Security Education – Page 11

Missing DMARC Records Lead to Phishing

Posted on September 15, 2020 by Kaushal Bhavsar

Email will continue to be the dominant mode of digital communication for the foreseeable future. However, the email framework was not designed with security in mind. There still are security flaws that bad actors regularly exploit to their advantage.
… Continue reading Missing DMARC Records Lead to Phishing→

Web Crawler & User Agent Blocking Techniques

Posted on August 14, 2020 by Luke Leal

This is a simple script that allows hackers to block specific crawlers based upon website requests from specific user-agents. This is useful when you don’t want certain traffic from being able to load certain content – usually a phishing page or a mal… Continue reading Web Crawler & User Agent Blocking Techniques→

Sucuri Sit-Down Episode 3: Phishing Attacks with Luke Leal

Posted on August 4, 2020 by Justin Channell

Phishing attacks are one of the most popular methods for bad actors to gain access to a website environment. On this month’s podcast, analyst Luke Leal is with us to talk about these attacks. Topics covered include the motivation bad actors have… Continue reading Sucuri Sit-Down Episode 3: Phishing Attacks with Luke Leal→

Spox Phishing Kit Harvests Chase Bank Credentials

Posted on July 13, 2020 by Luke Leal

Phishing kits are the back end components to a phishing attack and are often designed to make it easier to deploy a phishing page.
These kits are typically bundled in compressed files, such as .zip archives, and contain the entire file infrastructure … Continue reading Spox Phishing Kit Harvests Chase Bank Credentials→

Vulnerabilities Digest: June 2020

Posted on July 6, 2020 by John Castro

Highlights for June 2020

Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of restrictions in critical functions and issues surrounding user input data sanitization.
Massive … Continue reading Vulnerabilities Digest: June 2020→

Sucuri Academy: Free Website Security Courses

Posted on June 29, 2020 by Juliana Lewis

We are happy to announce that we have launched Sucuri Academy to offer free website security courses.
Our main goal at Sucuri is to make the internet a safer place. One of our investments is creating the best educational content about website security… Continue reading Sucuri Academy: Free Website Security Courses→

Sucuri Sit-Down Episode 2: Malware Types Explained with Krasimir Konov

Posted on June 24, 2020 by Justin Channell

Malware comes in many different varieties. Analyst Krasimir Konov is on this month’s Sucuri Sit-Down to help keep them all straight. From malicious iframes to SEO spam, join host Justin Channell as he racks Krasimir’s brain on all the diff… Continue reading Sucuri Sit-Down Episode 2: Malware Types Explained with Krasimir Konov→

What is the Gibberish Hack?

Posted on June 12, 2020 by Justin Channell

Discovering some random folder with numbers and letters you don’t remember on your website would make any website owner put on their detective cap. At first, you may think, “Did I leave my FTP client open and my cat ran across the keyboard… Continue reading What is the Gibberish Hack?→

How to Find & Fix WordPress Pharma Hack

Posted on June 1, 2020 by Justin Channell

It’s hard for any website owner to discover pharmaceutical spam. Finding bogus content for prescription drugs on a website you watched grow from a tiny blog can be heartbreaking. But don’t blame your website: it just got caught up in a bad… Continue reading How to Find & Fix WordPress Pharma Hack→

Meet the Victims of Online Scams

Posted on May 28, 2020 by Art Martori

Imagine a lonely person who’s looking for romantic companionship, so they turn to the internet. Picture someone who’s terribly anxious for news about an online payment that will ease their paycheck-to-paycheck existence. Or perhaps you&#82… Continue reading Meet the Victims of Online Scams→