We often find mailer scripts while cleaning malicious code from websites. Some of them are easily discovered, while others are obfuscated or heavily encoded. These “mailers” allow bad actors to send unwanted emails from your domain, and can be triggered through the misuse of a vulnerable extension or leftover backdoor malware scripts. The $_POST Mail More Info »
Intro to Securing an Online Store – Part 2
Last year, we introduced the theme of Securing an Online Store. We talked about how to identify the potential risks and what to look out for. These principles can help in satisfying PCI DSS requirements 8 & 10: Requirement 8 – Identify and authenticate access to system components. Requirement 10 – Track and monitor all access to More Info »
The Impacts of Zero-Day Attacks
Last week, we explained what zero-day vulnerabilities and attacks are. Essentially, zero-day vulnerabilities exist in the wild, with no patch available to prevent hackers from exploiting it. Today, we would like to expand on the impacts of these attacks. What Do Zero-Day Attacks Depend On? The impact a zero-day attack can have on your online More Info »
New Guide on How to Clean a Hacked Website
Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research website vulnerabilities and who are eager to share with you some tips on how to clean your hacked website. We are happy to help the community learn the steps they More Info »
Understanding Zero-Day Vulnerabilities & Attacks
In computer science, a vulnerability is considered to be a zero-day vulnerability if it’s unknown to all parties interested in patching it, such as: The team maintaining the project The users of the project Vulnerability researchers Vulnerability researchers are the good guys – people who won’t take advantage of the vulnerability for their own gain More Info »
Wikipedia Page Review Reveals Minr Malware
Since December, we’ve seen a number of websites with this funny looking obfuscated script injected at the very top of the HTML code (before the tag). This code is generated by the well-known JJEncode obfuscator, which was once quite popular for encrypting malicious code. Since its popularity dwindled a few years ago, we’ve hardly seen More Info »
Unwanted Pop-ups Caused by Injectbody/Injectscr Plugins
On February 8th, 2018, we noticed a new wave of WordPress infections involving two malicious plugins: injectbody and injectscr. These plugins inject obfuscated scripts, creating unwanted pop-up/pop-unders. Whenever a visitor clicks anywhere on an infected web page, they are served questionable ads. Plugin Location The malicious plugins possess a very similar file structure: Injectbody wp-content/plugins/injectbody/ More Info »
Sucuri Website Backups Product Update
We’re excited to be sharing some changes we’ve recently pushed for our Website Backups product. If you’re not familiar with this feature, Sucuri Website Backups allow you to completely backup your files and database in our secure infrastructure. In a worst-case scenario, where files or databases are overwritten or deleted, these backups make it easy More Info »
It’s Hard To Change The Keys To The Internet And It Involves Destroying HSM’s
Photo by Niko Soikkeli / Unsplash The root of the DNS tree has been using DNSSEC to protect the zone content since 2010. DNSSEC is simply a mechanism to provide cryptographic signatures alongside DNS records that can be validated, i.e. prove the answer is correct and has not been tampered with. To learn more about More Info »
How to Add Security to Your Client’s Websites
Website security has crossed the mind of nearly every website owner. However, as a website security company, we know that most webmasters come to us after the fact, when their website has already been compromised. Once hackers have taken over, website owners regret not having protected it when the website was initially launched. Today, we More Info »
