Thursday, 18 August 2016

Thanks for Downloading Sucuri's Security Plugin for WordPress

Real People. Real Security.
New-logo---white-backgroundcopy.png
Greetings from Sucuri!

Thank you for downloading the Sucuri Security Plugin for WordPress. We are happy to know you confide in us to help improve your WordPress security posture. If you have any questions, please be sure to check our Knowledge Base or engage us via the WordPress.org forum. 


Additionally, you've been added to our subscription list which will be used sparingly to provide information on the following:
 

  • Security Advisories / Vulnerability Disclosures
  • Education articles, posts, and webinars
  • Sucuri news / product updates

We take great pride in being mindful of not abusing the trust you've entrusted us with, and as such want to welcome you, but also notify you of the addition to this email list. Offering you the opportunity to unsubscribe if you so deem it necessary. 

We would prefer you didn't, the security landscape is constantly evolving and if needed we'd love the opportunity to notify you of such changes so that you can take appropriate actions. 

Below you will find two examples to help you make a better decision on whether you want to stay on this list:

 

  • Security Advisory
  • Webinar: Impacts of a Website Compromise

Security Advisory Example:

security_advisory.png 

 


 

If you're interested in website security but are not sure where to start, our webinar hosted by Sucuri CEO, Tony Perez, is a great place to jump in.
 

Webinar: Impacts of a Website Compromise

Webinar_Screenshot_2.png

  

 
If you love to stay on top of the latest information, check out our blog.

If you would not like to receive these type of security updates and educational emails, feel free to unsubscribe below.
 

Thanks again and we look forward to speaking with you soon!

Sincerely,
- Your Sucuri Security Team
Like, Connect, Follow!
  

Vulnerability Alert: SQL Injection Vulnerability in Ninja Forms

wordpress-vulnerability-disclosure.png

Hi ,

We're reaching out to you today to ensure that you are up to date regarding the latest security issues that may be affecting your website. Keeping our community safe and educated is of great importance to us. 

As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the Ninja Forms plugin for WordPress, currently installed on 600,000+ websites.

The attack vector used to exploit this vulnerability requires the attacker to have an account on the victim's site. It doesn't matter what the account privileges are – for example, a subscriber could exploit this issue. The issue occurs because the plugin doesn't escape parameters provided by its shortcodes before concatenating it to an SQL query.

A malicious individual using this bug could (among other things) leak the site's usernames and hashed passwords. In certain configurations, it can also leak WordPress secret keys.

Read More About This Vulnerability


Security Risk: Dangerous

Exploitation Level: Easy/Remote

DREAD Score: 6/10

Vulnerability: SQL Injection

Patched Version: 2.9.55.2


 
Websites behind the Sucuri Firewall have been protected against this threat
 
via our Virtual Hardening / Patching technology. 



If you don't have our Website Application Firewall enabled, sign up now below!
 
 

This email does not mean you are affected!

Being proactive in the protection of your site is one of the most important aspects of having a solid security posture. Therefore, we feel it's important to research and report on all potential threats as quickly as possible.
 
Sincerely,
- Your Sucuri Security Team

 

  

Thursday, 21 July 2016

You're Invited! Defending Your Google Brand Reputation and Analytics Reports  [Webinar]

Reserve your spot for our next webinar!
View this email in your browser
Real People. Real Security.
You're invited to a webinar hosted by Sucuri's
Digital Marketing Manager, Alycia Mitchell.

Hello ,

Website security should be integrated into all parts of your organization's strategy. This month Sucuri Marketing Analytics & SEO Specialist, Alycia Mitchell, will discuss her approach to security using Google Analytics and Search Console (formerly Webmaster Tools). Join us to learn ways to keep your Google Analytics data clean and use it to uncover vulnerabilities and compromises while optimizing your website's visibility.

This webinar will take place on Thursday, July 28th at 11am PDT. Following her presentation Alycia will take questions from participants. 
 

If you haven't registered yet, please do so by clicking below!

We look forward to your participation!

Reserve Your Spot Now

This online event is tailored for website owners who:

  • Have used Google Analytics and Google Search Console.
  • Want to identify and resolve website security issues with these tools.
  • Need to remove malicious, invalid data from Google Analytics reports.
If you have any questions, don't hesitate to send us an email at info@sucuri.net.
Share
Tweet
Forward
Copyright © 2016 Sucuri Security, All rights reserved.
The user subscribes to this list to stay current with the latest in security news.

Our mailing address is:
Sucuri Security
30141 Antelope RD
Suite D, #680
Menifee, CA 92584

Add us to your address book


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list