1.2 of CFSSL, our TLS/PKI Swiss Army knife. We haven’t writte...

CONTINUE READING

The Trouble with Tor

11 minute read

The Tor Project makes a browser that allows anyone to surf the Internet anonymously. Tor stands for "the Onion router" and that describes how the service wor...

CONTINUE READING
CONTINUE READING

Going to IETF 95? Join the TLS 1.3 hackathon

less than 1 minute read

If you’re in Buenos Aires on April 2-3 and are interested in building, come join the IETF Hackathon. CloudFlare and Mozilla will be working on TLS 1.3, the f...

CONTINUE READING

14 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

When a WordPress Plugin Goes Bad

less than 1 minute read

Last summer we shared a story about the SweetCaptcha WordPress plugin injecting ads and causing malvertising problems for websites that leveraged the plugin....

CONTINUE READING

3 minute read

CONTINUE READING

10 minute read

CONTINUE READING

6 minute read

CONTINUE READING

Behind the Malware – Botnet Analysis

less than 1 minute read

While analyzing our website firewall logs we discovered an old vulnerability in the RevSlider plugin being retargeted. RevSlider, the plugin whose vulnerabil...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Fake SUPEE-5344 Patch Steals Payment Details

less than 1 minute read

In case you don’t know, SUPEE-5344 is an official security patch to the infamous Magento shoplift bug. That bug allows bad actors to obtain admin access to v...

CONTINUE READING
CONTINUE READING CONTINUE READING

Seo-moz.com SEO Spam Campaign

less than 1 minute read

Here at Sucuri we handle countless cases of SEO spam. This malware involves a website being compromised in order to spread (mostly pharmaceutical) advertisem...

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

Massive Admedia/Adverting iFrame Infection

less than 1 minute read

This past weekend we registered a spike in WordPress infections where hackers injected encrypted code at the end of all legitimate .js files. The distinguish...

CONTINUE READING

The Risks of Hiring a Bad SEO Company

less than 1 minute read

Today we are not going to explore malware or any other overtly malicious traffic. Instead this post is a warning about dishonest marketing tactics used by se...

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

Flexible, secure SSH with DNSSEC

5 minute read

<p>If you read this blog on a regular basis, you probably use the little tool called SSH, especially its ubiquitous and most popular implementation Ope...

CONTINUE READING

Ransomware Strikes Websites

less than 1 minute read

Ransomware is one of the most insidious types of malware that one can come across. These infections will encrypt all files on the target computer as well as ...

CONTINUE READING
CONTINUE READING

Malicious Pastebin Replacement for jQuery

less than 1 minute read

Website hackers are always changing tactics and borrowing ideas from each other. One of the challenges of website security is staying on top of those threats...

CONTINUE READING
CONTINUE READING

Fake Media Download Sites

less than 1 minute read

Your website is a huge part of your brand reputation. It serves as a place to build your audience and helps you get noticed by new visitors from search engin...

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

6 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

4 minute read

CONTINUE READING

9 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

HTTP/2 is here! Goodbye SPDY? Not quite yet

7 minute read

Why choose, if you can have both? Today CloudFlare is introducing HTTP/2 support for all customers using SSL/TLS connections, while still supporting SPDY. Th...

CONTINUE READING

How to Rollback WordPress Plugins

less than 1 minute read

Here’s another tutorial from WPBeginner. How to Rollback WordPress Plugins (Version Control for Beginners) Have you ever updated a WordPress plugin only to r...

CONTINUE READING
CONTINUE READING

Unwanted Software and Harmful Programs

less than 1 minute read

We frequently clean blacklisted websites and submit reconsideration requests to have them de-listed. We have encountered many kinds of blacklist warnings inc...

CONTINUE READING

Spam Campaign Causes “DDoS” by Googlebot

less than 1 minute read

Every once in a while we get a glimpse into rare and strange behavior that doesn’t involve the website being hacked, but causes major problems for website ow...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

vBulletin Exploits in the Wild

less than 1 minute read

The vBulletin team patched a serious object injection vulnerability yesterday, that can lead to full command execution on any site running on an out-of-date ...

CONTINUE READING

less than 1 minute read

CONTINUE READING CONTINUE READING

less than 1 minute read

CONTINUE READING

Joomla SQL Injection Attacks in the Wild

less than 1 minute read

  Last week, the Joomla team released an update patching a serious vulnerability in Joomla 3.x. This vulnerability, an SQL injection (CVE-2015-7858), allows ...

CONTINUE READING

3 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Massive Magento Guruincsite Infection

less than 1 minute read

We are currently seeing a massive attack on Magento sites where hackers inject malicious scripts that create iframes from “guruincsite[.]com“. Google already...

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

Redirect to Microsoft Word Macro Virus

less than 1 minute read

These days we rarely see Microsoft Word malware on websites, but it still exists and compromised websites can distribute this kind of malware as well. It’s n...

CONTINUE READING
CONTINUE READING
CONTINUE READING

Phishing for Anonymous Alligators

less than 1 minute read

Everyone has encountered phishing at some point – fake emails and web pages designed to look legitimate. This tactic is becoming more popular as attackers ar...

CONTINUE READING

less than 1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

Analyzing Black Hat URL Shorteners

less than 1 minute read

Hackers are known to use URL shortening services to obfuscate their real landing pages. It’s very effective in clickbait scams on social networks. Some hacke...

CONTINUE READING CONTINUE READING
CONTINUE READING CONTINUE READING

.htaccess Tricks in Global.asa Files

less than 1 minute read

As you might know a lot of hacks use Apache configuration .htaccess files to override default web site behavior: add conditional redirects, create virtual pa...

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

Analyzing Proxy Based Spam Networks

less than 1 minute read

We are no strangers to Blackhat SEO techniques, we’ve actually spent a great deal of time working and sharing various bits of information related to Blackhat...

CONTINUE READING

1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING CONTINUE READING

less than 1 minute read

CONTINUE READING

Malicious Google Search Console Verifications

less than 1 minute read

This past summer we noticed a trend of more and more Blackhat SEO hacks trying to verify additional accounts as owners of compromised sites in Google Search ...

CONTINUE READING
CONTINUE READING
CONTINUE READING

Demystifying File and Folder Permissions

less than 1 minute read

If you have poked around a server before you have probably encountered file permissions. In fact, all computer file systems offer permissions based on the sa...

CONTINUE READING

3 minute read

CONTINUE READING

2 minute read

CONTINUE READING

FunWebProducts UserAgent Bloating Traffic

less than 1 minute read

Every once in a while we get a case that makes us dig deep to find answers. We have spoken before about the trouble with forensics and reasons why websites g...

CONTINUE READING

Wigo Means Bingo for Blackseo Agent

less than 1 minute read

This week my colleague Peter Gramantik showed me a few infected sites that had very similar code embedded in the WordPress index.php files: if (eregi('-dbst'...

CONTINUE READING

Ensuring the web is for everyone

1 minute read

This is the text of an internal email I sent at CloudFlare that we thought worth sharing more widely. I annotated it a bit with links that weren't in the ori...

CONTINUE READING
CONTINUE READING
CONTINUE READING

DNS parser, meet Go fuzzer

9 minute read

Here at CloudFlare we are heavy users of the github.com/miekgs/dns Go DNS library and we make sure to contribute to its development as much as possible. Ther...

CONTINUE READING

less than 1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

Prestige Conference Means Business

less than 1 minute read

A great career in business could be likened to a well penned novel. It will be wrought with twists, sharp turns and will feature dull plateaus as well as the...

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING CONTINUE READING

SweetCaptcha Returns Hijacking Another Plugin

less than 1 minute read

Yesterday we observed a strange short return of the SweetCaptcha plugin to WordPress.org repository. In June we reported that SweetCaptcha injected third-par...

CONTINUE READING

Malicious Google Analytics Referral Spam

less than 1 minute read

  Robots (bots) have outnumbered people on the Internet for almost two years, and they browse much faster than your average visitor. Aside from spamming your...

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

Common Website Security Terminology Defined

less than 1 minute read

If you want to keep your website safe, it is important to understand the terminology used to describe the causes and effects of hacks. Software vulnerabiliti...

CONTINUE READING
CONTINUE READING
CONTINUE READING

Analyzing a Facebook Clickbait Worm

less than 1 minute read

Here at Sucuri we suspect everything, especially when your friends start to share content written in another language with clickbait headlines. If you are no...

CONTINUE READING

9 Best Audio Player Plugins for WordPress

less than 1 minute read

For the music lovers and for those who wants to add music or playlist to their website this article is for you. 9 Best Audio Player Plugins for WordPress Wor...

CONTINUE READING CONTINUE READING
CONTINUE READING
CONTINUE READING

Websites Hacked Via Website Backups

less than 1 minute read

The past few months we’ve been spending a good deal of time talking about backups. This is for good reason, they are often your safety net when things go wro...

CONTINUE READING
CONTINUE READING
CONTINUE READING

10 Tips to Improve Your Website Security

less than 1 minute read

In recent years there has been a proliferation of great tools and services in the web development space. Content management systems (CMS) like WordPress, Joo...

CONTINUE READING
CONTINUE READING CONTINUE READING

less than 1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

Your Website Hacked but No Signs of Infection

less than 1 minute read

Imagine for a moment, you have a suspicion that you have somehow been hacked. You see that something is off, but you feel as if you are missing something. Th...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

8 minute read

CONTINUE READING

How to Create a Social Media Marketing Plan

less than 1 minute read

Social media has a huge impact nowadays. Marketers found a way how to broaden their reach through social media marketing. This article was first published on...

CONTINUE READING
CONTINUE READING
CONTINUE READING CONTINUE READING

How Social Media Blacklisting Happens

less than 1 minute read

In today’s world, we are all browsing websites online and sharing content on a multitude of social media platforms every day. Worldwide social media users ex...

CONTINUE READING
CONTINUE READING
CONTINUE READING

1 minute read

CONTINUE READING
CONTINUE READING

Hacked Websites Redirect to Bitcoin.org

less than 1 minute read

Recently, we began to notice that some hacked websites were redirecting traffic from certain browsers to the BitCoin site, bitcoin.org. What’s going on? Is B...

CONTINUE READING
CONTINUE READING

An introduction to JavaScript-based DDoS

7 minute read

<p> CloudFlare protects millions of websites from online threats. One of the oldest and most pervasive attacks launched against websites is the Distrib...

CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING

CloudFlare’s New Dashboard

4 minute read

When we started CloudFlare, we thought we were building a service to make websites faster and more secure, and we wanted to make the service as easy and acce...

CONTINUE READING CONTINUE READING

Critical Persistent XSS 0day in WordPress

less than 1 minute read

Yes, you’ve read it right: a critical, unpatched 0-day vulnerability affecting WordPress’ comment mechanisms was disclosed earlier today by Klikki Oy. Who’s ...

CONTINUE READING
CONTINUE READING

Of Phishing Attacks and WordPress 0days

9 minute read

Proxying around 5% of the Internet’s requests gives us an interesting vantage point from which to observe malicious behavior. It also make us a target. Aside...

CONTINUE READING
CONTINUE READING CONTINUE READING

Contributing back to the security community

3 minute read

This Friday at the RSA Conference in San Francisco, along with Marc Rogers, Principal Security Researcher at CloudFlare, I'm speaking about a version of The ...

CONTINUE READING

less than 1 minute read

CONTINUE READING

11 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING CONTINUE READING
CONTINUE READING
CONTINUE READING

How To Create a Website Backup Strategy

less than 1 minute read

We’ve all heard it million times before – backups are important. Still, the reality is that even today, backups remain one of the most overlooked and under-u...

CONTINUE READING

1 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING

2 minute read

CONTINUE READING

less than 1 minute read

CONTINUE READING CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Why Website Reinfections Happen

7 minute read

I joined Sucuri a little over a month ago. My job is actually as a Social Media Specialist, but we have this process where regardless of your job you have to...

CONTINUE READING
CONTINUE READING

OpenSSL Security Advisory of 19 March 2015

1 minute read

Today there were multiple vulnerabilities released in OpenSSL, a cryptographic library used by CloudFlare (and most sites on the Internet). There has been a...

CONTINUE READING

The Impacts of a Hacked Website

7 minute read

Today, with the proliferation of open-source technologies like WordPress, Joomla! and other Content Management Systems (CMS) people around the world are abl...

CONTINUE READING
CONTINUE READING
CONTINUE READING

How to Create a Video Slider in WordPress

less than 1 minute read

This article teaches us how to install and set up Soliloquy plugin. How to Create a Video Slider in WordPress Have you seen popular sites using videos in the...

CONTINUE READING
CONTINUE READING

Inverted WordPress Trojan

6 minute read

Trojan (or trojan horse) is software that does (or pretends to be doing) something useful but also contains a secret malicious payload that inconspicuously ...

CONTINUE READING

3 minute read

CONTINUE READING

1 minute read

CONTINUE READING

Deprecating the DNS ANY meta-query type

3 minute read

DNS, one of the oldest technologies running the Internet, keeps evolving. There is a constant stream of new developments, from DNSSEC, through DNS-over-TLS, ...

CONTINUE READING

Why A Free Obfuscator Is Not Always Free.

3 minute read

We all love our code but some of us love it so much that we don’t want anyone else to read or understand it. When you think about it, that’s understandable –...

CONTINUE READING
CONTINUE READING
CONTINUE READING

The 11 Best Code Editors Available in 2015

less than 1 minute read

This is for all the Web Developers out there! Both free and paid code editors are discussed in the article.  Some of them are: Atom UltraEdit Sublime Tex...

CONTINUE READING
CONTINUE READING

Why Websites Get Hacked

8 minute read

I spend a good amount of time engaging with website owners across a broad spectrum of businesses. Interestingly enough, unless I’m talking large enterprise, ...

CONTINUE READING
CONTINUE READING
CONTINUE READING

4 minute read

CONTINUE READING

5 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

8 minute read

CONTINUE READING

How to Add SSL and HTTPS in WordPress

less than 1 minute read

In this article, the following concerns below will be tackled; What is HTTPS and SSL? Why do you need HTTPS and SSL? Requirements for using HTTPS and SSL...

CONTINUE READING
CONTINUE READING

less than 1 minute read

CONTINUE READING

The Dynamics of Passwords

8 minute read

How often do you think about the passwords you’re using? Not only for your website, but also for everything else you do on the internet on a daily basis? Ar...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

8 Keys to Creating More Meaningful Content

less than 1 minute read

A new take on those symbols! 8 Keys to Creating More Meaningful Content by Barry Feldman Hello ! @ # $ % ^ & * I was staring at my keyboard when I got ...

CONTINUE READING
CONTINUE READING

DNSSEC Done Right

5 minute read

This blog post is probably more personal than the usual posts here. It’s about why I joined CloudFlare.

CONTINUE READING
CONTINUE READING

Critical “GHOST” Vulnerability Released

1 minute read

A very critical vulnerability affecting the GNU C Library (glibc) is threatening Linux servers for a remote command execution. This security bug was discover...

CONTINUE READING
CONTINUE READING
CONTINUE READING CONTINUE READING
CONTINUE READING
CONTINUE READING

AdSense Abused with Malvertising Campaign

12 minute read

Last weekend we noticed a large number of requests to scan websites for malware because they randomly redirected to some “magazine” websites. Most of them me...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

3 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

2014 Website Defacements

1 minute read

Defacements are the most visual and obvious hack that a website can suffer from. They also come parcelled with their own exquisite sense of dread. Nothing gi...

CONTINUE READING

4 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING
CONTINUE READING

Kyoto Tycoon Secure Replication

3 minute read

Kyoto Tycoon is a distributed key-value store written by FAL Labs, and it is used extensively at CloudFlare. Like many popular key-value stores, Kyoto Tycoon...

CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING

2 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

Malvertising on a Website Without Ads

4 minute read

When you first configure your website, whether it be WordPress, Joomla, Drupal, or any other flavor of the month, it is often in its purest state. Unless of...

CONTINUE READING

Targeted Phishing Against GoDaddy Customers

1 minute read

I do get a lot of phishing emails, we all do, but as security professionals we tend to recognize them immediately. Either the syntax is wrong, or it’s missin...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Leveraging the WordPress Platform for SPAM

4 minute read

We’ve all seen WordPress comment and pingback spam, but thanks to strict moderation regimes and brilliant WordPress plugins that focus strictly on SPAM comme...

CONTINUE READING

WordPress Plugins to Streamline Your Business

less than 1 minute read

Nowadays, most businesses rely on the internet to widen the range of people that they can reach. And to make others aware of the services that they offer. Th...

CONTINUE READING
CONTINUE READING

1 minute read

CONTINUE READING
CONTINUE READING

JoomDonation Compromised

2 minute read

We are receiving reports from many users of the popular JoomDonation platform that they received a very scary email from someone that supposedly hacked into ...

CONTINUE READING
CONTINUE READING
CONTINUE READING

6 minute read

CONTINUE READING
CONTINUE READING

3 minute read

CONTINUE READING

Deep Dive into the HikaShop Vulnerability

5 minute read

It’s been two months since our disclosure of an Object Injection vulnerability affecting versions <2.3.3 of the Joomla! Hikashop extension. The vulnerabil...

CONTINUE READING
CONTINUE READING
CONTINUE READING CONTINUE READING

4 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Threat Introduced via Browser Extensions

6 minute read

We love investigating unusual hacks. There are so many ways to compromise a website, but often it’s the same thing. When we see malicious code on web pages, ...

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING

Google Blacklists Bit.ly

2 minute read

If you ever shortened a URL using bit.ly or if you use it anywhere, be aware that Google recently blacklisted all bit.ly pages through its Safe Browsing prog...

CONTINUE READING

1 minute read

CONTINUE READING

2 minute read

CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING

Drupal SQL Injection Attempts in the Wild

2 minute read

Less than 48 hours ago, the Drupal team released an update (version 7.32) for a serious security vulnerability (SQL injection) that affected all versions of ...

CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING
CONTINUE READING

5 minute read

CONTINUE READING

4 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Quick Analysis of a DDoS Attack Using SSDP

4 minute read

Last week, one of our many clients came under an interesting attack. Enough that it was flagged for human intervention. The interesting aspect of the case wa...

CONTINUE READING

3 minute read

CONTINUE READING

My WordPress Website Was Hacked

10 minute read

Before you freak out, allow me to clarify. It was one of several honeypots we have running. The honeypots are spread across the most commonly employed hostin...

CONTINUE READING
CONTINUE READING

3 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

9 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

Experimenting with mozjpeg 2.0

2 minute read

One of the services that CloudFlare provides to paying customers is called Polish. Polish automatically recompresses images cached by CloudFlare to ensure th...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

1 minute read

CONTINUE READING

SQL Injection Vulnerability – vBulletin 5.x

less than 1 minute read

The vBulletin team just released a security patch for vBulletin 5.0.4, 5.0.5, 5.1.0, 5.1.1, and 5.1.2 to address a SQL injection vulnerability on the member ...

CONTINUE READING

3 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING

Making code better with reviews

3 minute read

In the past we've written about how CloudFlare isn't afraid to rip out and replace chunks of code that have proved to be hard to maintain or have simply reac...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING

6 minute read

CONTINUE READING

Q&A with Ryan Lackey

5 minute read

Lackey being hoisted onto Sealand in the North Sea circa 2000 How did you get into computer security? I started using the Internet when I was young—in the e...

CONTINUE READING

CloudFlare Acquires CryptoSeal

1 minute read

We're excited to announce that CloudFlare has acquired the Trusted Computing and virtual private network (VPN) as a service company CryptoSeal. CryptoSeal w...

CONTINUE READING
CONTINUE READING

Naming Project Galileo

1 minute read

What’s in a Name Earlier today, CloudFlare announced Project Galileo to protect free speech on the Web by using its sophisticated anti-DDoS resources. Seve...

CONTINUE READING

CloudProxy + SPDY = A Faster Website

1 minute read

Our CloudProxy Firewall already protects and speeds load times for 1,000′s of websites. Now, it’ll be even faster. We’re happy to announce that we just added...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

CloudFlare is PCI Certified

less than 1 minute read

Great news for everyone using CloudFlare on an e-commerce site, or a site accepting or processing credit card transactions. After undergoing a Payment Card I...

CONTINUE READING

Was the FIFA Website Hacked?

2 minute read

As many know, our company has deep Brazilian roots, as such we have no choice but to enamored with the upcoming World Cup. Yes, the World Cup is coming, socc...

CONTINUE READING

2 minute read

CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING
CONTINUE READING

Malicious Redirections to Porn Websites

3 minute read

The past week has brought about a large number of cases where compromised websites had hidden redirections to porn injected into their code. All the infectio...

CONTINUE READING
CONTINUE READING

Desktop AVs and Website Security

2 minute read

Brian Dye tells the Wall Street Journal that antivirus tools like his company’s Norton suite are effectively “dead” because they catch less than half of all...

CONTINUE READING
CONTINUE READING

6 minute read

CONTINUE READING

3 minute read

CONTINUE READING
CONTINUE READING

Tracking our SSL configuration

less than 1 minute read

Over time we've updated the SSL configuration we use for serving HTTPS as the security landscape has changed. In the past we've documented those changes in b...

CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING

Joomla Plugin Constructor Backdoor

3 minute read

We recently wrote about backdoors in pirated commercial WordPress plugins. This time it will be a short post about an interesting backdoor we found in a Joom...

CONTINUE READING

Upcoming Meetups at CloudFlare

1 minute read

At CloudFlare, we love connecting with our communities, and so we are excited to announce two meetups to be hosted here at the CloudFlare headquarters in Sa...

CONTINUE READING
CONTINUE READING

7 minute read

CONTINUE READING

HeartBleed in the Wild

2 minute read

As most of you probably already know, ten days ago security Researchers disclosed a very serious vulnerability in the OpenSSL library, which is used to power...

CONTINUE READING

The Results of the CloudFlare Challenge

1 minute read

Earlier today we announced the Heartbleed Challenge. We set up a nginx server with a vulnerable version of OpenSSL and challenged the community to steal its ...

CONTINUE READING

less than 1 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING

2 minute read

CONTINUE READING

JCE Joomla Extension Attacks in the Wild

3 minute read

Our friends from SpiderLabs, issued a warning today on their blog about increased activity on their honeypots looking to exploit the old JCE (Joomla Content ...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

WordPress Pingback Attacks and our WAF

2 minute read

At CloudFlare a lot of our customers use WordPress, that's why we have our own plugin, we hang out at WordCamp and we wrote a WordPress specific ruleset for ...

CONTINUE READING
CONTINUE READING

8 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

SiteCheck Chrome Extension Now Available

1 minute read

Have you ever wondered if the websites you (or your family) visit contain code that is potentially harmful to you or your computer? If you are a Chrome user,...

CONTINUE READING
CONTINUE READING

4 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

6 minute read

CONTINUE READING

Fighting back responsibly

3 minute read

Today on The Day We Fight Back, companies are coming together to protest the NSA’s mass surveillance programs. CloudFlare is proud to be one of those compani...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

2 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

CloudFlare DNS is simple, fast and flexible

8 minute read

Over the past few years, the CloudFlare blog has covered a great range of different topics, drilling down into the technology we use to both protect websites...

CONTINUE READING

Killing RC4 (softly)

1 minute read

Back in 2011, the BEAST attack on the cipher block chaining (CBC) encryption mode used in TLS v1.0 was demonstrated. At the time the advice of experts (inclu...

CONTINUE READING
CONTINUE READING

Website Mesh Networks Distributing Malware

7 minute read

Can you imagine having the keys to a kingdom? How awesome would that be!! This is true in all domains, especialy when it comes to your website. This is almos...

CONTINUE READING
CONTINUE READING

The Hidden Backdoors to the City of Cron

2 minute read

An attackers key to creating a profitable malware campaign is its persistency. Malicious code that is easily detected and removed will not generate enough va...

CONTINUE READING

Sucuri Company Meeting – Brazil 2014

less than 1 minute read

2013 was a great year for Sucuri! We were able to add some great services and tools like CloudProxy to help website owners and administrators fight malware. ...

CONTINUE READING
CONTINUE READING

13 minute read

CONTINUE READING
CONTINUE READING

Keeping our open source promise

2 minute read

Back in October I wrote a blog post about CloudFlare and open source software titled CloudFlare And Open Source Software: A Two-Way Street which detailed the...

CONTINUE READING
CONTINUE READING

5 minute read

CONTINUE READING

What we’ve been doing with Go

4 minute read

Almost two years ago CloudFlare started working with Go. What started as an experiment on one network and concurrency heavy project has turned into full, pro...

CONTINUE READING
CONTINUE READING
CONTINUE READING
CONTINUE READING

Why secure systems require random numbers

6 minute read

(Image Copyright (c) Walt Disney) If you've been following recent news about technical spying by the US National Security Agency and the UK's Government Com...

CONTINUE READING

Details Behind Today’s Internet Hacks

6 minute read

When I woke up this morning I had no idea I'd be on a video conference with CloudFlare, OpenDNS, Google, GoDaddy, Twitter tech folks all day— Rajiv Pant (@ra...

CONTINUE READING

Updating Our Privacy Policy

2 minute read

Hi I’m Ken Carter, CloudFlare’s newly minted in-house counsel. Now that I have introduced myself, feel free to introduce yourself. Or, don’t. You may want to...

CONTINUE READING

6 minute read

CONTINUE READING

4 minute read

CONTINUE READING

8 minute read

CONTINUE READING

Staying on top of TLS attacks

11 minute read

CloudFlare makes extensive use of TLS connections throughout our service which makes staying on top of the latest news about security problems with TLS a pri...

CONTINUE READING

5 minute read

CONTINUE READING
CONTINUE READING

What CloudFlare Logs

2 minute read

Over the last few weeks, we've had a number of requests for information about what data CloudFlare logs when someone visits a site on our network. While we ...

CONTINUE READING
CONTINUE READING

1 minute read

CONTINUE READING

The DDoS That Almost Broke the Internet

10 minute read

The New York Times this morning published a story about the Spamhaus DDoS attack and how CloudFlare helped mitigate it and keep the site online. The Times c...

CONTINUE READING
CONTINUE READING

4 minute read

CONTINUE READING
CONTINUE READING
CONTINUE READING

1 minute read

CONTINUE READING

1 minute read

CONTINUE READING

What We Just Did to Make SSL Even Faster

5 minute read

A little over a month ago, we published a couple of blog posts about how we were making SSL faster. Specifically, we enabled OCSP stapling across our networ...

CONTINUE READING

Pushing Nginx to its limit with Lua

4 minute read

At CloudFlare, Nginx is at the core of what we do. It is part of the underlying foundation of our reverse proxy service. In addition to the built-in Nginx f...

CONTINUE READING
CONTINUE READING
CONTINUE READING

Two-factor Authentication Now Available

2 minute read

With web performance and security being the core of CloudFlare, we are always looking for ways to improve not just our customers' website security, but their...

CONTINUE READING

SEO and your website

6 minute read

*We get a lot of questions from our customers about CloudFlare and how we impact SEO. So when SEO.com signed up for CloudFlare, I thought it would be a grea...

CONTINUE READING

The many sites of CloudFlare

3 minute read

Each day I get to trade notes with CloudFlare customers. I'm constantly amazed by the diversity of businesses that use the service from around the world. I w...

CONTINUE READING