Our Story

Sucuri In the Media

Check out various posts and articles interviewing the the team, or referencing Sucuri Security, our services, and tools.

As seen on TechCrunch, CNN, USA Today, CSO Online, CIO Magazine, PC World, SC Magazine, TechCrunch, TheNextWeb, BloggingTips and many others.


CNETMarch 2014, CNET
DDoS attack is launched from 162,000 WordPress sites

Security firm Sucuri said hackers leveraged a well-known flaw in WordPress that allows an attack to be amplified by harnessing unsuspecting Web sites. It’s unclear which site was the victim of the cyberattack, but Sucuri said it was a “popular WordPress site” that went down for many hours.


Ars TechnicaMarch 2014, Ars Technica
Attackers trick 162,000 WordPress sites into launching DDoS attack

Our friends over at Sucuri posted an interesting blog regarding a Distributed Denial of Service attack (DDoS) where 162,000 WordPress sites were enlisted to attack a single website.


Umbrella Security LabsMarch 2014, Umbrella Security Labs
WordPress DDoS Visibility From OpenDNS

“Can you see how powerful it can be?” Sucuri CTO Daniel Cid wrote in a blog post published Monday. “One attacker can use thousands of popular and clean WordPress sites to perform their DDoS attack, while being hidden in the shadows, and that all happens with a simple ping back request to the XML-RPC file.”


EntrepreneurFebruary 2014, Entrepreneur Magazine
Sucuri ranked top 25 .net website by Entrepreneur Magazine!

Entrepreneur and Verisign came together to assemble the ranking, which is based on quantitative factors and the feedback from Entrepreneur’s audience of sophisticated, successful business owners.


Jul 2013, CSO Online
Attackers embedding backdoors into image files

Researchers at Sucuri, a firm focused on website security awareness and attack recovery, have discovered attackers using a known, but a rather uncommon method of maintaining access to an already compromised server: They’re hiding backdoors inside the headers of legitimate image files.


May 2013 – USA Today
Über stealthy malware infects Apache webservers

ESET and Sucuri teamed up to analyze the coding of bad guys who’ve begun using AVT malware, dubbed Linux/Cdorked.A, to seed infections onto hundreds of legit websites that rely on Apache webservers.


BloombergFebruary 2013, Bloomberg
NBC.Com Back Online After Hackers Knocks Out Service

Hackers infected NBC.com with Citadel Trojan, a data- stealing malware that can spread to the machines of visitors, according to Tony Perez, chief operating officer of Sucuri Inc., which monitors websites and can remove malware.


CNN MoneyFebruary 2013, CNN Money
NBC hack infects visitors in ‘drive by’ cyberattack

The hack, which affected NBC.com and related sites for “Late Night with Jimmy Fallon” and “Jay Leno’s Garage,” infected visitors to the compromised sites with the Citadel Trojan.


NBC NewsFebruary 2013, NBC News
NBC.com hacked, say security researchers

Tony Perez of Sucuri Blog independently confirmed the malware and added that exploits were found on other sites related to NBC.com, such as the site for Late Night with Jimmy Fallon. Until NBC or security researchers report otherwise, it’s best to avoid these sites for now.


CNETFebruary 2013, CNET
NBC Web site back up after hack attack

The hack caused Google to temporarly blacklist NBC.com, according to malware monitoring site Sucuri. The attack affected not only NBC’s main site but related sites, such as Late Night with Jimmy Fallon and Jay Leno’s Garage, Sucuri said in a blog post yesterday.


January 2013, CIO Magazine
Web Server Hackers Install Rogue Apache Modules and SSH Backdoors, Researchers Say

In many cases investigated by Sucuri, the server administrator had removed the rogue Apache module and changed his password, but the infection re-appeared a few days later, Cid said.


MacVoices TVJanuary 2013, NMX BlogWorld

Sucuri Co-Founder Dre Armeda interviewed by Chuck Joiner


October 2012, CIO Magazine
Unprotected Apache server status pages put popular websites at risk

Sucuri researchers ran a test that involved crawling over 10 million websites and found hundreds of them that expose their server status pages to the whole world. The list of affected websites includes php.net, metacafe.com, disney.go.com, staples.com, nba.com, cisco.com, ford.com, apache.org and many others. Some of them have fixed the problem since Sucuri’s report, but many haven’t.


CNN July 2012 – CNN
Yahoo password hack draws frustration, jokes

CNN Tech is not linking to the hackers’ Web page. But security firm Sucuri Labs has created a page with a tool it says will tell users whether their e-mail address was leaked.


NYTimes July 2012 – NYTimes Bits
Yahoo Breach Extends Beyond Yahoo to Gmail, Hotmail, AOL Users

Sucuri, a company that checks for malware, set up a Web site, labs.sucuri.net/?yahooleak, that lets concerned users check if their account details were compromised in the breach.


July 2012 – USA Today
Give Your Passwords a Security Check-up

You can see if your account was among those compromised by checking your e-mail address at a page set by Sucuri Malware Labs, a Menifee, Calif., security vendor: http://labs.sucuri.net/?yahooleak.


ABC News July 2012 – ABC News

Yahoo Password Breach Includes Gmail, Hotmail and AOL Users

Security firm Sucuri said that more than 100,000 Gmail addresses were included in the breach. The same firm created a script based on the leak that allows users to see if their account or password was among the ones leaked. You can go to http://labs.sucuri.net/?yahooleak and see if yours was one of them.


Huffington Post July 2012 – Huffington Post
Yahoo Password Check: Has Your Email Account Been Compromised?

So how can you tell if you’re among the hacked? Tech Crunch has pointed to the security source Sucuri, a web monitoring site, where users can verify whether they’re among the victims of the leak.

Click here to visit Sucuri and see if your own information was compromised.


Gizmodo July 2012 – Gizmodo
How to Check If Your Email Password Was One of 453,000 Leaked This Morning

 

Security company Sucuri has put together a tool to check if your email is included in the 400,000+. It also notes that you might want to check even if your account isn’t at Yahoo:

[Sucuri] notes that 135,599 emails came from yahoo.com; but that a further 106,185 came from gmail.com; 54,393 from hotmail.com; 24,677 from aol.com; 8,422 from comcast.net and 6,282 msn.com.


July 2012, TechCrunch
Yahoo Confirms Apologizes for The Email Hack Says Still Fixing Plus Check If You Were Impacted Non-Yahoo Accounts Apply

Meanwhile, Sucuri, the company that created the above script, also has started to analyst the breached list. It identified some of the most common domains in the hacking list, including the most common passwords, and further analysis on password length.


May 2012, CIO Magazine
PHP Patches Actively Exploited CGI Vulnerability

Security researchers from website integrity monitoring firm Sucuri Security also reported seeing successful CVE-2012-1823 exploitation attempts since the weekend that resulted in the targeted websites being compromised.

The attackers are first sending a malicious query that includes the “-s” php-cgi flag to test if the targeted websites are vulnerable and then installed a backdoor through a query with the “-d” flag, Sucuri’s chief technology officer, Daniel Cid…


Mar, 2012, CIO Magazine
WordPress Blogs Infected Distribute Rogue Antivirus

Sucuri researchers have also been tracking this scareware distribution campaign and found that a rogue WordPress plug-in called ToolsPack has been installed on many of the compromised blogs. The plug-in masquerades as a collection of WordPress administration tools, but in reality it contains a backdoor that attackers use to maintain their unauthorized access to the affected sites, Dede said.


PCWorldFeb, 2012, PC World
How To Tell If A Link Is Safe Without Clicking On It

To scan the mysterious shortlinks you’ll often find on Twitter and Facebook, use Sucuri. Sucuri automatically expands the shortlink and draws upon a handful of services, such as Google, Norton SafeWeb, and PhishTank, to determine if the real link is safe.


Jun, 2011, Entrepreneur.com
How to Fend Off a New Kind of Cyber Attack

Smola recommends using a service like Sucuri Web Integrity Monitoring, which lets you know if malware is found on your website.


Dec, 2010, TechCrunch
Hackers Embed Spam Into Google Search Listings For Unsuspecting Sites

A security scanning company called Sucuri.net has made us aware of a new exploit that adds a unique module to many Apache web servers that will, under the right circumstances, return spam links to Google and certain browsers. This is, in short, one of the first targeted spam systems I’ve seen in the wild…


Dec, 2010, Blogging Tips
Sucuri – An Alarm and Recovery System for Your Website

Has your WordPress blog ever been hacked? Did the culprit somehow add a whole bunch of malicious content to your blog that you had no clue how to get rid of? It has happened to me and I’m sure it has happened to some of you as well. Next time you’re in a stressful situation like this, let Sucuri come to the rescue! If you’ve been a victim of blog hacking and malware or are just looking for some ongoing protection and monitoring for your site, they can help.


Nov, 2010, The NextWeb
Try This: Sucuri. Virus, Malware and DNS protection for your website

The idea is that Sucuri is somewhat like a malware scanner for your website. However, it also provides real-time monitoring of changes to your DNS, Whois and SSL settings. Considering the number of sites that we see which get DNS hijacked or otherwise taken over, this is becoming an important tool to have in your arsenal.


SC MagazineApril, 2010, SC Magazine
WordPress Users Report Hacked Blogs

Sucuri recommended affected users “revert your siteurl back to the previous value. Log in to your control panel, go to ‘manage database,’ and edit the siteurl value on ‘wp-option table.’”.

Testimonials

    • Sucuri helps me sleep at night knowing that our websites and user data is secure. Over the years, Sucuri has helped us detect and prevent major hack attempts. I recommend Sucuri to all of my clients and users because they offer the most comprehensive and cost effective WordPress security solution. I've done my industry research, and there's no one better than these guys.

      —Syed Balkhi, Founder, WPBeginner

      WPBeginner

    • Let's be honest: the web can be a scary place sometimes. Having done many a WordPress malware cleanup in my day, I've found Sucuri to do a better job than I ever hoped I could do. Not only are they thorough, but they're fast as heck and affordable to boot. You don't just walk into a bad situation without some protection. Sucuri *is* that protection.

      —Andrew Norcross, Founder & Lead Developer @Reaktiv Studios, WordCamp Speaker

      Reaktiv Studios

    • We partnered with Sucuri for our WordPress migration and dehacking services as their capabilities are significantly more comprehensive than anything we’ve seen in the industry.

      —Brian Clark, CEO of Coppyblogger Media

      Websynthesis

    • I like to think I know security, but there is only one company I trust when it comes to the security of my websites, that company is Sucuri. They are, in my opinion, hands-down the leader in web-malware protection and cleanup services. Trust the experts, hire these fools!

      —Brad Williams, Co-Founder WebDevStudios, Co-Author Professional WordPress Series

      WebDevStudios

    • When you’re talking about protection for your WordPress site and the things most important to you — your content — you want to trust the experts. There’s really no better choice than the team at Sucuri.

      —Cory J. Miller – Founder / CEO of iThemes.com

      iThemes

    • Before Sucuri we didn’t know that someone was hacked until they told us. (Or actually, when Google blocked their site!) Now we find and fix problems before they even know what’s happening. It’s a Godsend, it’s as simple as possible, and it’s so affordable that quite frankly it’s irresponsible to not use them!

      —Jason Cohen, CEO of WP Engine

      WP Engine

    • As the owner of ClickHOST.com, a shared web hosting company, we are always fighting malware and spam. Recently we partnered with Sucuri and now all our accounts are monitored. I love this product! It not only protects our customers from malware, but these guys will fix a hack in 4 hours.

      —Carel Bekker, Owner/President of ClickHOST.com

      ClickHOST

    • Sucuri is my go to service for web based security and are the group that I recommend, exclusively, to my clients and readers, in particular WordPress users.  They are affordable, they work fast and they get the job done – as a bonus, they’re a fun group to work with!

      —Lisa Sabin-Wilson – Author: WordPress For Dummies; Designer, Co-Founder Allure Themes, Founder E. Webscapes

      E. Webscapes

    • Though I believe my sites are secure, it would be inexcusable for me not to use Sucuri’s service and be absolutely sure around the clock.

      —Scott Kingsley Clark, Lead Developer, Pods Framework

      Pods

Scan your website FOR FREE