Call Us Today at 1-403-291-9811 or 1-866-291-3857

Web Security

  • Magento Credit Card Stealer Reinfector 19 June 2018 Magento Credit Card Stealer Reinfector

    In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal credentials. That is why we have reported on a credit card stealer reinfector of Magento websites in one of our recent Labs Notes.

    In this post, we describe one of the methods hackers use to ensure that their malicious code is added back to a website after it has been removed.

    Continue reading Magento Credit Card Stealer Reinfector at Sucuri Blog.

  • The Importance of Website Backups 14 June 2018 The Importance of Website Backups

    Imagine waking up in the morning to see that a couple of calls were missed and your email is overloaded with messages saying that your website is down. You go to your computer to check your server and it’s working fine – but oh no,  all your files are deleted from the database. What would you do?

    Backing up everything may seem a boring task, however, website backups can be a life saver.

    Continue reading The Importance of Website Backups at Sucuri Blog.

  • How to Improve Website Resilience for DDoS Attacks – Part I 12 June 2018 How to Improve Website Resilience for DDoS Attacks – Part I

    Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks are unforgiving. They test the limits of your web server and application resources by sending spikes of fake traffic to your website. It is also notoriously difficult to conduct forensics on a DDoS attack, making the source of the attack a mystery.

    DDoS attacks are getting cheaper, more sophisticated and more readily accessible every day. As a result, they have become an instrument of war for both commercial and political purposes.

    Continue reading How to Improve Website Resilience for DDoS Attacks – Part I at Sucuri Blog.

  • How APIs Can Streamline Your Operations 5 June 2018 How APIs Can Streamline Your Operations

    Day-to-day operations can present many challenges. Whether you’re wearing multiple hats within the same department or a project lead managing dozens, even hundreds of web applications – time is always the concern.

    How late do I need to stay up tonight?
    How much longer will this take? What did I miss?

    I’ve heard this communicated a number of different ways, but the one takeaway is that leveraging APIs is invaluable to your everyday workflow when working with third-party vendors.

    Continue reading How APIs Can Streamline Your Operations at Sucuri Blog.

  • Shell Logins as a Magento Reinfection Vector 31 May 2018 Shell Logins as a Magento Reinfection Vector

    Recently, we have come across a number of websites that were facing reinfection of a credit card information stealer malware within the following files:

    • app/Mage.php;
    • lib/Varien/Autoload.php;
    • index.php;
    • app/code/core/Mage/Core/functions.php;

    These are common files for attackers to target as they operate throughout Magento sites, but these instances were special as they had a very peculiar reinfection rate.

    Malicious Scripts Loaded Through .bashrc

    Upon closer inspection, we came across this snippet in the site owner’s .bashrc file.

    Continue reading Shell Logins as a Magento Reinfection Vector at Sucuri Blog.

  • New Guide on How to Position Website Security for Customers 29 May 2018 New Guide on How to Position Website Security for Customers

    Website security is challenging, especially when dealing with a large network of sites.
    That is why we have created a guide for web professionals and web service providers.

    Our main objective is to help you understand how to leverage a website security plan for your clients.

    In the guide, we provide content you can add to your business portfolio to market and validate website security among your clients.

    Continue reading New Guide on How to Position Website Security for Customers at Sucuri Blog.

  • Sucuri is Committed to the Protection of Your Data 24 May 2018 Sucuri is Committed to the Protection of Your Data

    Protecting our users’ information and privacy is extremely important to us. As a cloud-based security service, we’re fully committed to complying with the requirements of the General Data Protection Regulation (GDPR).

    What is the GDPR?

    The GDPR is a new data privacy law effective May 25th, 2018 that mandates how companies collect, modify, process, store, and delete the personal data originating in the EU for both residents and visitors.

    We believe that the GDPR is a positive thing for individuals and brands, as it offers those affected the right to access their personal information or have it deleted entirely.

    Continue reading Sucuri is Committed to the Protection of Your Data at Sucuri Blog.

  • An Old Trick with a New Twist: Cryptomining Through Disguised URL Shorteners 22 May 2018 An Old Trick with a New Twist: Cryptomining Through Disguised URL Shorteners

    As we have previously discussed on this blog, surreptitious cryptomining continues to be a problem as new methods emerge to both evade and hasten the ease of mining at the expense of system administrators, website owners, and their visitors.

    Another Way Hackers are Tricking Website Visitors into Stealth Cryptomining

    The latest of these new techniques is actually more of a twist on the old method by disguising a malicious website through the  malicious URL shorteners.

    Continue reading An Old Trick with a New Twist: Cryptomining Through Disguised URL Shorteners at Sucuri Blog.

  • Referral Program Update – Now Offering Agency Plan 18 May 2018 Referral Program Update – Now Offering Agency Plan

    Sucuri’s main objective is to make the internet a safer place for everyone. With that in mind, we created a Referral Program, which gives you the opportunity to advocate for website security and profit from it.

    Our referral partners use their custom link to recommend Sucuri products and receive a starting commission of 25% off the total net purchase when a customer signs up for our Platform and Firewall plans.

    Continue reading Referral Program Update – Now Offering Agency Plan at Sucuri Blog.

  • The Impacts of a Data Breach 15 May 2018 The Impacts of a Data Breach

    Have you ever wondered what happens if your e-commerce site is breached?

    Usually, when you think about data breaches, you think about big enterprise websites. Does that mean that big brands are the ones who suffer the most from data breaches? Actually not.

    Recently, Trustwave put out a report that states approximately 90% of breaches impact small merchants.

    Here are the top 3 compromised industries:

    • 1- Retail – 45%
    • 2- Food and Beverage – 24%
    • 3 – Hospitality – 9%

    This graph shows the top 3 compromised industries due to vulnerabilities that allow attackers to steal data; however, bear in mind that any website could become a victim.

    Continue reading The Impacts of a Data Breach at Sucuri Blog.

  • What is PCI Compliance? 10 May 2018 What is PCI Compliance?

    Sucuri aims at keeping the internet safe. That is why we are so keen on informing our customers of potential threats. We have posted many articles regarding ecommerce security breaches that steal credit card information, as well as the risks for ecommerce site owners.

    There can be many dangers when purchasing through a website, and with so many cyber threats attacking ecommerce platforms and payment gateways, it’s more important than ever to reassure your customers by implementing and maintaining Payment Card Industry (PCI) Compliance.

    Continue reading What is PCI Compliance? at Sucuri Blog.