The Psychology Behind Why Websites Get Hacked
Joseph Herbrandson It’s an everyday conversation for security professionals that interact with new customers. The one where we have to explain that just because everything seems fine,…
Browsing Category
Joomla Security
84 posts
The Details Behind the Akeeba Backup Vulnerability
Marc-Alexandre Montpas It’s been a month since our disclosure of a low-severity vulnerability affecting Akeeba Backup version 3.11.4, which allowed an attacker to list and download backups…
Joomla! 3.3.5 Released – Fixing High Priority Security Issues
Daniel Cid Update: It seems like there is a glitch in the new version and the Joomla team is urging its users not to upgrade yet. From…
Security Advisory – Hikashop Extension for Joomla!
In a routine audit of our Website Firewall we discovered a serious vulnerability within the Hikashop ecommerce product for Joomla! allowing remote code execution on…
Security Advisory – VirtueMart Extension for Joomla!
If you’re using the popular VirtueMart Joomla! extension (more than 3,500,000 downloads), you should update right away. During a routine audit for our Website Firewall (WAF)…
Security Advisory – Akeeba Backup for Joomla!
We have also released a more recent post exploring this vulnerability further: The Details Behind the Akeeba Backup Vulnerability If you’re a user of the…
BaDoink Website Redirect – Malicious Redirections to Porn Websites on Mobile Devices
The past week has brought about a large number of cases where compromised websites had hidden redirections to porn injected into their code. All the…
PHP Callback Functions: Another Way to Hide Backdoors
Peter Gramantik We often find new techniques employed by malware authors. Some are very interesting, others are pretty funny, and then there are those that really stump…
Joomla Plugin Constructor Backdoor
Denis Sinegubko We recently wrote about backdoors in pirated commercial WordPress plugins. This time it will be a short post about an interesting backdoor we found in…
JCE Joomla Extension Attacks in the Wild
Our friends from SpiderLabs, issued a warning today on their blog about increased activity on their honeypots looking to exploit the old JCE (Joomla Content…
Joomla Security Updates – Version 2.5.19 and 3.2.3 Released
The Joomla team just released two security updates and pushed out the stable versions for Joomla 2.5.19 and 3.2.3. If you run your site on…