In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal credentials. That is why we have reported on a credit card stealer reinfector of Magento websites in one of our recent Labs Notes. In this post, we describe one of More Info »
Archive | Security
RSS feed for this sectionThe Importance of Website Backups
Imagine waking up in the morning to see that a couple of calls were missed and your email is overloaded with messages saying that your website is down. You go to your computer to check your server and it’s working fine – but oh no, all your files are deleted from the database. What would More Info »
How to Improve Website Resilience for DDoS Attacks – Part I
Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks are unforgiving. They test the limits of your web server and application resources by sending spikes of fake traffic to your website. It is also notoriously difficult to conduct forensics on a DDoS attack, making the source of the attack a mystery. DDoS attacks More Info »
How APIs Can Streamline Your Operations
Day-to-day operations can present many challenges. Whether you’re wearing multiple hats within the same department or a project lead managing dozens, even hundreds of web applications – time is always the concern. How late do I need to stay up tonight? How much longer will this take? What did I miss? I’ve heard this communicated a More Info »
Shell Logins as a Magento Reinfection Vector
Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files: app/Mage.php; lib/Varien/Autoload.php; index.php; app/code/core/Mage/Core/functions.php; These are common files for attackers to target as they operate throughout Magento sites, but these instances were special as they had a very peculiar reinfection rate. More Info »
New Guide on How to Position Website Security for Customers
Website security is challenging, especially when dealing with a large network of sites. That is why we have created a guide for web professionals and web service providers. Our main objective is to help you understand how to leverage a website security plan for your clients. In the guide, we provide content you can add More Info »
Sucuri is Committed to the Protection of Your Data
Protecting our users’ information and privacy is extremely important to us. As a cloud-based security service, we’re fully committed to complying with the requirements of the General Data Protection Regulation (GDPR). What is the GDPR? The GDPR is a new data privacy law effective May 25th, 2018 that mandates how companies collect, modify, process, store, More Info »
An Old Trick with a New Twist: Cryptomining Through Disguised URL Shorteners
As we have previously discussed on this blog, surreptitious cryptomining continues to be a problem as new methods emerge to both evade and hasten the ease of mining at the expense of system administrators, website owners, and their visitors. Another Way Hackers are Tricking Website Visitors into Stealth Cryptomining The latest of these new techniques More Info »
Referral Program Update – Now Offering Agency Plan
Sucuri’s main objective is to make the internet a safer place for everyone. With that in mind, we created a Referral Program, which gives you the opportunity to advocate for website security and profit from it. Our referral partners use their custom link to recommend Sucuri products and receive a starting commission of 25% off More Info »
The Impacts of a Data Breach
Have you ever wondered what happens if your e-commerce site is breached? Usually, when you think about data breaches, you think about big enterprise websites. Does that mean that big brands are the ones who suffer the most from data breaches? Actually not. Recently, Trustwave put out a report that states approximately 90% of breaches impact More Info »
