CMS and Information Security - Information Management Today

A flaw in Concrete5 CMS could have allowed website takeover

Security Affairs

AUGUST 18, 2020

A remote code execution (RCE) vulnerability affecting the Concrete5 CMS exposed numerous servers to full takeover, experts warn. A recently addressed remote code execution (RCE) flaw in the Concrete5 CMS exposed numerous websites to attacks. EdgeScan experts also provided a list of recommendations to keep the CMS secure.

CMS

CMS Access IT Security

New Caesar Cipher Skimmer targets popular CMS used by e-stores

Security Affairs

JUNE 26, 2024

A new e-skimmer called Caesar Cipher Skimmer is used to compromise multiple CMS, including WordPress, Magento, and OpenCart. Sucuri researchers discovered a new e-skimmer , called Caesar Cipher Skimmer, that was used in recent weeks to target users of e-stores based on popular CMS, including WordPress, Magento, and OpenCart.

CMS

CMS Analytics Passwords IT

The team behind the Joomla CMS discloses a data breach

Security Affairs

JUNE 1, 2020

Maintainers at the Joomla open-source content management system (CMS) announced a security breach that took place last week. The post The team behind the Joomla CMS discloses a data breach appeared first on Security Affairs. The company did not reveal is third-parties have found and accessed to the S3 bucket.

CMS

CMS Data breaches Passwords Encryption

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

LFI CVE-2018-16763 Fuel CMS 1.4.1 The post EnemyBot malware adds new exploits to target CMS servers and Android devices appeared first on Security Affairs. RCE CVE-2020-5902 F5 BigIP RCE No CVE (vulnerability published on 2019) ThinkPHP 5.X Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

CMS

CMS IoT Security Passwords

Drupal developers fixed a code execution flaw in the popular CMS

Security Affairs

JULY 25, 2022

Drupal development team released security updates to fix multiple issues, including a critical code execution flaw. The post Drupal developers fixed a code execution flaw in the popular CMS appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

CMS

CMS Access Cybersecurity Security

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

The Last Watchdog

MAY 19, 2022

You very likely will interact with a content management system (CMS) multiple times today. For instance, the The Last Watchdog article you are reading uses a CMS to store posts, display them in an attractive manner, and provide search capabilities. Security is essential for a CMS. Best security practices.

CMS

CMS Security Encryption Data breaches

Experts discovered a privilege escalation issue in popular Umbraco CMS

Security Affairs

APRIL 6, 2021

Experts discovered a vulnerability in the popular CMS Umbraco that could allow low privileged users to escalate privileges to “admin.” ” Security experts from Trustwave have discovered a privilege escalation vulnerability in the popular website CMS, Umbraco. “Umbraco version 8.9.0 also seen in 8.6.3)

CMS

CMS Authentication Access Libraries

Credit Card Skimmer campaign targets WordPress via database injection

Security Affairs

JANUARY 13, 2025

Stealthy credit card skimmer targets WordPress e-commerce sites, injecting malicious JavaScript into CMS database tables to evade detection. Sucuri researchers warn of a stealthy credit card skimmer campaign targeting WordPress e-commerce sites by injecting malicious JavaScript into CMS database tables.

CMS

CMS Encryption IT Information Security

Drupal addressed XSS and information disclosure flaws

Security Affairs

SEPTEMBER 17, 2020

Drupal maintainers addressed several information disclosure and cross-site scripting (XSS) flaws in the popular content management system (CMS). Drupal maintainers addressed several information disclosure and cross-site scripting (XSS) vulnerabilities in the popular content management system (CMS).

CMS

CMS Metadata Access Security

Multiple XSS flaws in Joomla can lead to remote code execution

Security Affairs

FEBRUARY 22, 2024

Joomla maintainers have addressed multiple vulnerabilities in the popular content management system (CMS) that can lead to execute arbitrary code. The impact of these flaws can be widespread because roughly 2% of all websites use Joomla, millions of websites worldwide use this CMS. The maintainers of the Joomla!

CMS

CMS Access Cybersecurity Risk

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security Affairs

OCTOBER 26, 2020

Security experts from Imperva have spotted a new sophisticated botnet, tracked as KashmirBlack is believed to have already infected hundreds of thousands of websites by exploiting vulnerabilities in their content management system (CMS) platforms.

CMS

CMS Mining Communications Security

HPE discloses critical zero-day in Systems Insight Manager

Security Affairs

DECEMBER 16, 2020

mxtool -r -f toolsmulti-cms-search.xml 1>nul 2>nul. mxtool -r -f toolsmulti-cms-search.xml 1>nul 2>nul. The post HPE discloses critical zero-day in Systems Insight Manager appeared first on Security Affairs. HPE did not reveal if it is aware of attacks in the wild exploiting the zero-day vulnerability.

CMS

CMS Security IT Access

Magento flaw exploited to deploy persistent backdoor hidden in XML

Security Affairs

APRIL 5, 2024

In this case, the command is sed, which adds a backdoor to the (automatically generated) CMS controller.” generated/code/Magento/Cms/Controller/Index/Index/Interceptor.php The described process allows attackers to establish persistent remote code execution via POST commands. ” reads the analysis published by Sansec.

CMS

CMS Security IT Information Security

Drupal fixed a new flaw related PEAR Archive_Tar library

Security Affairs

JANUARY 22, 2021

and 7 of the popular CMS. “The Drupal project uses the pear Archive_Tar library, which has released a security update that impacts Drupal.” “The Drupal project uses the pear Archive_Tar library, which has released a security update that impacts Drupal.” ” reads the advisory. . bz2, or.tlz files.

Libraries

Libraries CMS Security IT

Hackers abused swap files in e-skimming attacks on Magento sites

Security Affairs

JULY 23, 2024

Threat actors abused swap files in compromised Magento websites to hide credit card skimmer and harvest payment information. Security researchers from Sucuri observed threat actors using swap files in compromised Magento websites to conceal a persistent software skimmer and harvest payment information.

Cleanup

Cleanup CMS File names Analytics

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Security Affairs

OCTOBER 3, 2024

The typical attack strategy is to steal your secret crypt key from app/etc/env.php and use that to modify your CMS blocks via the Magento API. Bad actors use it to read any of your files, such as passwords and other secrets. Then, attackers inject malicious Javascript to steal your customer’s data.”

CMS

CMS Passwords Cybersecurity IT

GoTrim botnet actively brute forces WordPress and OpenCart sites

Security Affairs

DECEMBER 14, 2022

. “Although this malware is still a work in progress, the fact that it has a fully functional WordPress brute forcer combined with its anti-bot evasion techniques makes it a threat to watch for—especially with the immense popularity of the WordPress CMS, which powers millions of websites globally.” ” concludes the report.

CMS

CMS Encryption Risk Passwords

Ghost Squad Hackers defaced a second European Space Agency (ESA) site in a week

Security Affairs

JULY 19, 2020

Their attempt to patch the vulnerability was a fail even after removing their CMS and adding a maintenance index we were still able to get access. ” According to the hackers, the ESA experts have yet to fix the problem, they only removed the installation of the CMS. ” the hackers told me. ” the hackers said.

CMS

CMS Military Access Government

Drupal addressed CVE-2020-13671 Remote Code Execution flaw

Security Affairs

NOVEMBER 19, 2020

In May they addressed XSS and open redirect flaws, while in June they released security updates to address multiple security vulnerabilities, including a “critical” flaw tracked as CVE-2020-13664 that could be exploited by an attacker to execute arbitrary PHP code. Pierluigi Paganini. SecurityAffairs – hacking, Drupal).

CMS

CMS Libraries Security Information Security

Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed

Security Affairs

JUNE 17, 2022

This allowed the attacker to intercept user credentials and session cookies from administrative access to the websites’ content management system (CMS).” ” states the report.”Volexity

CMS

CMS IT Authentication Access

Russian hackers defaced local British news sites

Security Affairs

MAY 13, 2024

Unlike other disinformation campaigns, GhostWriter doesn’t spread through social networks, instead, threat actors behind this campaign abused compromised content management systems (CMS) of news websites or spoofed email accounts to disseminate fake news.

CMS

CMS Military Archiving Security

US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

JANUARY 23, 2022

CVE Number CVE Title Required Action Due Date CVE-2021-32648 October CMS Improper Authentication 2/1/2022 CVE-2021-21315 System Information Library for node.js CVE Number CVE Title Required Action Due Date CVE-2021-32648 October CMS Improper Authentication 2/1/2022 CVE-2021-21315 System Information Library for node.js

CMS

CMS IT Authentication Libraries

A study on malicious plugins in WordPress Marketplaces

Security Affairs

AUGUST 30, 2022

The experts studied the evolution of CMS plugins in the production web servers dating back to 2012, to do this they developed an automated framework named YODA to detect malicious plugins. The number of malicious plugins on WordPress websites has increased over the years, and malicious activity reached a peak in March 2020.

CMS

CMS Paper Security Information Security

Segway e-store compromised in a Magecart attack to steal credit cards

Security Affairs

JANUARY 25, 2022

The store is running the Magento CMS, threat actors used to compromise them by exploiting vulnerabilities in vulnerable versions of the CMS itself or one of its plugins. Researchers noticed the Segway store was contacting a known skimmer domain (booctstrap[.]com)

CMS

CMS IT Security Data breaches

Drupal addresses critical code execution vulnerability

Security Affairs

JUNE 18, 2020

SecurityAffairs – hacking, CMS). The post Drupal addresses critical code execution vulnerability appeared first on Security Affairs. . ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

CMS

CMS Security Access IT

Critical flaw in WPML WordPress plugin impacts 1M websites

Security Affairs

AUGUST 27, 2024

The WPML Multilingual CMS Plugin for WordPress is installed on over 1 million sites. A critical flaw in the WPML WordPress plugin, which is installed on 1 million websites, could allow potential compromise of affected sites.

CMS

CMS Authentication Security IT

Shopping trap: The online stores’ scam that hits users worldwide?

Security Affairs

MARCH 28, 2022

The content of the malicious websites – clones of the official stores – are based on a static Content Management System (CMS) and a PHP API that communicates with a MySQL cluster in the background. Some artifacts related to the static CMS can be found on a GitHub repository from criminals.

CMS

CMS Communications Information Security Passwords

Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 30, 2024

Infosys McCamish Systems data breach impacted over 6 million people A cyberattack shut down the University Hospital Centre Zagreb in Croatia US announces a $10M reward for Russia’s GRU hacker behind attacks on Ukraine New P2Pinfect version delivers miners and ransomware on Redis servers New MOVEit Transfer critical bug is actively exploited New (..)

Security

Security CMS Ransomware Data breaches

Thousands of Magento stores hacked in a few days in largest-ever skimming campaign

Security Affairs

SEPTEMBER 14, 2020

Sansec researchers speculate that tens of thousands of customers of the online stores had their personal and financial information stolen over the weekend. ’ z3r0day declared that he was selling only 10 copies of its exploit.

CMS

CMS Cybersecurity Security IT

WordPress Plugin abused to install e-skimmers in e-commerce sites

Security Affairs

MAY 28, 2024

“Here’s a simple guide to protect your online store: Keep your software patched : Regularly update your CMS, plugins, themes, and any third-party components to patch vulnerabilities. . “In essence, ecommerce sites are prime targets for hackers due to the valuable data they handle.” ” concludes the report.

CMS

CMS Passwords IT Security

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Security Affairs

DECEMBER 1, 2021

“Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. ” reads the security advisory published by Mozilla. The flaw was addressed with the release of NSS 3.73.0. Ormandy recommends vendors of products using the NSS to update their library.

Libraries

Libraries Security CMS Communications

Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins

Security Affairs

JANUARY 16, 2020

WP Time Capsule and InfiniteWP WordPress plugins are affected by security flaws that could be exploited to take over websites running the popular CMS. Experts at security firm WebArx have ethically disclosed vulnerabilities in WP Time Capsule and InfiniteWP plugins, both were patched earlier this month by the developer Revmakx.

CMS

CMS Passwords Authentication Security

Tupperware website has been compromised with a payment card skimmer

Security Affairs

MARCH 25, 2020

The experts from Malwarebytes speculate that the website was hacked because it was running an outdated version of Magento e-commerce CMS. .” Tupperware addressed the issue, now the payment form is currently loading from the legitimate domain cybersource.com. ” concludes Malwarebytes.

CMS

CMS Manufacturing Access IT

Balada Injector continues to infect thousands of WordPress sites

Security Affairs

JANUARY 15, 2024

Doctor Web has discovered a malicious Linux program that hacks websites based on a WordPress CMS. The malicious code was first discovered in December 2022 by AV firm Doctor Web. It exploits 30 vulnerabilities in a number of plugins and themes for this platform. reads the report published by Dr Web.

CMS

CMS IT Information Security Security

Expert found critical flaws in OpenText Enterprise Content Management System

Security Affairs

JANUARY 22, 2023

OpenText Extended ECM is an enterprise CMS platform that manages the information lifecycle by integrating with leading enterprise applications, such as SAP, Microsoft 365, Salesforce and SAP SuccessFactors.

ECM

ECM CMS Authentication Cybersecurity

Ongoing Xurum attacks target Magento 2 e-stores

Security Affairs

AUGUST 14, 2023

Experts warn of ongoing attacks, dubbed Xurum, targeting e-commerce websites using Adobe’s Magento 2 CMS. Akamai researchers warn of ongoing attacks, dubbed Xurum, targeting e-commerce websites running the Magento 2 CMS.

CMS

CMS IT Security Information Security

Ghostwriter disinformation campaign aimed at discrediting NATO

Security Affairs

AUGUST 3, 2020

Unlike other disinformation campaigns, GhostWriter doesn’t spread through social networks, instead, threat actors behind this campaign abused compromised content management systems (CMS) of news websites or spoofed email accounts to disseminate fake news.

Military

Military CMS Security Government

Magecart attacks are still around but are more difficult to detect

Security Affairs

JUNE 22, 2022

The researchers explained that they have generally seen less skimming attacks during the past several months, perhaps because they were more focused on the Magento CMS. Malwarebytes researchers observed the use of 3 different themes by the threat actor to hide their skimmer, named after JavaScript libraries: hal-data[.]org/gre/code.js

Cleanup

Cleanup CMS Libraries Phishing

WordPress WP-VCD malware delivered via pirated Coronavirus plugins

Security Affairs

MARCH 26, 2020

In November 2017, researchers from Sucuri firm discovered a new strain of this malware that injected malicious code in the legitimate files of the two the default themes “twentyfifteen” and “twentysixteen”included in the WordPress CMS in 2015 and 2016.

CMS

CMS IT Security Information Security

Security Affairs newsletter Round 512 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 23, 2025

CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog Atlassian fixed critical flaws in Confluence and Crowd Salt Typhoon used custom malware JumbledPath to spy U.S. Lazarus APT stole $1.5B

Security

Security CMS Phishing Encryption

More than 17,000 WordPress websites infected with the Balada Injector in September

Security Affairs

OCTOBER 12, 2023

“Doctor Web has discovered a malicious Linux program that hacks websites based on a WordPress CMS. The malicious code was first discovered in December 2022 by AV firm Doctor Web. It exploits 30 vulnerabilities in a number of plugins and themes for this platform. ” reads the report published by Dr Web.

CMS

CMS Security IT Information Security

Experts warn of an emerging Python-based credential harvester named Legion

Security Affairs

APRIL 17, 2023

Legion exploits web servers running Content Management Systems (CMS), PHP, or PHP-based frameworks such as Laravel. “From these targeted servers, the tool uses a number of RegEx patterns to extract credentials for various web services. The experts believe that the tool is widely distributed and is likely paid malware.

CMS

CMS Education Cloud Phishing

Adobe fixes Magento flaws that can lead to code execution

Security Affairs

OCTOBER 16, 2020

Other flaws fixed by Adobe include a stored cross-site scripting (XSS) issue (CVE-2020-24408), a user session invalidation bug (CVE-2020-24401), and a security vulnerability that allows Magento CMS pages to be modified without permission (CVE-2020-24404).

CMS

CMS Access Security Information Security

Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs

Security Affairs

FEBRUARY 16, 2024

Threat actors compromised the websites running vulnerable versions of the popular CMS, including 4.4.20, 5.0.21, 5.1.18 Evidence gathered by the experts suggests that that campaign may have begun as early as November 2023. Turla operators used compromised WordPress websites as C2 for the TinyTurla-NG backdoor. php or block[.]old[.]php.

CMS

CMS File names Passwords Access

A flaw in Concrete5 CMS could have allowed website takeover

New Caesar Cipher Skimmer targets popular CMS used by e-stores

Webinars

Trending Sources

The team behind the Joomla CMS discloses a data breach

Webinars

EnemyBot malware adds new exploits to target CMS servers and Android devices

Drupal developers fixed a code execution flaw in the popular CMS

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

Experts discovered a privilege escalation issue in popular Umbraco CMS

Credit Card Skimmer campaign targets WordPress via database injection

Drupal addressed XSS and information disclosure flaws

Multiple XSS flaws in Joomla can lead to remote code execution

KashmirBlack, a new botnet in the threat landscape that rapidly grows

HPE discloses critical zero-day in Systems Insight Manager

Magento flaw exploited to deploy persistent backdoor hidden in XML

Drupal fixed a new flaw related PEAR Archive_Tar library

Hackers abused swap files in e-skimming attacks on Magento sites

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

GoTrim botnet actively brute forces WordPress and OpenCart sites

Ghost Squad Hackers defaced a second European Space Agency (ESA) site in a week

Drupal addressed CVE-2020-13671 Remote Code Execution flaw

Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed

Russian hackers defaced local British news sites

US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

A study on malicious plugins in WordPress Marketplaces

Segway e-store compromised in a Magecart attack to steal credit cards

Drupal addresses critical code execution vulnerability

Critical flaw in WPML WordPress plugin impacts 1M websites

Shopping trap: The online stores’ scam that hits users worldwide?

Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION

Thousands of Magento stores hacked in a few days in largest-ever skimming campaign

WordPress Plugin abused to install e-skimmers in e-commerce sites

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins

Tupperware website has been compromised with a payment card skimmer

Balada Injector continues to infect thousands of WordPress sites

Expert found critical flaws in OpenText Enterprise Content Management System

Ongoing Xurum attacks target Magento 2 e-stores

Ghostwriter disinformation campaign aimed at discrediting NATO

Magecart attacks are still around but are more difficult to detect

WordPress WP-VCD malware delivered via pirated Coronavirus plugins

Security Affairs newsletter Round 512 by Pierluigi Paganini – INTERNATIONAL EDITION

More than 17,000 WordPress websites infected with the Balada Injector in September

Experts warn of an emerging Python-based credential harvester named Legion

Adobe fixes Magento flaws that can lead to code execution

Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs

Stay Connected