- Dissecting the WordPress 5.2.3 Update 13 September 2019
Last week, WordPress released version 5.2.3 which was a security and maintenance update, and as such, contained many security fixes. Part of our day to day work is to analyse these security releases, discover what security issue it is fixing and come up with a Proof of Concept for further internal testing.
Based on our analysis, none of the vulnerabilities fixed in this release are major. They all require some level of privileged-user interaction or access to high-privilege accounts.
- How to Audit & Cleanup WordPress Plugins & Themes 9 September 2019
In an interview with Smashing Magazine our CoFounder (now Head of Security Products at GoDaddy) Tony Perez was asked the following question.
What Makes WordPress Vulnerable?
“Here’s the simple answer. Old versions of WordPress, along with theme and plugin vulnerabilities, multiplied by the CMS’ popularity, with the end user thrown into the mix, make for a vulnerable website.” – Tony Perez
The most common threats to any CMS are associated with vulnerabilities that have been introduced by third-party modules, plugins, themes and extensions.
- Throwback Threat Thursday: Joomla GoogleMaps Plugin SEO Spam Injection 5 September 2019
When our tools don’t automatically detect and clean malicious code, that’s when we start our investigation process—and the majority of these research findings end up on the blog or as a Labs note.
However, other times we update our tools to automatically detect and remediate the malware, then stash the code sample in our zoo along with some research notes… And there it stays, gathering dust, spiderwebs, and other nasty stuff.
Revisiting those old notes and malicious code samples to re-evaluate them is not only a good research exercise, but also interesting to share.
- What is Cryptocurrency Mining Malware? 2 September 2019
Before we get into the details of “Cryptocurrency Mining Malware”, we need to understand first what cryptocurrency is and what miners are.
What is Cryptocurrency?
Cryptocurrency is best thought of as digital currency and it only exists on computers. It is transferred between peers (there is no middleman like a bank). Transactions are then recorded on a digital public ledger called the “blockchain”.
Transaction data and the ledger are encrypted using cryptography (which is why it is called “crypto” “currency”).
- TimThumb Attacks: The Scale of Legacy Malware Infections 29 August 2019
These days, we consider a malware campaign massive if it affects a couple thousand websites. However, back in the day when Sucuri first started its operations, the scale of infections was significantly larger — and it was quite typical to see hundreds of thousands of websites affected by the same malware.
This was mostly because early versions of CMS’ were not very secure but already popular enough to power millions of websites. Extension developers also didn’t bother much about security.
- How to Improve Ecommerce Security 28 August 2019
If you have an ecommerce website, you are certainly concerned about its security. Business revenue depends on your online presence and having a website compromise is far from desirable.
In order to have a successful ecommerce business, you need to follow the requirements outlined by the Payment Card Industry Data Security Standards (PCI DSS). The major credit card companies are behind the PCI requirements whose goal it is to ensure there’s secure credit cardholder information transmission, storage, and handling.
- Internet Cookies: What Are They and Are They Good or Bad? 26 August 2019
Cookies! I LOVE Cookies. Oatmeal raisin are one of my particular favorite flavors.
However, we’re not here to talk about baked goods as much as I’d love to. We’re here to talk about itty bitty little files stored on your local machine, also called cookies. We’ve often come across several users inquiring about what they are and so we’re here to help provide some clarity. Let’s dig in!
What Are Cookies and What Do They Do?
- How Domain Expiration Can Potentially Disrupt Other Websites 22 August 2019
A website owner recently reached out to us about a pop-up advertisement problem on their website which occurred any time someone clicked anywhere on the web page.
- The Largest DDoS Attacks & What You Can Learn From Them 21 August 2019
A DDoS (Distributed Denial of Service) is an attack that focuses on making the website unavailable to its legitimate users. DDoS attacks can produce service interruptions, introduce large response delays, and cause various business losses.
Denial-of-Service Attacks result in two ways —they either flood services or crash services. Attackers execute DDoS through computers and smart devices. Given this, it’s common for attackers to make use of IoT devices that are internet-accessible. IoT devices refers to any electronic that can connect to the internet and transmit data, such as toys, smart TVs, and monitors of any kind.
- Sucuri Can Help Secure Your Client Websites 19 August 2019
At Sucuri, we understand that most web professionals and web agencies ultimately need to make their clients part of the decision-making process for choosing to secure their sites.
Overall, website security sounds like a good thing, but how do you position the value of Sucuri’s website security to clients who don’t know (or even care to know) the specifics behind what website security would offer them?
Why is Website Security Important?
Many clients will ask why they should care about website security.
- What Hackers Do after Gaining Access to a Website 15 August 2019
A hack or cyber attack is the act of maliciously entering, taking control over, or manipulating by force a web application, server, or file that belongs to someone else.
Cyber attacks will:
- modify files,
- retrieve information,
- insert commands or scripts,
- change the way your website and Google Search Results look to visitors.
What Do Hackers Do?
Here is a brief descriptions on the most common cyber attacks we see performed by hackers.