Reflections on reflection (attacks)

Recently Akamai published an article about CLDAP reflection attacks. This got us thinking. We saw attacks from Conectionless LDAP servers back in November 2016 but totally ignored them because our systems were automatically dropping the attack traffic without any impact. CC BY 2.0 image by RageZ We decided to take a second look through our More Info »

Personal Security Guide – Web Browsers

If your computer is infected, malware can spread to your website through text editors and FTP clients. Weak passwords are also vulnerable to brute force attacks, and using unsecured networks to access the internet can leave you exposed to hackers. As a website owner, you have to consider the broader impacts of your overall security More Info »

SQL Injection Vulnerability in Joomla! 3.7

During regular research audits for our Sucuri Firewall (WAF), we discovered a SQL Injection vulnerability affecting Joomla! 3.7. The vulnerability is easy to exploit and doesn’t require a privileged account on the victim’s site. Are You at Risk? The vulnerability is caused by a new component, com_fields, which was introduced in version 3.7. If you use this version, you More Info »

Anonymity and Abuse Reports

Last Thursday, ProPublica published an article critiquing our handling of some abuse reports that we receive. Feedback from the article caused us to reevaluate how we handle abuse reports. As a result, we’ve decided to update our abuse reporting system to allow individuals reporting threats and child sexual abuse material to do so anonymously. We More Info »

Introducing the New Sucuri Customer Dashboard

Over the course of the last year, our teams have been getting creative and making a collaborative effort to improve the experience of our customer dashboard. Website security is multifaceted and we understand the logistical complexities of managing multiple sites. That’s why we are continually brainstorming ways to make the management of your website security More Info »