Welcome to WebmasterWorld Guest from 54.161.155.6

Forum Moderators: ergophobe

Message Too Old, No Replies

Patch now! Joomla attacked in remote code execution blitzkrieg

     
12:33 pm on Dec 15, 2015 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:7098
votes: 436


Joomla has slung a patch to crush a critical eight-year-old remote code execution vulnerability under active exploitation by attackers.

Sucuri threat man Daniel Cid says hundreds of attacks are now taking place having ramped up from a mere handful Saturday.

[theregister.co.uk...]
4:29 pm on Dec 15, 2015 (gmt 0)

Moderator This Forum

WebmasterWorld Administrator ergophobe is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 25, 2002
posts:8395
votes: 194


Sounds like something on the order of the Drupageddon nightmare where most vulnerable sites in the world were attacked within hours.

This is not something you can do "later." This is a drop everything and get patched.

"The wave of attacks is even bigger, with basically every site and honeypot we have being attacked [which] means that probably every other Joomla site out there is being targeted as well."