Sucuri Sit-Down Episode 4: XSS & WP Plugin Vulnerabilities with Antony Garand

October is National Cyber Security Awareness Month, and we’re back with analyst Antony Garand to take a deeper look into cross site scripting (XSS) attacks and WordPress plugin vulnerabilities. Plus, host Justin Channell will catch you up on the latest website security news from the Sucuri blog. For further reading about any of these topics, check out these blogs we reference in the episode: WordPress Malware Disables Security Plugins to Avoid Detection Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites Reflected XSS in WordPress Plugin Admin Pages Backdoor Shell Dropper Deploys CMS-Specific Malware Magento Multiversion (1.x/2.x) Backdoor Justin […]

Redirects to YouTube Defacement Channel

During a recent investigation, we found an infected website was redirecting to YouTube after its main index.php file had been modified to include the following line of HTML: <meta http-equiv=’refresh’ content=’2;url=’> This technique works because it’s possible to use HTML within .php files — as long as the HTML is outside the PHP code tags. In this case, the HTML is the only code that exists, so there are no PHP tags to avoid. Continue reading Redirects to YouTube Defacement Channel at Sucuri Blog.

SiteCheck Malware Report: September Summary

Our free SiteCheck tool helps website owners remotely scan their website to detect malware infections, blacklisting status, website errors, and other anomalies. Scanning a website’s external HTML source code provides immediate results, without the need to install any software or applications to identify threats. In September alone, a total of 17,138,086 website scans were performed using SiteCheck. Of those scans, 178,299 infected sites were detected.  While not as comprehensive as server-side scanners, users are able to instantly identify malicious code, find outdated software and plugins, and detect website security issues. Continue reading SiteCheck Malware Report: September Summary at Sucuri Blog.

Throwback Threat Thursday: JCE Vulnerability

Despite WordPress’ market share completely overshadowing other CMS’, Joomla (previously known as Mambo) has still managed to retain its position as the second most popular CMS. In fact, even with a decreasing market share in the overall CMS landscape, there are still well over a million live websites using Joomla to manage their digital content. As a result, this large installation size makes Joomla an attractive target when it comes to malicious users targeting vulnerabilities. Continue reading Throwback Threat Thursday: JCE Vulnerability at Sucuri Blog.

NIST Cybersecurity Framework

The United States National Institute of Standards and Technology (NIST) has created a  framework for improving critical infrastructure cybersecurity, referred to as the NIST Cybersecurity Framework. The main objective of this framework is to offer organizations a list of items for assessing and enhancing their capacity for preventing, detecting and responding to cyberattacks. According to the framework, cybersecurity should be considered part of an organization’s risk management operations. What the NIST Cybersecurity Framework? The NIST Cybersecurity Framework is a set of best practice guidelines to help organizations and businesses improve their cybersecurity processes. Continue reading NIST Cybersecurity Framework at Sucuri […]