Author: Jessica Ortega (Page 1 of 3)

CMS security update

Joomla! Releases Version 3.8.13 with Security Updates

Last week, Joomla! released version 3.8.13 which included five security updates for the 3.x series of Joomla!. All five of the vulnerabilities addressed are part of the Joomla! application core. Although all of the vulnerabilities are considered low priority, Joomla! is encouraging users to update their applications as soon as possible to avoid possible compromise as a result of them being exploited. The vulnerabilities below were addressed:

Read More

SiteLock Website Security Insider Q2 2018

The SiteLock Website Security Insider Q2 2018

Did you know that websites experience an average of 58 attacks per day? That’s one cyberattack approximately every 25 minutes! Even more startling, as much as 61 percent of all internet traffic is automated traffic from bots, meaning these attacks do not discriminate based on the size or popularity of a website. No website is too small or too new to hack.

Read More

CMS security update

Joomla! Fixes Security Flaws in 3.8.12

Joomla! recently released version 3.8.12 which includes patches addressing three security vulnerabilities and several bug fixes.  This is a security release that impacts all versions of the 3.x series of Joomla! applications and users are encouraged to update as soon as possible to avoid potential compromise.

Read More

SiteLock Decoding Bytes

Decoding Bytes: Whose Job is Website Security?

It’s no secret that websites face a barrage of attacks daily, up to 50 on average. But whose job is it to secure websites against those daily threats? Recent SiteLock survey data shows that nearly half (45%) of website owners believe that their web host is responsible for keeping their website secure. Nothing could be further from the truth.

Read More

CMS security update

WordPress Addresses File Deletion Vulnerability in New Version

Last week WordPress released version 4.9.7, a maintenance and security update. This update addresses a recently discovered security vulnerability, as well as 17 additional bug fixes. WordPress disclosed that versions 4.9.6 and earlier are affected by a security vulnerability that  to delete files outside of the /wp-content/uploads directory. This could potentially allow users created by malware to delete files necessary to the core functionality of WordPress.

Read More

CMS security update

Joomla! Releases 3.8.9 Including Security Updates

The newest version of Joomla!, version 3.8.9, was released on June 26, 2018. This version addresses two minor security vulnerabilities and several other bugs which caused errors in the application’s core.

Read More

CMS security update

Joomla! Releases Security Update in Version 3.8.8

Joomla! recently released version 3.8.8 which included nine security updates addressing various vulnerabilities as well as over 50 other bug fixes. Many of the security vulnerabilities impacted all versions of Joomla! from version 2.5.0 through 3.8.7, making application updates important to protecting sites using the open source platform.

Among the vulnerabilities are three cross-site scripting (XSS vulnerabilities) that impact different parts of the core Joomla! Application. In addition to the low and moderate XSS vulnerabilities, there are six other low priority security issues addressed in the new version. These include addressing possibly vulnerable access to website data and field filtering for Joomla! components.

Read More

SiteLock

Patchman Partners with Joomla! Security Strike Team

Since joining forces in July 2017, Patchman and SiteLock have shared the same vision of protecting every website on the internet. In November of 2017, that mission continued with the announcement of a partnership with the popular Content Management System (CMS) Joomla!.  Now Patchman is proud to announce the next phase in that mission, by sponsoring a member of the Joomla! Security Strike Team (JSST). “The partnership with Patchman is very beneficial for the Joomla! security team, because it provides what our volunteer-based team needs the most: scheduled and continuous developer hours to triage new reports and develop patches,” says David Jardin, the JSST Team Lead.

Read More

Malware

More Drupal Patches Released in the Wake of Drupalgeddon2

Drupal has released two additional security updates in the wake of the Drupalgeddon2 critical vulnerability patched on March 28. These updates continue to address vulnerabilities related to the remote code execution vulnerability found in March in both Drupal 7.x and 8.x applications.

Read More

Malware

Drupal Releases PSA About Critical Vulnerability

In March, Drupal released version 8.5.1 addressing several critical security vulnerabilities. At that time, there was no evidence of the vulnerability being exploited to attack Drupal sites However, on April 12, 2018, a security research firm released a detailed analysis of the vulnerability and steps to exploit it.  In the days since this release, multiple exploits of the Drupalgeddon2 vulnerability have been reported.

Read More

Page 1 of 3

Powered by WordPress