Website Security News
At Sucuri, we’re often asked how website owners and webmasters can secure their websites. However, advice can often be too broad; different content management systems (CMS) exist in this ecosystem and each require a unique security configuration. That’s exactly why the Sucuri Firewall contains an…
Read More about How to Secure & Harden Your Joomla! Website in 12 Steps
At Sucuri, we’re often asked how website owners and webmasters can secure their websites. However, most advice can often be too broad; different content management systems (CMS) exist in this…
Read More about Joomla! Security Best Practices: 12 Ways to Keep Joomla! Secure
Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these vulnerabilities caused significant impacts to…
Read More about Throwback Threat Thursday: Joomla GoogleMaps Plugin SEO Spam Injection
We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had cleaned them. The persistence was…
Read More about Return to the City of Cron – Malware Infections on Joomla and WordPress
During the process of investigating one of our incident response cases, we found an .htaccess code injection. It had been widely spread on the website, injected into all .htaccess files…
Read More about .htaccess Injector on Joomla and WordPress Websites
During regular research audits for our Sucuri Firewall (WAF), we discovered a SQL Injection vulnerability affecting Joomla! 3.7 – CVE-2017-8917. The vulnerability is easy to exploit and doesn’t require a privileged account…
One of the worst experiences for a website owner is finding out that the search results for your site have turned into a pharmacy, a fashion outlet, or even a…
Read More about Joomla Security – Pornography Spam Campaign in the Wild
Every day we analyse hundreds of new malicious files. Some of them are simple backdoors, injected iframes, or one liner defacements. Another type of malware, equally interesting, are the ones…
Read More about Joomla admin login bypass – set your UA for full admin access
Joomla! is one of the most popular open-source content management systems (CMS) on the market, powering a large percentage of websites on the internet today. For that reason, we are…
Read More about New Guide on How to Fix Hacked Joomla! Sites
Big Spring Web Development understands the responsibility to their clients extends beyond creating a functional and attractive website. Security and stability are critical components of any online presence. The company…
Exactly 3 days ago, the Joomla team issued a patch for a high-severity vulnerability that allows remote users to create accounts and increase their privileges on any Joomla site. Both…
Read More about Joomla Exploits in the Wild Against CVE-2016-8870 and CVE-2016-8869
