The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Joomla

KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms

KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms

October 29, 2020Ravie Lakshmanan
An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "dozens of known vulnerabilities" to target widely-used content management systems (CMS). The "KashmirBlack" campaign, which is believed to have started around November 2019, aims for popular CMS platforms such as WordPress, Joomla!, PrestaShop, Magneto, Drupal, Vbulletin, OsCommerence, OpenCart, and Yeager. "Its well-designed infrastructure makes it easy to expand and add new exploits or payloads without much effort, and it uses sophisticated methods to camouflage itself, stay undetected, and protect its operation," Imperva researchers said in a  two-part   analysis . The cybersecurity firm's six-month-long investigation into the botnet reveals a complex operation managed by one command-and-control (C2) server and more than 60 surrogate servers that communicate with the bots to send new targets, allowing it to expand the size of the botn
Joomla Resources Directory (JRD) Portal Suffers Data Breach

Joomla Resources Directory (JRD) Portal Suffers Data Breach

June 01, 2020Ravie Lakshmanan
Joomla, one of the most popular Open-source content management systems (CMS), last week announced a new data breach impacting 2,700 users who have an account with its resources directory (JRD) website, i.e., resources.joomla.org. The breach exposed affected users' personal information, such as full names, business addresses, email addresses, phone numbers, and encrypted passwords. The company said the incident came to light during an internal website audit that revealed that a member of the Joomla Resources Directory (JRD) team stored a full unencrypted backup of the JRD website on an Amazon Web Services S3 bucket owned by the third-party company. The affected JRD portal lists developers and service providers specialized in Joomla, allowing registered users to extend their CMS with additional functionalities. Joomla said the investigation is still ongoing and that accesses to the website have been temporarily suspended. It has also reached out to the concerned third-pa
Latest Joomla 3.7.1 Release Patches Critical SQL Injection Attack

Latest Joomla 3.7.1 Release Patches Critical SQL Injection Attack

May 17, 2017Mohit Kumar
If your website is based on the popular Joomla content management system, make sure you have updated your platform to the latest version released today. Joomla, the world's second popular open source Content Management System, has reportedly patched a critical vulnerability in its software's core component. Website administrators are strongly advised to immediately install latest Joomla version 3.7.1, released today, to patch a critical SQL Injection vulnerability (CVE-2017-8917) that affects only Joomla version 3.7.0. " Inadequate filtering of request data leads to a SQL Injection vulnerability ." release note says. The SQL Injection vulnerability in Joomla 3.7.0 was responsibly reported by Marc-Alexandre Montpas, a security researcher at Sucuri last week to the company. According to the researcher , ' The vulnerability is easy to exploit and doesn't require a privileged account on the victim's site ,' which could allow remote hackers to steal sensitive inf
Donald Trump appoints a CyberSecurity Advisor Whose Own Site is Damn Vulnerable

Donald Trump appoints a CyberSecurity Advisor Whose Own Site is Damn Vulnerable

January 13, 2017Mohit Kumar
Former New York City Mayor Rudolph W. Giuliani has been appointed as a cyber security advisor for the President-elect Donald Trump, but it appears that he never actually checked the security defenses of his own company's website. Giuliani is going to head a new Cybersecurity Working group for the President-elect, and "will be sharing his expertise and insight as a trusted friend concerning private sector cyber security problems and emerging solutions developing in the private sector," the Trump's Transition Team announced Thursday. Trump administration has appointed Giuliani after citing his 16 years of experience "providing security solutions in the private sector," but the news met online criticism with many users on Twitter asking: 'What does the former New York mayor know about cyber security?' As the news broke, online users started scanning his website " www.giulianisecurity.com " and found that the site for Giuliani Sec
Joomla Joomla! Two Critical Flaws Discovered — Update to Protect Your Site

Joomla Joomla! Two Critical Flaws Discovered — Update to Protect Your Site

October 25, 2016Mohit Kumar
Joomla – the world's second popular open source Content Management System (CMS) software packages, has just released the latest version of its CMS, which includes patches for two critical security vulnerabilities and a bug fix. The two critical flaws, both exist in the Joomla Core functionalities, include Account Creation Vulnerability ( CVE-2016-8870 ) and Elevated Privileges flaw ( CVE-2016-8869 ) that, if unpatched, could put millions of websites that run on Joomla at risk. The account creation bug could allow any user to register on a website, even if the registration process has been disabled, while the elevated privileges flaw could enable users to perform advanced functions on a registered site that ordinary users are not authorized to do. Both the critical vulnerabilities affect Joomla version 3.4.4 through 3.6.3. The update also includes a bug fix for Two-Factor Authentication. Millions of websites used in e-commerce and other sensitive industries used Joomla,
Joomla 3.4.5 patches Critical SQL Injection Vulnerability

Joomla 3.4.5 patches Critical SQL Injection Vulnerability

October 23, 2015Khyati Jain
Joomla – one of the most popular open source Content Management System (CMS) software packages, has reportedly patched three critical vulnerabilities in its software. The flaws, exist in the Joomla version 3.2 to 3.4.4, include SQL injection vulnerabilities that could allow hackers to take admin privileges on most customer websites. The patch was an upgrade to Joomla version 3.4.5  and only contained security fixes. The vulnerability, discovered by Trustwave SpiderLabs researcher Asaf Orpani and Netanel Rubin of PerimeterX, could be exploited to attack a website with SQL injections. SQL injection ( SQLi ) is an injection attack wherein a bad actor can inject/insert malicious SQL commands/query (malicious payloads) through the input data from the client to the application. The vulnerability is one of the oldest, most powerful and most dangerous flaw that could affect any website or web application that uses an SQL-based database. The recent SQLi in Jooml
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.