Joomla Exploits in the Wild Against CVE-2016-8870 and CVE-2016-8869
Daniel Cid Exactly 3 days ago, the Joomla team issued a patch for a high-severity vulnerability that allows remote users to create accounts and increase their privileges…
Browsing Category
Joomla Security
85 posts
Details on the Privilege Escalation Vulnerability in Joomla
Marc-Alexandre Montpas Yesterday, Joomla! 3.6.4 was released, patching a critical privilege escalation and arbitrary account creation vulnerability. As we’ve seen some exploits attempts occurring in the wild,…
Joomla Account Creation Vulnerability
The Joomla team released a patch for a serious security vulnerability affecting all Joomla versions from 3.4.4 and up. If you’re using one of these…
Security Through Confusion – The FUD Factor
The FUD factor has been employed by sales and marketing teams from multiple industries for decades. It stands for fear, uncertainty, and doubt (FUD) and…
Hacked Website Report – 2016/Q2
Today we’re releasing our quarterly Hacked Website Report for 2016/Q2. The data in this report is based on compromised websites we worked on, with insights…
New Realstatistics Attack Vector Compromising Joomla Sites
Caleb Lane Nov 2016 Update: If your Joomla site has been hacked, you can follow our guide to fixing it. Read the Guide! Over the past few…
Realstatistics Malware Campaign Leads To Ransomware
Our Incident Response Team (IRT) has been tracking a mass infection campaign over the last two weeks ( codenamed “Realstatistics“). This campaign has compromised thousands of websites built…
Backdoor in Fake Joomla! Core Files
Fioravante Souza We usually write a lot about obfuscation methods on Sucuri Labs and here on the blog. Sometimes we write about free tools to obfuscate your…
Hacked Website Report – 2016/Q1
Our Remediation group is comprised of two distinct teams, the Incident Response Team (IRT) and Malware Research Team (MRT). These teams work closely with our…
Vulnerability Details: Joomla! Remote Code Execution
The Joomla! team released a new version of Joomla! CMS yesterday to patch a serious and easy to exploit remote code execution vulnerability that affected…
Critical 0-day Remote Command Execution Vulnerability in Joomla
Nov 2016 Update: If you need to clean your hacked Joomla site, we have released a new free guide to show you how to identify…