When we started Sucuri we set out to make enterprise security accessible, affordable, and effective for every day webmasters. It was at a time when open-source platforms like WordPress, Joomla!, Drupal, and others were changing the web landscape. With them…
For every gleaming new IoT device that hits the market, a hacker somewhere is figuring out how to compromise it. Today, even routine activities can land you in the sights of a bad actor. Imagine what a bad day could…
On October 27, 2020 at approximately 4:50pm Mountain Time, Donald Trump’s campaign website, www.donaldjtrump.com, was defaced. The attackers left a message claiming they had compromising information on President Trump. The defacement page contained two Monero cryptocurrency wallet IDs encouraging visitors…
Last year, we introduced Wordfence Central and today thousands of WordPress site owners are using this free tool to manage their WordPress sites. Whether you’re using Wordfence Premium or still on the free plugin, Wordfence Central makes it possible for…
A PHP shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that attackers often reuse the code from some of the most popular PHP web shells, like WSO or b374k. After all,…
An easily exploitable SQL injection vulnerability was discovered in the Loginizer plugin installed on over one million WordPress sites, causing the WordPress team to force an update to sites using the vulnerable version. The Justice Department is filing antitrust suit…
In the spirit of National Cyber Security Awareness Month (NCSAM), let’s talk about a security basic that many people overlook: passwords. These are one of the most fundamental aspects of website security, yet we too often see webmasters taking a…
We often see hackers reusing the same malware, with only a few new adjustments to obfuscate the code so that it is more difficult for scanning tools to detect. However, sometimes entirely new attack tools are created and deployed by…