Drupal Security
Backdoor Shell Dropper Deploys CMS-Specific Malware
A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and execute whatever commands they want. Another common ...
New Drupal Website Security Best Practices Guide
When it comes to content management systems (CMS) for websites, Drupal is a highly flexible and extendible open-source solution. It is often preferred by technical developers and large government and educational websites ...
Hacked Website Threat Report – 2019
The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities to massively ...
CoinImp Cryptominer and Fully Qualified Domain Names
We are all familiar with the conventional domain name notation, where different levels are concatenated with the full stop character (period). E.g. “www.example.com”, where “www” is a subdomain, “example” is a second ...
Massive localstorage[.]tk Drupal Infection
After a series of critical Drupal vulnerabilities disclosed this spring, it’s not surprising to see a surge of massive Drupal infections like this one: Massive #Drupal infection that redirects to "Tech Support" ...
Hacked Website Trend Report – 2017
We are proud to be releasing our latest Hacked Website Trend Report for 2017. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which includes the ...
New Guide on How to Clean a Hacked Website
Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research website vulnerabilities and who are eager to ...
