Late last year we sent a delegation to Kiwicon, a digital security conference held in Wellington. We attend Kiwicon every year – it’s just one of the many ways we strive to stay ahead of the latest threats and keep abreast of the newest innovations in the ever-evolving world of online security.
The timing couldn’t have been better. Just a week later our development team, armed with the new knowledge they’d amassed at Kiwicon, became one of the first in the world to discover a security vulnerability in the Joomla! Content Management System (CMS) core.
This vulnerability affected the vast majority of Joomla! versions (from 1.5.0 through 3.4.5), and allowed attackers to completely take over targeted websites. It’s not always obvious when a website has been affected, allowing the attackers a window of opportunity to use the site for phishing, to send spam, to obtain sensitive information or to redirect payments. The repercussions are far reaching and include loss of trade, corruption of data and possible blacklisting by search engines, including Google.
We worked directly with the Joomla! security team to address this new threat, and an urgent update (with accompanying patch) was released mid-December.
We then set about contacting any of our clients’ whose sites that had been affected, applying the patch/updates where appropriate or, in scenarios where older versions of Joomla! were in use, recommending upgrades.
For those clients signed up to E2 Digital’s Hosting, Monitoring and Maintenance plans all updates, including this severe vulnerability uncovered in December, are handled by our in-house team as soon as they arise. If you’d like to learn more about these plans, and how to keep your digital assets safe, please don’t hesitate to get in touch.