Website Security News
See posts about Joomla! website security including new vulnerability disclosures, research and technical details. Learn how to protect your Joomla! installation and secure your site against emerging threats. If your Joomla! site is infected, read our guide to fixing a Joomla! hack.
Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these vulnerabilities caused significant impacts to the security of website owners. Some vulnerable sites may be still be found in wild….
Read More about Throwback Threat Thursday: JCE Vulnerability
At Sucuri, we’re often asked how website owners and webmasters can secure their websites. However, most advice can often be too broad; different content management systems (CMS) exist in this…
Read More about Joomla! Security Best Practices: 12 Ways to Keep Joomla! Secure
Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these vulnerabilities caused significant impacts to…
Read More about Throwback Threat Thursday: Joomla GoogleMaps Plugin SEO Spam Injection
We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had cleaned them. The persistence was…
Read More about Return to the City of Cron – Malware Infections on Joomla and WordPress
During the process of investigating one of our incident response cases, we found an .htaccess code injection. It had been widely spread on the website, injected into all .htaccess files…
Read More about .htaccess Injector on Joomla and WordPress Websites
We are proud to be releasing our latest Hacked Website Trend Report for 2017. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which…
Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research website vulnerabilities and who are…
Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised sites without the consent of…
During regular research audits for our Sucuri Firewall (WAF), we discovered a SQL Injection vulnerability affecting Joomla! 3.7 – CVE-2017-8917. The vulnerability is easy to exploit and doesn’t require a privileged account…
One of the worst experiences for a website owner is finding out that the search results for your site have turned into a pharmacy, a fashion outlet, or even a…
Read More about Joomla Security – Pornography Spam Campaign in the Wild
Today we are proud to release our quarterly Hacked Website Report for 2016/Q3. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which includes…
