Astra Web Security Blog - Website & CMS Security News

astra, web, security, blog, website, cms, security, news

Joomla 3.8 Patches Critical 8-Year Old Vulnerability

Joomla, one of the world's most popular CMS powering over 3.3% of world's websites, recently patched a critical vulnerability which has persisted in its content management system for 8 years. Leveraging this vulnerability could allow an attacker to steal administrator login credentials, paving way for further key information theft. This appalling revelation reveals the vulnerable state of CMSs which often go…

In 2016, the Magecart infrastructure, notoriously known as a fraudulent payment stealing script was making waves across the e-commerce industry. Named so because it largely targeted e-commerce platform giants like Magento, Powerfront CMS and OpenCart, leading to massive theft of credit card information from these e-commerce sites. However, even a year later, the Magecart issue hasn't been dissolved and remains a…

Magento SUPEE-10266 and New Versions: Update Immediately

Magento, one of the most favored e-commerce platforms, is often a target for cyber-criminals. Its huge popularity owes to its strict security practices, a timely update of system core and immediate fixes to security issues. Magento's latest security update contains multiple security enhancements. These updates relate to the Magento Open Source (formerly Community Edition) and Magento Commerce (formerly Enterprise Edition).…

Wordpress, the juggernaut CMS powering more than 1 billion websites, most notable ones being Techcrunch, The New Yorker, Sony, and MTV among many other, is not devoid of vulnerabilities when it comes to website security. Recently, one of its most popular plugins, WP Statistics, was deemed as flawed, rendering nearly 300,000 websites open to exploitation by attackers online. The plugin WP Statistics has…

TED is a nonprofit organization spreading great ideas. TED works with the tagline, " Ideas worth spreading". Since its start, TED has been renowned with the inclusion of subject expert speakers with groundbreaking and Eye-opening ideas revolutionalising our thought process. Astra brings you the collection of 5 best TED Talks on the topic of Cyber Security. Why I teach people…

Powering nearly 75 million websites globally and deemed as the most favorable CMS platform of all, Wordpress is widely used by most online retailers and entrepreneurs when it comes to conducting online business. The popularity splurges as the CMS adheres to a ready-to-use, SEO friendly and mobile compatible templates. A plethora of Wordpress plugins are available today, which carries out…

2017 has been the year of cyber attacks. From the infamous Petya ransomware attack, the havoc wreaking WannaCry attack and the Magecart payment stealing scam, the number of data breaches and information theft is escalating more than before. On one hand, while companies and financial institutions are worse at keeping sensitive information safe, hackers are developing unprecedented techniques to conduct…

The importance of privacy was recognized from archaic times when in 300 B.C. when Aristotle differentiated the public and private sphere of one's life. Fast forward to the current era of connected devices and internetworked technologies, making it difficult to keep the private information actually private. Most of the times we end up sharing crucial information on the internet, which…

About the Joomla SQLi If you are using the version 3.7 of popular CMS Joomla! an update awaits your approval. The version 3.7 suffers from a severe SQLi (SQL Injection) vulnerability with a dread score of 8.6/10 and easy exploitation. An update for the same was released in next patch. All details for the same have been mentioned below. Identifying…

Close