article thumbnail

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

The Last Watchdog

You very likely will interact with a content management system (CMS) multiple times today. For instance, the The Last Watchdog article you are reading uses a CMS to store posts, display them in an attractive manner, and provide search capabilities. Security is essential for a CMS. Best security practices.

CMS 260
article thumbnail

The team behind the Joomla CMS discloses a data breach

Security Affairs

Maintainers at the Joomla open-source content management system (CMS) announced a security breach that took place last week. Data contained in the backup includes : Full name Business address Business email address Business phone number Company URL Nature of business Encrypted password (hashed) IP address Newsletter subscription preferences.

CMS 99
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Joomla CMS Discloses Data Leak

Adam Levin

Leaked information included names, addresses, email addresses, phone numbers, encrypted passwords, and IP addresses. The post Joomla CMS Discloses Data Leak appeared first on Adam Levin.

CMS 58
article thumbnail

GoTrim botnet actively brute forces WordPress and OpenCart sites

Security Affairs

C2 communications are encrypted using the Advanced Encryption Standard in Galois Counter Mode (AES-GCM) with a key derived from a passphrase embedded in the malware binary. Keeping the CMS software and associated plugins up to date also reduces the risk of malware infection by exploiting unpatched vulnerabilities.”

CMS 129
article thumbnail

Kyiv blames Belarus-linked APT UNC1151 for recent cyberattack

Security Affairs

Unlike other disinformation campaigns, GhostWriter doesn’t spread through social networks, instead, threat actors behind this campaign abused compromised content management systems (CMS) of news websites or spoofed email accounts to disseminate fake news.

CMS 91
article thumbnail

Crooks use hidden directories of compromised HTTPS sites to deliver malware

Security Affairs

of the popular CMS that are affected by a cross-site request forgery (CSRF) flaw that resides in the comment section of WordPress that is enabled by defaul t. According to the experts, the cybercriminals targeted websites running outdated CMS plugins and themes or server-side software. ” reads the analysis from Zscaler.

CMS 107
article thumbnail

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

February 21, 2024 5 Vulnerabilities Impact Joomla CMS Type of vulnerability: Mail address escaping, XSS, and remote code execution. Bitdefender’s investigation shows that data can be exfiltrated using encrypted image files, highlighting the severity of potential misuse and the need for mitigation. and iPadOS 17.3.

Risk 99