Website Monitoring – WindowsTechs.com

Examining Unique Magento Backdoors

Posted on August 4, 2021 by Liam Smith

During a recent investigation into a compromised Magento ecommerce environment, we discovered the presence of five different backdoors that would provide attackers with code execution capabilities. The techniques used by the attackers in these backdoo… Continue reading Examining Unique Magento Backdoors→

Malicious Redirects Through Bogus Plugin

Posted on June 17, 2021 by Ben Martin

Recently we have been seeing a rash of WordPress website compromises with attackers abusing the plugin upload functionality in the wp-admin dashboard to redirect visitors and website owners to malicious websites.
The payload is the following bogus plu… Continue reading Malicious Redirects Through Bogus Plugin→

Server Side Scans and File Integrity Monitoring

Posted on May 13, 2021 by Ben Martin

When it comes to the ABCs of website security server side scans and file integrity monitoring are the “A” and “B”. In fact, our server side scanner is one of the most crucial tools in Sucuri’s arsenal. It’s paramount in maintaining an effective securi… Continue reading Server Side Scans and File Integrity Monitoring→

UCEPROTECT: When RBLs Go Bad

Posted on February 13, 2021 by Marc Kranat

Realtime Blackhole Lists (RBLs) can be a great tool in your security arsenal. You may not know you’re using them, but all email providers and company email servers leverage these services to verify whether servers and IP addresses are sending spam or … Continue reading UCEPROTECT: When RBLs Go Bad→

Why You Should Monitor Your Website

Posted on December 15, 2020 by Cesar Anjos

In an effort to maintain unauthorized access or profit off a website’s environment long after an initial compromise, attackers commonly leverage a variety of different techniques and tactics.
These techniques range from adding backdoors, stealing sens… Continue reading Why You Should Monitor Your Website→

Opening the Conversation about Website Security

Posted on October 9, 2020 by Stephen Johnston

The responsibility of ensuring that a website is protected falls on the website owner, but the security expectation may fall on the web service provider too.
As a professional, you are the trusted party and first point of contact.
Much of what your cl… Continue reading Opening the Conversation about Website Security→

SSL Testing Methods

Posted on February 17, 2020 by Marc Kranat

Not all SSL configurations on websites are equal, and a growing number push for HTTPS everywhere. There is an increasing demand to check and quantify that little padlock in your browser.
Some simple online tools provide a fast SSL report. They are SSL… Continue reading SSL Testing Methods→

5 Malware & Virus Scanning Tools You Need to Check Out

Posted on December 16, 2019 by Art Martori

Website malware is no joke. Our own research shows that with WordPress, by far today’s most common content management system (CMS), new infections are on the rise. Even with security researchers working constantly to uncover and remediate websit… Continue reading 5 Malware & Virus Scanning Tools You Need to Check Out→

5 Website Vulnerability Scanning Tools

Posted on December 4, 2019 by Art Martori

Even the most diligent site owners should consider when they had their last website security check. As our own research indicates, infections of the most popular content management systems (CMS) are on the rise. In fact, last year WordPress infections… Continue reading 5 Website Vulnerability Scanning Tools→

How to Audit & Cleanup WordPress Plugins & Themes

Posted on September 9, 2019 by Pilar Garcia

In an interview with Smashing Magazine our CoFounder (now Head of Security Products at GoDaddy) Tony Perez was asked the following question.
What Makes WordPress Vulnerable?
“Here’s the simple answer. Old versions of WordPress, along with … Continue reading How to Audit & Cleanup WordPress Plugins & Themes→