Browse through our meticulously curated selection of advanced security content across a broad range of topics, tailored to your preferred content type and media.
Designed for all platforms and custom sites
Our Top Picks for You
The latest trends in website malware with Sucuri’s SiteCheck 2023 Mid-Year Report. We summarize the most common malware detected on infected websites in the first half of the year, including SocGholish, Balada Injector, NDSW, SEO spam, and other prevalent website infections.
It’s estimated that 98.5% of sites who advertise use Google Ads to generate revenue and bring in traffic. That’s a hefty number of websites who…
What is a Content Security Policy (CSP)? A Content Security Policy (CSP) is a security feature used to help protect websites and web apps from…
Critical errors on any system can be extremely frustrating. But if you’ve recently encountered the “There has been a critical error on this website”...
Learn about the 2020 OWASP Top 10 vulnerabilities for website security and protect your site from security risks.
Nowadays, the term DDoS raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they might be familiar with the effects of getting DDoSed...
If you've recently discovered that your WordPress site is redirecting other sites or unwanted ads, then your website may have been hacked. Learn about how to fix the WordPress redirect hack and clean up the malware...
Join our program and earn commission for referring Sucuri customers. Perfect for webmasters, developers, hosts, marketers, agencies, and freelancers.
When it happens not only do you lose traffic or potential site revenue, but it can also reflect badly on your site’s reputation and even affect your Google rankings...
Help your web agency and your clients by providing website security solutions with clear expectations.
Imagine for a moment that you’re searching for a topic. You find what you’re looking for on the first page of Google’s search results and click through to the website. But instead of the expected web page, you find yourself staring down the barrel of a 503...
Discover how to remove Google blocklist warnings from your site by fixing hacks and requesting a review.
Hacked websites are known to result in a plethora of headaches for webmasters, including malicious redirects, broken links, and unwanted spam content....
Find out how to deal with a hacked Magento site and ecommerce security by following our infographic.
Regular website backups are the foundation of a solid website security plan. In the event of data loss or malware infection, restoring a WordPress backup...
Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites...
Earlier this June, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected...
In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish...
We all know why bad actors infect sites: monetary gain, boosts in SEO ratings for their malware or spam campaigns and a number of other reasons explained in our post...
On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by PatchStack...
Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of backdoors...
Understand key takeaways from our 2016-Q2 report on trends in website security and active malware campaigns.
Understand key takeaways from our 2016-Q3 report on trends in website security and active malware campaigns.
WordPress is the most popular website platform, making it a target. Learn basic WordPress security techniques and actionable steps to reduce the risk of a compromise.
It’s estimated that 98.5% of sites who advertise use Google Ads to generate revenue and bring in traffic. That’s a hefty number of websites who…
What is a Content Security Policy (CSP)? A Content Security Policy (CSP) is a security feature used to help protect websites and web apps from…
Critical errors on any system can be extremely frustrating. But if you’ve recently encountered the “There has been a critical error on this website”...
Nowadays, the term DDoS raises the heart rate of most webmasters. Though many don’t know exactly what a DDoS attack is, they might be familiar with the effects of getting DDoSed...
Understand how to keep your Joomla website safe from hackers and use best practices to protect your visitors and content from compromise.
Learn about the PCI DSS compliance requirements, risks and impacts of non-compliance, and ecommerce security with our PCI DSS compliance checklist.
If you've recently discovered that your WordPress site is redirecting other sites or unwanted ads, then your website may have been hacked. Learn about how to fix the WordPress redirect hack and clean up the malware...
Website security is a top priority for any website owner or webmaster. Learn how to secure and protect your site from hackers with our in-depth guide.
Learn about brute force attacks and how you can prevent brute force and protect your website.
When it happens not only do you lose traffic or potential site revenue, but it can also reflect badly on your site’s reputation and even affect your Google rankings...
Learn what SQL injection is and how it works. See the different types and examples of attacks, and find out how you can protect and clean your website from an SQL injection.
Imagine for a moment that you’re searching for a topic. You find what you’re looking for on the first page of Google’s search results and click through to the website. But instead of the expected web page, you find yourself staring down the barrel of a 503...
WordPress is the most popular website platform, making it a target. Learn basic WordPress security techniques and actionable steps to reduce the risk of a compromise.
Website malware can come in many different types and from many places. Learn what website malware is.
DDoS attacks disrupt a website’s availability, causing downtime for hours or days. Learn what happens in various types of DDoS attacks and how to protect against them.
Hacked websites are known to result in a plethora of headaches for webmasters, including malicious redirects, broken links, and unwanted spam content....
Regular website backups are the foundation of a solid website security plan. In the event of data loss or malware infection, restoring a WordPress backup...
Welcome to our guide on identifying and avoiding every type of imaginable scam from social engineering to pharmaceuticals to parcel fraud.
Learn how to clean a hacked Joomla! site on your own, including post-hack actions.
Understand some key points to consider when removing the Google blocklist from your website.
Discover how to remove Google blocklist warnings from your site by fixing hacks and requesting a review.
Key takeaways from our webinar to help your agency clients by providing website security solutions.
Learn how to clean a hacked Joomla! site on your own, including post-hack actions.
Understand how the REST API vulnerability works, affecting WordPress core versions 4.7 and 4.7.1.
Join us on April 5th as we cover the latest findings from our 2022 Hacked Website Threat Report. We’ll shed light on some of the most common tactics and techniques we saw within compromised website environments.
The threat landscape is constantly shifting. As attackers continue to hone their tools and exploit new vulnerabilities, our team works diligently to identify and analyze threats posed to webmasters. Join us on July 6th as we cover the latest findings from our Hacked Website Threat Report for 2021.
In this webinar we will highlight the various activity, access, and error logs WordPress site administrators have at their fingertips. Plus, learn how logs can best be used to manage, troubleshoot, and most importantly, secure your sites.
In this fire chat, we’re looking to find answers to some of the questions web agencies have been asking us for years, in hopes of shedding more light into how you, as an agency, need to respond to security threats your customers face…..
Website security is challenging, especially with a large network of sites. We want to help you understand how you can create a security plan and reduce the risk of a hack or security incident…
In today’s complex security landscape, web applications pose a significant risk to Mid-Market and Enterprise organizations. This webinar will introduce the concept of the WAF, and the benefits of web application security in the cloud…..
Sucuri Marketing Analytics & SEO Specialist, Alycia Mitchell, teaches you how to keep your Google Analytics data clean and use it to uncover vulnerabilities and compromises while optimizing your website’s visibility…..
Learn how to identify issues if you suspect your WordPress site has been hacked. Follow Sucuri Remediation Team Lead, Ben Martin, through the steps needed to clean your WordPress site and minimize the attack time…..
Sucuri Remediation Team Lead, Ben Martin, teaches you the key indicators to look for when your Joomla! site has been compromised, and steps needed to clean your site. Ben provides a guide that is helpful if your website has been hacked so you can recovery quickly…..
The latest trends in website malware with Sucuri’s SiteCheck 2023 Mid-Year Report. We summarize the most common malware detected on infected websites in the first half of the year, including SocGholish, Balada Injector, NDSW, SEO spam, and other prevalent website infections.
Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites...
Our 2022 Q2 SiteCheck Report details our findings from the past quarter to identify the most common malware infections detected by SiteCheck and provides specific examples to help webmasters understand how to find these detections in their own environments.
Our Quarterly Hacked Website Trend Report covers current statistics of website hacks including malware families and Content Management Systems(CMS).This report is based on data collected and analyzed by the Sucuri Remediation Group(RG), which includes the Incident Response Team(IRT) and the Malware Research Team(MRT).It analyzes over 11 k infected ….
Earlier this June, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected...
In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish...
We all know why bad actors infect sites: monetary gain, boosts in SEO ratings for their malware or spam campaigns and a number of other reasons explained in our post...
On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by PatchStack...
Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of backdoors...
Our Quarterly Hacked Website Trend Report covers current statistics of website hacks including malware families and Content Management Systems(CMS).This report is based on data collected and analyzed by the Sucuri Remediation Group…
On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by…
What is a Content Security Policy (CSP)? A Content Security Policy (CSP) is a security feature used to help protect websites and web apps from…
Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a…
A frustrating interruption to anyone’s day is the infamous 500 error. When it happens not only do you lose traffic or potential site revenue, but…
Hacked websites are known to result in a plethora of headaches for webmasters, including malicious redirects, broken links, and unwanted spam content. But did you…
Earlier this June, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned…
In this post, we look at how to use WPScan. The tool provides you a better understanding of your WordPress website and its vulnerabilities. Be…
What does your WordPress site look like to hackers? Would it be tough to crack? Or does it have unlocked doors and unlatched windows just waiting for someone…
Get the latest news on website security issues, vulnerabilities, and exploits.
