Tag Archives: Joomla! Security

Cryptominers on Hacked Sites – Part 2

Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised sites without the consent of the website owners. We reviewed two types of infections that affected WordPress and Magento sites, and have been monitoring the malicious use of the CoinHive More Info »

SQL Injection Vulnerability in Joomla! 3.7

During regular research audits for our Sucuri Firewall (WAF), we discovered a SQL Injection vulnerability affecting Joomla! 3.7. The vulnerability is easy to exploit and doesn’t require a privileged account on the victim’s site. Are You at Risk? The vulnerability is caused by a new component, com_fields, which was introduced in version 3.7. If you use this version, you More Info »

Hacked Website Report – 2016/Q3

Today we are proud to release our quarterly Hacked Website Report for 2016/Q3. This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which includes the Incident Response Team (IRT) and the Malware Research Team (MRT). The data presented is based on the analysis of over 8,000 infected websites. This More Info »

New Guide on How to Fix Hacked Joomla! Sites

Joomla! is one of the most popular open-source content management systems (CMS) on the market, powering a large percentage of websites on the internet today. For that reason, we are glad that our team includes a former contributor who helped create the official Joomla! docs on website security. We have also participated in various Joomla! More Info »

Spotlight: How Big Spring Secures Joomla!

Big Spring Web Development understands the responsibility to their clients extends beyond creating a functional and attractive website. Security and stability are critical components of any online presence. The company is one of only a select few agencies in the UK that partners with WP Engine. Through this, Big Spring has solidified its position as More Info »

Joomla Account Creation Vulnerability

The Joomla team released a serious security vulnerability affecting all Joomla versions from 3.4.4 and up. If you’re using one of these versions of Joomla, you’re encouraged to update immediately. The vulnerability has a high severity as it allows anyone to create a user remotely and specify the desired group permission to it, including administrator. Two More Info »

Hacked Website Report – 2016/Q2

Today we’re releasing our quarterly Hacked Website Report for 2016/Q2. The data in this report is based on compromised websites we worked on, with insights and analysis performed by our Incident Response Team (IRT) and Malware Research Team (MRT). CMS Analysis Our analysis consisted of over 9,000 infected websites. The graphs below show a side-by-side… More Info »