With regular news stories about companies being hacked, database breaches, internet-breaking vulnerabilities and online credit card theft, web users are justifiably anxious about making online purchases for fear that their personal information will be compromised by attackers. But where does legitimate concern end and outright paranoia begin? In this post I will try to dispel some of this anxiety and equip users with knowledge on how to make safe purchases online.
It’s a Big, Scary Web
In a previous two-part series on this blog we detailed the general overview of the web’s ecommerce environment and discussed why some websites are more prone to credit card theft than others.
Continue reading How do I Know if a Website is Safe to Use my Credit Card? at Sucuri Blog.
As with most years, there’s been a wide array of critical vulnerabilities found within content management systems, plugins, API keys, etc. We’ll be recapping our discoveries and how these vulnerabilities were exploited, or potentially could have been.
Adobe Patches Critical Magento Vulnerabilities
This past year, Adobe released several critical security patches for both their commercial and open source ecommerce platform. 16 issues were listed in the patch notes, but only ten vulnerabilities didn’t require any authentication to be exploited.
Continue reading Most Interesting Vulnerabilities of 2021 at Sucuri Blog.
Making sure your website uses HTTPS should be a top priority for any webmaster
In fact, recent statistics show that over 42% of site administrators across the web use WordPress, and many of these sites still don’t have an SSL certificate installed.
The Importance of SSL
For the past several years, SSL has become increasingly important. Not only is SSL crucial for securely transmitting information to and from a website, but also in terms of search engine visibility.
Continue reading How to Add SSL & Move WordPress from HTTP to HTTPS at Sucuri Blog.
Did you know that one quarter of all spam emails are accredited to pharmaceutical ads? Pharma hacks go beyond the inbox and spam websites by redirecting traffic and adding fake keywords and subdomains to the search results.
Why, and how did the medical world get tangled up in spam emails, SEO spam, redirects, and website spam injection?
The answer is – money.
The Ways and Means Committee ( responsible for taxation and budget recommendations) stated in their 2019 report that Americans pay anywhere from 4x to 67x the price as other countries for the same drug.
Continue reading How to Find and Fix a WordPress Pharma Hack at Sucuri Blog.
A critical server security vulnerability in the Java logging library Log4j is taking the internet by storm because code to actively exploit this vulnerability is already widely distributed across the web. Originally found on the popular game Minecraft, it has since been shown to affect most web servers running Apache along with its ubiquitous logging library Log4j. It has been actively exploited by threat actors across the web. It is easily the most severe vulnerability of 2021, clocking in at 10/10 on the CVSS scale.
Continue reading Log4j Vulnerability: The Perfect Holiday Present that Nobody Wants at Sucuri Blog.