Sucuri Security

Santa Claus is coming! Was your website naughty or nice this year? Here is a quick checklist of the top 10 bad things that can harm your website security and the top 10 good things that can improve your website security. Naughty Websites List If your website falls into any of these categories, this is …

McAfee uncovered a campaign tracked as Operation Sharpshooter that hit at least 87 organizations in global defense and critical infrastructure. Security experts at McAfee uncovered a hacking campaign, tracked as Operation Sharpshooter, aimed at infrastructure companies worldwide. The threat actors are using malware associated with Lazarus APT group that carried out Sony Pictures attack back in …

To bring awareness to what threatens the integrity of websites, we are continuing a series of posts on the OWASP top 10 security risks. The OWASP Top 10 list consists of the 10 most seen application vulnerabilities: Injection Broken Authentication Sensitive data exposure XML External Entities (XXE) Broken Access control Security misconfigurations Cross Site Scripting …

‘ The Seedworm APT Group has targeted more than 130 victims in 30 organizations since September including NGOs, oil and gas, and telecom businesses. According to a new research conducted from Symantec’s DeepSight Managed Adversary and ThreatIntelligence (MATI) team, the Seedworm APT group, aka MuddyWater, is rapidly evolving and extended its targets to the telecom, IT …

Experts from Malwarebytes discovered a new strain of Mac malware, tracked as DarthMiner, that is a combination of two open-source programs.  Experts from Malwarebytes discovered a new piece of Mac malware, tracked as DarthMiner, that is the combination of two open source tools. The malware is distributed through Adobe Zii, an application supposedly helps in the piracy …

We recently investigated a suspicious link received by one of my colleagues on WhatsApp. The message (in Portuguese) states that Volkswagen is offering 20 free cars until the end of the year, and directs users to participate on a site that has been apparently crafted especially for this “event”. After an initial investigation, it became …

Malware researchers at Yoroi – Cybaze Z-Lab analyzed the MuddyWater Infection Chain observed in a last wave of cyber attacks. Introduction At the end of November, some Middle East countries have been targeted by a new wave of attacks related to the Iranian APT group known as “MuddyWater“: their first campaign was observed back in …

Credit card stealing malware is becoming more and more customized. We’ve been regularly seeing injected scripts with URLs that either mimic or include a portion of the victim’s site domain. Sometimes the injected code also references the victim’s site. Recently, we’ve come across another level of customization. Fake Payment Form in Bulgarian A compromised Magento …

The US Department of Homeland Security (DHS) and the FBI issued a joint alert on SamSam attacks targeting critical infrastructure. The US Department of Homeland Security (DHS) and the FBI published a joint alert on the activity associated with the infamous SamSam ransomware. The SamSam hackers extorted over 200 organizations, including public institutions, municipalities, and hospitals, they …

Palo Alto Networks recently discovered a malware dropper, dubbed CARROTBAT, that supports a dozen decoy document file formats to drop many payloads. Experts from Palo Alto Networks have recently discovered a malware dropper, dubbed CARROTBAT, that supports a dozen decoy document file formats to drop many payloads. Security experts from Palo Alto Networks have discovered …