Highlights for June 2020 Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of restrictions in critical functions and issues surrounding user input data sanitization. Massive local file inclusion (LFI) attempts have been discovered attempting to harvest WordPress and Magento credentials. Attackers continue to More Info »
Archive | Security
RSS feed for this sectionDangerous Website Backups
It’s a well-known fact that website backups are important for mitigating a plethora of site issues. They can help restore a site after a compromise or even facilitate the investigative process by providing a clean code base to compare the current site state to. However, if a backup is not set up correctly, it can More Info »
Sucuri Academy: Free Website Security Courses
We are happy to announce that we have launched Sucuri Academy to offer free website security courses. Our main goal at Sucuri is to make the internet a safer place. One of our investments is creating the best educational content about website security to share our knowledge with the community. With that in mind, we More Info »
Sucuri Sit-Down Episode 2: Malware Types Explained with Krasimir Konov
Malware comes in many different varieties. Analyst Krasimir Konov is on this month’s Sucuri Sit-Down to help keep them all straight. From malicious iframes to SEO spam, join host Justin Channell as he racks Krasimir’s brain on all the different types of malware. Also, Krasimir discusses his recent blog post about a malicious cURL downloader, More Info »
Cross Site Scripting in YITH WooCommerce Ajax Product Filter
During a routine research audit for our Sucuri Web Application Firewall, we discovered a cross-site scripting (XSS) vulnerability affecting 100,000+ users of the YITH WooCommerce Ajax Product Filter plugin. Current State of the Vulnerability This security bug was fixed in the 3.11.1 release. We are not aware of any exploit attempts currently using this vulnerability. More Info »
Experience + Technology: How We Clean Infected Websites at Sucuri
Our malware removal service is particularly effective because it combines automated and human elements. The process gets off to a quick start thanks to cleanup scripts developed by our threat researchers. Real people also get their hands dirty handling tough work that shouldn’t be automated. The automated scripts identify and remove a lot of website More Info »
What is the Gibberish Hack?
Discovering some random folder with numbers and letters you don’t remember on your website would make any website owner put on their detective cap. At first, you may think, “Did I leave my FTP client open and my cat ran across the keyboard?” But when you open the folder, you find a series of HTML More Info »
What is a Website Defacement?
Website defacement is the most obvious sign of a hack. In these cases, bad actors who have gained access to an environment leave their mark through digital vandalism. For website owners, it means trying to access your homepage, only to find all of the code and content you’ve worked on replaced with something like this: More Info »
Evasion Tactics in Hybrid Credit Card Skimmers
The most common type of Magento credit card stealing malware is client-side JavaScript that grabs data entered in a checkout form and sends it to a third-party server controlled by the attackers. Though popular with bad actors, one of the drawbacks of this approach is that it’s possible to track requests to suspicious servers if More Info »
Labs Notes Monthly Recap – May/2020
In 2020, we doubled up our research efforts to report on many new attacks and hacks that we see in the wild. We believe that being informed is a big part of having a good website security posture. Sucuri Labs provides website malware research updates directly from our teams on the front line. Our Labs More Info »
