Tag Archives: Joomla! Security

Hacked Website Report – 2016/Q3

Today we are proud to release our quarterly Hacked Website Report for 2016/Q3. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which includes the Incident Response Team (IRT) and the Malware Research Team (MRT). The data presented is based on the analysis of over 8,000 infected websites. This More Info »

New Guide on How to Fix Hacked Joomla! Sites

Joomla! is one of the most popular open-source content management systems (CMS) on the market, powering a large percentage of websites on the internet today. For that reason, we are glad that our team includes a former contributor who helped create the official Joomla! docs on website security. We have also participated in various Joomla! More Info »

Spotlight: How Big Spring Secures Joomla!

Big Spring Web Development understands the responsibility to their clients extends beyond creating a functional and attractive website. Security and stability are critical components of any online presence. The company is one of only a select few agencies in the UK that partners with WP Engine. Through this, Big Spring has solidified its position as More Info »

Joomla Account Creation Vulnerability

The Joomla team released a serious security vulnerability affecting all Joomla versions from 3.4.4 and up. If you’re using one of these versions of Joomla, you’re encouraged to update immediately. The vulnerability has a high severity as it allows anyone to create a user remotely and specify the desired group permission to it, including administrator. Two More Info »

Hacked Website Report – 2016/Q2

Today we’re releasing our quarterly Hacked Website Report for 2016/Q2. The data in this report is based on compromised websites we worked on, with insights and analysis performed by our Incident Response Team (IRT) and Malware Research Team (MRT). CMS Analysis Our analysis consisted of over 9,000 infected websites. The graphs below show a side-by-side… More Info »

New Realstatistics Attack Vector Compromising Joomla Sites

Over the past few weeks we’ve seen a large number of Joomla websites compromised with the Realstatistics malware campaign. This mass infection is still evolving and continues to distribute harmful ransomware to compromised website visitors. Today we are providing more context on the new attack vector and exploitation process used to to compromise these sites…. More Info »

Backdoor in Fake Joomla! Core Files

We usually write a lot about obfuscation methods on Sucuri Labs and here on the blog.  Sometimes we write about free tools to obfuscate your code that aren’t that free and we also have an online tool to help decoding the malware you find. But sometimes the malware is not clearly encoded using base64, gzinflate, hex concatenation,… More Info »