Sucuri Sit-Down

October is National Cyber Security Awareness Month, and we’re back with analyst Antony Garand to take a deeper look into cross site scripting (XSS) attacks and WordPress plugin vulnerabilities. Plus, host Justin Channell will catch you up on the latest website security news from the Sucuri blog.For further reading about any of these topics, check out these blogs we reference in the episode:WordPress Malware Disables Security Plugins to Avoid DetectionCritical Vulnerability in File Manager Plugin Affecting 700k WordPress WebsitesReflected XSS in WordPress Plugin Admin PagesBackdoor Shell Dropper Deploys CMS-Specific MalwareMagento Multiversion (1.x/2.x) Backdoor

Phishing attacks are one of the most popular methods for bad actors to gain access to a website environment. On this month’s podcast, analyst Luke Leal is with us to talk about these attacks. Topics covered include the motivation bad actors have for these attacks, who is a likely target, and preventative measures. Plus, host Justin Channell breaks down more website security news from July - including new backdoors, a malicious WordPress plugin, and malware hiding in images and GitHub repositories.For further reading about any of these topics, check out these blogs we reference in the episode:Pirated WordPress Plugins Bundled with BackdoorsSpox Phishing Kit Harvests Chase Bank CredentialsFake WordPress Plugin SiteSpeed Serves Malicious Ads & BackdoorsMalicious Magento User CreatorSkimmers in Images & GitHub Repos

Malware comes in many different varieties. Analyst Krasimir Konov is on this month’s Sucuri Sit-Down to help keep them all straight. From malicious iframes to SEO spam, join host Justin Channell as he racks Krasimir’s brain on all the different types of malware. Also, Krasimir discusses his recent blog post about a malicious cURL downloader, and Justin breaks down the latest website security news, including patched plugins you should update. 

A credit card swiper was found on a WordPress site running WooCommerce, and Sucuri analyst Ben Martin is on the show to discuss how it worked, as well as the evolution of ecommerce swipers and more. Plus, Justin Channell takes a look at the top website security news stories for May 2020.