October 28, 2015 By Shane Schick 2 min read

Cybercriminals are wasting no time in taking advantage of a Joomla security flaw that allows them to perform SQL injection attacks and take over websites.

The Joomla security bug involves extracting cookies during a user’s session and then using it to log in as an administrator. The developers of the content management system (CMS) have already released a new version to fix the problem, but it’s probably safe to say many of the 2.8 million sites that use Joomla have yet to make the necessary changes.

In fact, researchers at Sucuri published a blog post confirming that SQL injection attacks started coming within about four hours of the news about a Joomla security risk. To be fair, the researchers noted that the attacks took place when it was night in Europe, when webmasters were probably not awake and had yet to learn about Joomla 3.4.5. Some of the attacks Sucuri spotted were not actual exploits but a sort of test to determine if a particular site would be vulnerable. In other words, cybercriminals are not acting impulsively but instead are methodically planning their next move.

Softpedia noted that after the first few attempts, the Joomla security attacks scaled up rapidly to reach a high of 12,000 per day. Cybercriminals clearly know what they’re doing, too, checking for specific versions of the CMS on a site in order to hit a more vulnerable target. Given that the flaw affects Joomla 3.2 through 3.4, there’s a fairly wide potential list of sites that need to make sure they’re safe from harm.

Of course, as more organizations move to the most recent version of the CMS, Joomla security attacks could diminish as quickly as they escalated. According to PCWorld, however, CISOs and their teams need to recognize that they really only have a day to fend off the worst of the threats, and probably a lot less than that if their domain attracts a considerable amount of traffic. Cybercriminals are proving highly proactive and responsive to any security hole that opens up to them. Enterprises need to be just as quick to act if they don’t want to lose control over their websites and data.

More from

CISA releases landmark cyber incident reporting proposal

2 min read - Due to ongoing cyberattacks and threats, critical infrastructure organizations have been on high alert. Now, the Cybersecurity and Infrastructure Security Agency (CISA) has introduced a draft of landmark regulation outlining how organizations will be required to report cyber incidents to the federal government.The 447-page Notice of Proposed Rulemaking (NPRM) has been released and is open for public feedback through the Federal Register. CISA was required to develop this report by the Cyber Incident Reporting for Critical Infrastructure Act of 2022…

Ransomware payouts hit all-time high, but that’s not the whole story

3 min read - Ransomware payments hit an all-time high of $1.1 billion in 2023, following a steep drop in total payouts in 2022. Some factors that may have contributed to the decline in 2022 were the Ukraine conflict, fewer victims paying ransoms and cyber group takedowns by legal authorities.In 2023, however, ransomware payouts came roaring back to set a new all-time record. During 2023, nefarious actors targeted high-profile institutions and critical infrastructure, including hospitals, schools and government agencies.Still, it’s not all roses for…

What should an AI ethics governance framework look like?

4 min read - While the race to achieve generative AI intensifies, the ethical debate surrounding the technology also continues to heat up. And the stakes keep getting higher.As per Gartner, “Organizations are responsible for ensuring that AI projects they develop, deploy or use do not have negative ethical consequences.” Meanwhile, 79% of executives say AI ethics is important to their enterprise-wide AI approach, but less than 25% have operationalized ethics governance principles.AI is also high on the list of United States government concerns.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today