SQL injection is one of the most common types of web hacking techniques used today. As data breaches continue to happen to some of the most high-profile corporations and brands, it’s become more important for web users to adapt to these increased breaches with changes in behavior like system generated passwords and 2FA. In this
With DDoS attacks being an ever growing threat to servers across the globe, it’s become a fundamental part of website security. This impacts businesses both in terms of site presence, availability and profits. Over the last 8 or so years the web has had to evolve to respond to the increase in these attacks. For
Kayleigh Martin is a tier 2 Website Security Analyst. Her daily responsibilities include investigating sites for malware, removing the malware, and advising clients on how to prevent future attacks. The most exciting part of her day is finding new malware that’s not been seen before. She finds that if she focuses on doing her job
When a website is added to a blocklist by blocklist authorities it can be painfully stressful for their business. SEO rankings take a dive, and loss in revenue/traffic is hit even harder if not resolved quickly. In this article we’ll be discussing what blocklists are exactly, why you should consider them when starting a website,
On January 6th, Automattic released an important security update for the WordPress core which addresses four separate vulnerabilities. WordPress website administrators are advised to update their websites immediately. All WordPress versions between 3.7 and 5.8 are affected by this, and the security issues include SQL injection, stored XSS and object injection, which we will review
Part I of our 2021 Security Walkthrough shows the initial 5 posts of our top 10. 6 – Vulnerable Plugin Exploited in Spam Redirect Campaign It was brought to our malware research team’s attention that a vulnerability was discovered in old, unpatched versions of the wp-user-avatar plugin. The type of vulnerability found is known as
Over the last year, Sucuri has provided a wide array of posts in regards to how sites are infected, the types of attacks we’ve discovered, how to detect them, and how to prevent future infections with certain methods and tools. In this article we’ll discuss our top 10 posts involving website security, and what site
As with most years, there’s been a wide array of critical vulnerabilities found within content management systems, plugins, API keys, etc. We’ll be recapping our discoveries and how these vulnerabilities were exploited, or potentially could have been. Adobe Patches Critical Magento Vulnerabilities This past year, Adobe released several critical security patches for both their commercial
Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 / 7.7 Vulnerability: Privilege Escalation, SQL Injection Patched Version: 4.1.5.3 Last week, security researcher at Automattic Marc Montpas recently discovered two severe security vulnerabilities within one of the most popular SEO plugins used by WordPress website owners: All in One SEO. The plugin is used by
Did you know that one quarter of all spam emails are accredited to pharmaceutical ads? Pharma hacks go beyond the inbox and spam websites by redirecting traffic and adding fake keywords and subdomains to the search results. Why, and how did the medical world get tangled up in spam emails, SEO spam, redirects, and website
