SQL Triggers in Website Backdoors

Posted on

Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within compromised databases. These queries inject an admin level user into the infected database whenever the trigger condition is met. What makes this especially problematic for website owners is that most malware cleanup guides focus […]

When you go fighting malware don´t forget your VT plugins

Posted on

It’s been a year since we launched our VirusTotal plugin for IDA Pro, followed by SentinelOne’s amazing contribution to the community with their VirusTotal plugin for GHIDRA (thanks again for the great job), inspired by the original IDA plugin but adding some cool extra features. Now, what are IDA Pro and Ghidra? These tools are […]

UCEPROTECT: When RBLs Go Bad

Posted on

Realtime Blackhole Lists (RBLs) can be a great tool in your security arsenal. You may not know you’re using them, but all email providers and company email servers leverage these services to verify whether servers and IP addresses are sending spam or other abusive content against a known list of offenders. These services use a […]

Optimizing Performance and Behavior with WordPress and the Sucuri WAF

Posted on

Aside from providing significant protection from a wide range of threats, the Sucuri WAF also acts as a CDN due to its caching capabilities and regional PoPs — often performing even better than dedicated CDNs based on recent tests. CDNs can significantly help speed up your website by storing and delivering content as close to […]