Have you ever smiled at an old commercial or recognized a theme song from your past? That’s nostalgia marketing at work. It taps into emotions tied to familiar memories, creating an immediate connection between your audience and your brand. But it’s more than just a trip down memory lane. As a marketer, you can use…

Quick: What time of the year is it? Is the World Cup on? Is it Christmas? Is it summertime? I’m asking because, depending on the time of year, you can beef up your marketing strategy using seasonal SEO. Some things are trendy year-round, while others change with the seasons. Think costumes close to Halloween or…

Many pieces of malware found over the years have been complex and difficult to find. Attackers often obfuscate their code to make it harder to track. Some pieces of malware require extensive reviews to uncover. But in other instances, that is not always the case. Threat actors find new ways to inject malware to avoid detection, and in some situations, they hide their malicious code in plain sight. Recently, I discovered a cleverly disguised malicious redirect, where attackers leveraged a popular redirect plugin in a WordPress site.

Continue reading Indonesian Gambling Redirect Hiding in Plain Sight at Sucuri Blog.

Do you create content regularly? Sometimes, that’s the easy part.  But what about creating relevant pieces of content that meet Google’s helpful content guidelines, match search intent, and appeal to your audience? Now, that’s a whole different story. That’s where topic clusters come in. With a topic cluster, you write a pillar page around a…

In our recent investigation, we discovered a new malware campaign targeting WordPress sites through a fake plugin, universal-popup-plugin-v133 , which delivers deceptive browser fix pop-ups. This malware leverages social engineering tactics to deceive visitors into downloading malicious files, compromising their systems.

Type of website impacted and the scope of infection

We reported a similar fake browser update in a recent June article. The current version of this malware affects WordPress sites, and we saw a similar case in August, 2024 which is now detected by SiteCheck as malware.fake_update.7 .

Continue reading Fake “Fix It” Pop-Ups Target WordPress Sites via Malicious Plugin to Download Trojan at Sucuri Blog.

In August, Google did it again.  Can you guess what I’m talking about? Yep, the search engine giant rolled out another algorithm update. The latest core update began on August 15 and finished by September 3. This update focused on improving the quality of search results and showing content that users find “genuinely useful.” As…

Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges.

Russian news publication Kommersant reported that a court in St. Petersburg found Artem Zaets, Alexei Malozemov, Daniil Puzyrevsky, and Ruslan

The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties.

"The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, using compromised servers and Docker Hub as the infrastructure

The Computer Emergency Response Team of Ukraine (CERT-UA) has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities.

"The messages exploit the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust architecture," CERT-UA said. "These emails contain attachments in the form of Remote Desktop Protocol ('.rdp'

A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges.

The CERT Coordination Center (CERT/CC) said the vulnerability, tracked as CVE-2024-41992, said the susceptible code from the Wi-Fi Alliance has been found deployed on Arcadyan FMIMG51AX000J routers.

"This flaw allows an unauthenticated local attacker to