#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

hacking joomla website | Breaking Cybersecurity News | The Hacker News

Category — hacking joomla website
Latest Joomla 3.7.1 Release Patches Critical SQL Injection Attack

Latest Joomla 3.7.1 Release Patches Critical SQL Injection Attack

May 17, 2017
If your website is based on the popular Joomla content management system, make sure you have updated your platform to the latest version released today. Joomla, the world's second popular open source Content Management System, has reportedly patched a critical vulnerability in its software's core component. Website administrators are strongly advised to immediately install latest Joomla version 3.7.1, released today, to patch a critical SQL Injection vulnerability (CVE-2017-8917) that affects only Joomla version 3.7.0. " Inadequate filtering of request data leads to a SQL Injection vulnerability ." release note says. The SQL Injection vulnerability in Joomla 3.7.0 was responsibly reported by Marc-Alexandre Montpas, a security researcher at Sucuri last week to the company. According to the researcher , ' The vulnerability is easy to exploit and doesn't require a privileged account on the victim's site ,' which could allow remote hackers to steal sensitive inf
Joomla Joomla! Two Critical Flaws Discovered — Update to Protect Your Site

Joomla Joomla! Two Critical Flaws Discovered — Update to Protect Your Site

Oct 25, 2016
Joomla – the world's second popular open source Content Management System (CMS) software packages, has just released the latest version of its CMS, which includes patches for two critical security vulnerabilities and a bug fix. The two critical flaws, both exist in the Joomla Core functionalities, include Account Creation Vulnerability ( CVE-2016-8870 ) and Elevated Privileges flaw ( CVE-2016-8869 ) that, if unpatched, could put millions of websites that run on Joomla at risk. The account creation bug could allow any user to register on a website, even if the registration process has been disabled, while the elevated privileges flaw could enable users to perform advanced functions on a registered site that ordinary users are not authorized to do. Both the critical vulnerabilities affect Joomla version 3.4.4 through 3.6.3. The update also includes a bug fix for Two-Factor Authentication. Millions of websites used in e-commerce and other sensitive industries used Joomla,
NIST Cybersecurity Framework (CSF) and CTEM – Better Together

NIST Cybersecurity Framework (CSF) and CTEM – Better Together

Sep 05, 2024Threat Detection / Vulnerability Management
It's been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally tailored for Critical infrastructure, 2018's version 1.1 was designed for any organization looking to address cybersecurity risk management.  CSF is a valuable tool for organizations looking to evaluate and enhance their security posture. The framework helps security stakeholders understand and assess their current security measures, organize and prioritize actions to manage risks, and improve communication within and outside organizations using a common language. It's a comprehensive collection of guidelines, best practices, and recommendations, divided into five core functions: Identify, Protec
Expert Insights / Articles Videos
Cybersecurity Resources