Here at Sucuri most of the malware that we deal with is on CMS platforms like: WordPress, Joomla, Drupal, Magento, and others. But every now and then we come across something a little different. Blackhat SEO Infection in Typo3 Just recently, I discovered a website using the Typo3 CMS that had been infected with a More Info »
Tag Archives: google
How to Add SSL & Move WordPress from HTTP to HTTPS
Moving a WordPress website from HTTP to HTTPS should be a priority for any webmaster. Recent statistics show that over 33% of website administrators across the web use WordPress and many of these websites have still not added an SSL certificate. Why is Important to Have a WordPress SSL Certificate? SSL has become increasingly important More Info »
Hacked Website Trend Report – 2018
We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / Sucuri team, which includes the Incident Response Team (IRT) and the Malware Research Team (MRT). The data presented is based on the analysis of 25,168 cleanup requests More Info »
Google Analytics and Angular in Magento Credit Card Stealing Scripts
Over the last few months, we’ve noticed several credit card-stealing scripts that use variations of the Google Analytics name to make them look less suspicious and evade detection by website owners. The malicious code is obfuscated and injected into legitimate JS files, such as skin/frontend/default/theme122k/js/jquery.jscrollpane.min.js, js/meigee/jquery.min.js, and js/varien/js.js. The obfuscated code loads another script from More Info »
Hackers Use Fake Google reCAPTCHA to Cloak Banking Malware
The most effective phishing and malware campaigns usually employ one of the following two age-old social engineering techniques: Impersonation These online phishing campaigns impersonate a popular brand or product through specially crafted emails, SMS, or social media networks. These campaigns employ various methods including email spoofing, fake or real employee names, and recognized branding to More Info »
Googlebot or a DDoS Attack?
A bot is a software application that uses automation to run scripts on the internet. Also called crawlers or spiders, these guys take on the simple yet repetitive tasks we do. There are legitimate bots and malicious ones. A Web Application Firewall (WAF) filters the web traffic and blocks any malicious bots, letting the good More Info »
A Scam-Free Cyber Monday for Online Businesses
Every year we see an increase in website attacks during the holidays. While business owners see their sales go up due to promotional Black Friday and Cyber Monday campaigns, hackers are in the background working nonstop to create malicious, fraudulent websites as well as take advantage of legitimate ones. Main Cyber Monday Threats Phishing Pages One More Info »
Switching to HTTPS Before It’s Too Late
Google, Mozilla, and other web authorities are pushing for website owners to adopt HTTPS. Soon, Google Chrome will start flagging sites by displaying a warning that the site is “Not secure“. Chrome 68 is already in Beta. Before long, everyone will be able to update their browsers to Chrome 68 and see “Not Secure” warnings on More Info »
Google and Facebook Used in Phishing Campaigns
We’ve all seen sketchy looking emails or texts with malicious links to click on. There are still people who fall for these more obvious types of scams, however, phishing scam messages are designed to be deceiving. They use methods that appear valid or of some urgent matter, encouraging its victim to hand over their data. Phishing More Info »
How to Improve Website Resilience for DDoS Attacks – Part I
Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks are unforgiving. They test the limits of your web server and application resources by sending spikes of fake traffic to your website. It is also notoriously difficult to conduct forensics on a DDoS attack, making the source of the attack a mystery. DDoS attacks More Info »
