Joomla! websites abused as open proxy for Denial-of-Service attacks

Joomla websites using the Googlemaps plugin for Joomla are actively abused as open proxy for launching Denial-of-Service (DoS) attacks. Even though the Googlemaps plugin vulnerability plugin_googlemap2_proxy.php was released over one and a half (1,5) years ago, I still see these DoS-attacks happening on a regular basis…

Continue reading “Joomla! websites abused as open proxy for Denial-of-Service attacks”

“Simple Hack Threatens Outdated Joomla Sites”

Update your Joomla site… yet again. If you run a site powered by the Joomla content management system and haven’t yet applied a critical update for this software released less than two weeks ago, please take a moment to do so: A trivial exploit could let users inject malicious content into your site, turning it into a phishing or malware trap for visitors., Says Brian Krebs

Continue reading ““Simple Hack Threatens Outdated Joomla Sites””

Grep for forensic log parsing and analysis on Windows Server IIS

Use GnuWin32 ported tools like grep.exe and find.exe to find backdoor files in websites, check visitor’s IP addresses or hits to backdoors in IIS log files: forensic log analysis with grep. Search for Joomla, WordPress, Drupal PHP backdoors within your website, clean up a hacked website and keep a website secure.

Continue reading “Grep for forensic log parsing and analysis on Windows Server IIS”

“Joomla sites misused to deploy malware” – Update

The Internet Storm Center reports that a large number of Joomla sites are currently deploying malicious code and infecting visitors with malware; some WordPress sites are also thought to be affected. The German CERT-Bund⁠ Computer Emergency Response Team, which is operated by the German Federal Office for Information Security (BSI), has confirmed that similar attacks on and via Joomla servers have also been observed in Germany.

Continue reading ““Joomla sites misused to deploy malware” – Update”