If your computer is infected, malware can spread to your website through text editors and FTP clients. Weak passwords are also vulnerable to brute force attacks, and using unsecured networks to access the internet can leave you exposed to hackers. As a website owner, you have to consider the broader impacts of your overall security More Info »
SQL Injection Vulnerability in Joomla! 3.7
During regular research audits for our Sucuri Firewall (WAF), we discovered a SQL Injection vulnerability affecting Joomla! 3.7. The vulnerability is easy to exploit and doesn’t require a privileged account on the victim’s site. Are You at Risk? The vulnerability is caused by a new component, com_fields, which was introduced in version 3.7. If you use this version, you More Info »
Website Availability and Security When Migrating Hosts
Website security is a continuous process. It’s not something that should be turned on when the time is right; rather integrated into the full scope of how you deploy a website, maintain it, and ensure the safety of your visitors. At Sucuri, we protect websites with a wide range of website configurations, including business owners More Info »
Standing Up to a Dangerous New Breed of Patent Troll
On March 20th, Cloudflare received our first patent infringement claim: Blackbird Tech LLC v. Cloudflare, Inc. Today we’re filing our Answer to that claim in a federal court in Delaware. We have very strong arguments we will present in the litigation, mostly because the patent asserted against us does not have anything to do with More Info »
Fake WordPrssAPI Stealing Cookies and Hijacking Sessions
Cookies are stored in the user’s browser to track behavior on a specific website. They also keep a user logged in during the active browsing session. Without cookies a user would need to log in, in order to authenticate every action they take. Essentially, cookies keep a user logged in until they either log out More Info »
Anonymity and Abuse Reports
Last Thursday, ProPublica published an article critiquing our handling of some abuse reports that we receive. Feedback from the article caused us to reevaluate how we handle abuse reports. As a result, we’ve decided to update our abuse reporting system to allow individuals reporting threats and child sexual abuse material to do so anonymously. We More Info »
Introducing the New Sucuri Customer Dashboard
Over the course of the last year, our teams have been getting creative and making a collaborative effort to improve the experience of our customer dashboard. Website security is multifaceted and we understand the logistical complexities of managing multiple sites. That’s why we are continually brainstorming ways to make the management of your website security More Info »
Introducing the new Cloudflare Community Forum
Cloudflare’s community of users is vast. With more than 6 million domains registered, our users come in all shapes and sizes and are located all over the world. They can also frequently be found hanging out all around the web, from social media platforms, to Q&A sites, to any number of personal interest forums. Cloudflare More Info »
How eero mesh WiFi routers connect to the cloud
This is a guest post by Gabe Kassel, Product Manager for Embedded Software at eero. Relying on a single wireless router to provide internet in every room of the home is like expecting a single light bulb to illuminate the entire house. It’s physics – WiFi radio waves don’t travel through walls or objects easily. More Info »
Labs Notes Recap – Apr/2017
This month, our Malware Research and Incident Response teams wrote about several malware techniques that attempt to evade detection by focusing on small changes that website owners might miss. Examples include typos in domain names, unused top-level domains (i.e. .com, .solutions), and delayed banner ads. Sucuri Labs provides website malware research updates directly from our More Info »
