#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Joomla | Breaking Cybersecurity News | The Hacker News

CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe, D-Link, Joomla Under Attack

CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe, D-Link, Joomla Under Attack
Jan 10, 2024 Patch Management / Threat Intelligence
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has  added  six security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation. This includes  CVE-2023-27524  (CVSS score: 8.9), a high-severity vulnerability impacting the Apache Superset open-source data visualization software that could enable remote code execution. It was fixed in version 2.1. Details of the issue  first came to light  in April 2023, with Horizon3.ai's Naveen Sunkavally describing it as a "dangerous default configuration in Apache Superset that allows an unauthenticated attacker to gain remote code execution, harvest credentials, and compromise data." It's currently not known how the vulnerability is being exploited in the wild. Also added by CISA are five other flaws - CVE-2023-38203  (CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-29300  (CVSS score: 9.8) - Adobe ColdFusion Deserialization of Untrus

KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms

KashmirBlack Botnet Hijacks Thousands of Sites Running On Popular CMS Platforms
Oct 29, 2020
An active botnet comprising hundreds of thousands of hijacked systems spread across 30 countries is exploiting "dozens of known vulnerabilities" to target widely-used content management systems (CMS). The "KashmirBlack" campaign, which is believed to have started around November 2019, aims for popular CMS platforms such as WordPress, Joomla!, PrestaShop, Magneto, Drupal, Vbulletin, OsCommerence, OpenCart, and Yeager. "Its well-designed infrastructure makes it easy to expand and add new exploits or payloads without much effort, and it uses sophisticated methods to camouflage itself, stay undetected, and protect its operation," Imperva researchers said in a  two-part   analysis . The cybersecurity firm's six-month-long investigation into the botnet reveals a complex operation managed by one command-and-control (C2) server and more than 60 surrogate servers that communicate with the bots to send new targets, allowing it to expand the size of the botn

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu

Joomla Resources Directory (JRD) Portal Suffers Data Breach

Joomla Resources Directory (JRD) Portal Suffers Data Breach
Jun 01, 2020
Joomla, one of the most popular Open-source content management systems (CMS), last week announced a new data breach impacting 2,700 users who have an account with its resources directory (JRD) website, i.e., resources.joomla.org. The breach exposed affected users' personal information, such as full names, business addresses, email addresses, phone numbers, and encrypted passwords. The company said the incident came to light during an internal website audit that revealed that a member of the Joomla Resources Directory (JRD) team stored a full unencrypted backup of the JRD website on an Amazon Web Services S3 bucket owned by the third-party company. The affected JRD portal lists developers and service providers specialized in Joomla, allowing registered users to extend their CMS with additional functionalities. Joomla said the investigation is still ongoing and that accesses to the website have been temporarily suspended. It has also reached out to the concerned third-pa

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Latest Joomla 3.7.1 Release Patches Critical SQL Injection Attack

Latest Joomla 3.7.1 Release Patches Critical SQL Injection Attack
May 17, 2017
If your website is based on the popular Joomla content management system, make sure you have updated your platform to the latest version released today. Joomla, the world's second popular open source Content Management System, has reportedly patched a critical vulnerability in its software's core component. Website administrators are strongly advised to immediately install latest Joomla version 3.7.1, released today, to patch a critical SQL Injection vulnerability (CVE-2017-8917) that affects only Joomla version 3.7.0. " Inadequate filtering of request data leads to a SQL Injection vulnerability ." release note says. The SQL Injection vulnerability in Joomla 3.7.0 was responsibly reported by Marc-Alexandre Montpas, a security researcher at Sucuri last week to the company. According to the researcher , ' The vulnerability is easy to exploit and doesn't require a privileged account on the victim's site ,' which could allow remote hackers to steal sensitive inf

Donald Trump appoints a CyberSecurity Advisor Whose Own Site is Damn Vulnerable

Donald Trump appoints a CyberSecurity Advisor Whose Own Site is Damn Vulnerable
Jan 13, 2017
Former New York City Mayor Rudolph W. Giuliani has been appointed as a cyber security advisor for the President-elect Donald Trump, but it appears that he never actually checked the security defenses of his own company's website. Giuliani is going to head a new Cybersecurity Working group for the President-elect, and "will be sharing his expertise and insight as a trusted friend concerning private sector cyber security problems and emerging solutions developing in the private sector," the Trump's Transition Team announced Thursday. Trump administration has appointed Giuliani after citing his 16 years of experience "providing security solutions in the private sector," but the news met online criticism with many users on Twitter asking: 'What does the former New York mayor know about cyber security?' As the news broke, online users started scanning his website " www.giulianisecurity.com " and found that the site for Giuliani Sec

Joomla Joomla! Two Critical Flaws Discovered — Update to Protect Your Site

Joomla Joomla! Two Critical Flaws Discovered — Update to Protect Your Site
Oct 25, 2016
Joomla – the world's second popular open source Content Management System (CMS) software packages, has just released the latest version of its CMS, which includes patches for two critical security vulnerabilities and a bug fix. The two critical flaws, both exist in the Joomla Core functionalities, include Account Creation Vulnerability ( CVE-2016-8870 ) and Elevated Privileges flaw ( CVE-2016-8869 ) that, if unpatched, could put millions of websites that run on Joomla at risk. The account creation bug could allow any user to register on a website, even if the registration process has been disabled, while the elevated privileges flaw could enable users to perform advanced functions on a registered site that ordinary users are not authorized to do. Both the critical vulnerabilities affect Joomla version 3.4.4 through 3.6.3. The update also includes a bug fix for Two-Factor Authentication. Millions of websites used in e-commerce and other sensitive industries used Joomla,

Joomla 3.4.5 patches Critical SQL Injection Vulnerability

Joomla 3.4.5 patches Critical SQL Injection Vulnerability
Oct 23, 2015
Joomla – one of the most popular open source Content Management System (CMS) software packages, has reportedly patched three critical vulnerabilities in its software. The flaws, exist in the Joomla version 3.2 to 3.4.4, include SQL injection vulnerabilities that could allow hackers to take admin privileges on most customer websites. The patch was an upgrade to Joomla version 3.4.5  and only contained security fixes. The vulnerability, discovered by Trustwave SpiderLabs researcher Asaf Orpani and Netanel Rubin of PerimeterX, could be exploited to attack a website with SQL injections. SQL injection ( SQLi ) is an injection attack wherein a bad actor can inject/insert malicious SQL commands/query (malicious payloads) through the input data from the client to the application. The vulnerability is one of the oldest, most powerful and most dangerous flaw that could affect any website or web application that uses an SQL-based database. The recent SQLi in Jooml
Cybersecurity Resources