Joomla

Pierluigi Paganini December 16, 2015
Joomla under attack due to a zero-day. Patch your CMS now!

The websites based on the popular Joomla CMS need to be updated as soon as possible due to a critical remote code execution vulnerability. The websites based on the popular Joomla CMS need to be updated as soon as possible, Joomla has just released a security patch to fix a critical eight-year-old remote code execution vulnerability. […]

Pierluigi Paganini November 06, 2015
Financial Reporting Council of Nigeria site used for phishing scam

According to Netcraft, the website of Financial Reporting Council of Nigeria is used to serve a webmail phishing site from the legitim site of the agency. The website of the Financial Reporting Council of Nigeria was used by cyber criminals in a phishing scam. According to the experts at Netcraft, the website of Financial Reporting Council of […]

Pierluigi Paganini October 28, 2015
Joomla SQL Injection Vulnerability exploited in the wild

Security experts at Sucuri reported a number of attacks exploiting a critical SQL injection flaw recently disclosed in the Joomla Content Management System. A few days ago, security experts disclosed a critical SQL injection vulnerability in the Joomla Content Management System (CVE-2015-7858), but as expected, threat actors in the wild are exploiting it in attacks against websites […]

Pierluigi Paganini July 22, 2015
Joomla Helpdesk Pro flaws leave systems vulnerable to several attacks

The Outpost24 team has identified several vulnerabilities that affect Joomla HelpDesk Pro extension, the flaws can lead to remote code execution on servers. Kasper Bertelsen, a security researcher at Outpost24 has discovered a number of vulnerabilities in the Joomla Helpdesk Pro extension which can lead to remote code execution on servers. The Helpdesk Pro Joomla extension is developed […]

Pierluigi Paganini February 27, 2015
Joomla Reflection DDoS attacks exploit a Google Maps Plugin flaws

Akamai firm discovered numerous attacks exploiting a known vulnerability in a Google Maps plugin to run Joomla Reflection DDoS attacks against enterprises. Experts from Akamai Technologies’ Prolexic Security Engineering and Response Team (PLXsert) have discovered a vulnerability allows attackers to turn Joomla servers using the Google Maps plugin into a DDoS hacking tool. The worrying aspect […]