How to Create a Strong Password

Reverse String WooCommerce WordPress Credit Card Swiper

As 2020 continues to be the worst year in almost anybody’s lifetime, allow me to take this opportunity to stoke the fires of your existential dread even further. As a sequel to my last blog post earlier this year about the credit card swiper that I found on a WordPress ... Read More
Analysis of a WordPress Credit Card Swiper

Analysis of a WordPress Credit Card Swiper

While working on a recent case, I found something on a WordPress website that is not as common as on Magento environments: A credit card swiper injection. Typically this type of malware targets dedicated ecommerce platforms such as Magento and Prestashop (due to their focus in handling payment information, which ... Read More
Neapolitan Backdoor Injection

Neapolitan Backdoor Injection

Most of us are familiar with Neapolitan ice cream: a flavour whose distinguishing characteristic is not one single flavour but several. Many also know it as the ice cream which your roommate eats all of the chocolate, leaving you with the paltry remains of the notably less popular vanilla and ... Read More
Typo 3 Spam Infection

Typo 3 Spam Infection

Here at Sucuri most of the malware that we deal with is on CMS platforms like: WordPress, Joomla, Drupal, Magento, and others. But every now and then we come across something a little different. Blackhat SEO Infection in Typo3 Just recently, I discovered a website using the Typo3 CMS that ... Read More

Fear, Uncertainty, and Doubt

There’s a term for the practice of scaring potential customers into purchasing products or services they don’t need: FUD; fear, uncertainty, and doubt. This practice is widespread in the computer/IT industries at large, but is especially present in the security industry. People don’t want to get hacked—but may also not ... Read More