Top 10 Website Hardening Tips

http://feedproxy.google.com/~r/sucuri/blog/~3/rmrG-RVQxog/top-10-website-hardening-tips.html
Website hardening means adding layers of protection to reduce the risk of website attacks, a process known as “defense in depth.” Here are our top 10 virtual hardening principles: 1 – Keep your website updated Every single piece of software required to run your application needs to be kept up to date with the latest patches and security updates. Website vulnerabilities come in all shapes and sizes, so it is important to update your CMS along with any third party components like plugins, themes, and extensions. Continue reading Top 10 Website Hardening Tips at Sucuri Blog.

What Are Ethical Hackers?

http://feedproxy.google.com/~r/sucuri/blog/~3/6fLhjVXGn74/what-are-ethical-hackers.html
There’s an issue with how some people define the word “hacker.” For some, it’s a word synonymous with “cybercriminal,” but not in the infosec community. White hat hackers (the good guys) are the ones who find security issues so they can be fixed. The world is a lot better off because of them. Every day we interact with web applications and services built using programming languages. Hackers, both the white and black hat, comb through millions of lines of source code. Continue reading What Are Ethical Hackers? at Sucuri Blog.

What is the Cost of Cybercrimes & Attacks

http://feedproxy.google.com/~r/sucuri/blog/~3/nOGiKOZylyA/cost-of-cyber-attacks.html
The word cybercrime is no longer just a word you hear coming from Fortune 500 CEOs anymore. This word has being flashed on every good morning news show and radio channel. Cybercrime can target any business or website owner. Even the average person who thought they were safe from hackers because they didn’t own a business – or their business wasn’t “big enough” to be hacked – can become a cybercrime victim. What Constitutes a Cybercrime A cybercrime is classified as any illegal or unethical activity committed through the use of the internet or a computer. Continue reading What is […]

Down the Malware Rabbit Hole – Part 1

http://feedproxy.google.com/~r/sucuri/blog/~3/fvYNq_JE-R8/down-the-malware-rabbit-hole-part-1.html
It’s common for malware to be encoded to hide itself—or its true intentions—but have you ever given thought to what lengths attackers will go to hide their malicious code? In our first post in this series, we’ll describe how bad actors hide their malicious code and the steps taken to reveal its true form. Malware Obfuscation in Simple Terms To begin, you’ll first need to understand a few simple concepts about malware and obfuscation. Continue reading Down the Malware Rabbit Hole – Part 1 at Sucuri Blog.

A New Wave of Buggy WordPress Infections

http://feedproxy.google.com/~r/sucuri/blog/~3/NTMcxT8UyUQ/a-new-wave-of-buggy-wordpress-infections.html
We’ve been following an ongoing malware campaign for the past couple of years now. This campaign is renowned for its prompt addition of exploits for newly discovered WordPress theme and plugin vulnerabilities. Every other week, the attackers introduce new domain names and slightly change the obfuscation of their scripts to prevent detection. For example, last week they started using URLs on the following domains: * dns.createrelativechanging[.]com (Creation Date: 2019-09-19) * bes.belaterbewasthere[.]com  (Creation Date: 2019-09-21) To provide more context, you can find additional posts following the evolution of this malware campaign below. Continue reading A New Wave of Buggy WordPress Infections […]

National Cybersecurity Awareness Month

http://feedproxy.google.com/~r/sucuri/blog/~3/YyCmlxtrqHk/national-cybersecurity-awareness-month.html
Since 2003, October has been recognized as National Cybersecurity Awareness Month. It is an annual campaign to raise awareness about the importance of cybersecurity and being a better digital citizen. October has just started and a majority of security companies are promoting internet security. With the holidays fast approaching, it is a crucial time for website owners, especially ones with an e-commerce website, to be cyber secure. The end of the year is also the season when hackers try to profit the most. Continue reading National Cybersecurity Awareness Month at Sucuri Blog.

Zero-Day RCE in vBulletin v5.0.0-v5.5.4

http://feedproxy.google.com/~r/sucuri/blog/~3/C0lXQcD0tyc/zero-day-rce-in-vbulletin-v5-0-0-v5-5-4.html
A new remote code execution (RCE) zero-day vulnerability has been disclosed by an anonymous researcher on the Full Disclosure mailing list this past Monday. This vulnerability is extremely severe. It allows any website visitors to run PHP code and shell commands on the site’s underlying server. Am I At Risk? At the time of writing this, this is still a zero-day vulnerability—meaning there are no official patches available to fix this issue. Continue reading Zero-Day RCE in vBulletin v5.0.0-v5.5.4 at Sucuri Blog.

The Hacker Returns: A Backdoor Edition

http://feedproxy.google.com/~r/sucuri/blog/~3/7zkxQvxRAUo/the-hacker-returns-a-backdoor-edition.html
Once an attacker manages to hack and gain access to a target site or system, they typically work hard to maintain their access—as long as it can to help them achieve their goals. You can think of it like having an annoying party-crasher at your pool party who decides to stick around uninvited, hiding out somewhere and using all of your stuff. In a large majority of hacked sites, attackers often plant and place something called a backdoor. Continue reading The Hacker Returns: A Backdoor Edition at Sucuri Blog.

Fake SSO Used In Multi-Email Provider Phishing

http://feedproxy.google.com/~r/sucuri/blog/~3/JPq4in-4Enw/fake-sso-used-in-multi-email-provider-phishing.html
Single sign-on (SSO) allows users to sign into a single account (e.g Google) and access other services like YouTube or Gmail without authenticating with a separate username and password. This feature also extends to third party services such as the popular Dropbox file sharing application, which offers users the option to access their account using Google’s authentication from their sign in page. Malicious Pages Mimic Popular Login Workflows SSO is very convenient for most users. Continue reading Fake SSO Used In Multi-Email Provider Phishing at Sucuri Blog.

Fake Human Verification Spam

http://feedproxy.google.com/~r/sucuri/blog/~3/4tX55M9L31s/fake-human-verification-spam.html
We recently released an update to our Labs Knowledgebase for new plugins that had been targeted during the month of July 2019. One of these newly targeted plugins was Advanced Booking Calendar — and it didn’t take long before we were receiving clean up requests for websites that had already been exploited through this plugin. Malicious Payload in Appointment Booking Plugin After our investigation, we discovered that the malicious payload was similar to the one listed in our July 2019 Labs Knowledgebase post. Continue reading Fake Human Verification Spam at Sucuri Blog.