Is the Joomla CVE in Your Enterprise Digital Footprint?

Thursday, November 12, 2015

Peter Zavlaris


CVEs are a fact of life for security professionals. There isn’t a network, anywhere in the world that is impervious to them. Your adversary relies on them to hack into your network or takeover your website. Learn what you can do to find CVEs before your foe.

According to the security firm Sucuri, as many as 2.8 million sites have been vulnerable to SQL injection for two years due to vulnerabilities in version 3.2 of Joomla, the popular open source CMS software.

Joomla is the second most popular CMS according to w3Techs. It owns 6% of the market, which equals roughly 3 million sites.

For those in the business of spreading malware or phishing scams, this is a huge opportunity. The math is simple: hacking Joomla = pwning 2.8 million websites.

In this blog, the hacker credited for breaching security firms Gamma Group and Hacking Team, explains how he or she mapped Gamma Group’s digital footprint and found their way into the network.

So how can organizations catch up to the adversary? The problem is companies have the data sources, but lack actionable intelligence. This data is often out of date and lacks historical perspective or context. Instead, organizations need relevant information that enables security analysts to conduct focused investigations.

Enterprise Digital Footprint technology creates a catalog of the digital assets (i.e. websites, applications, IPs, ASN information, WHOIS, and DNS) associated with the company and its brand(s). It exposes what attackers see and provides an accurate, comprehensive, and sortable index of the organization’s footprint online--both good and bad.

This model can be used to identify and sort a list of Joomla 3.2 instances running in the company’s digital footprint. Their footprint reveals where the assets came from, who is responsible for them, and which, if any, of these assets can provide attackers access to the organization's network. You can take whatever steps you need to plug the holes.

The Digital Footprint approach turns the Internet into a research lab and levels the playing field, illuminating your company’s digital footprint and exposing your adversaries’ digital footprint so you can address weaknesses and block attacks.

Possibly Related Articles:
Joomla Vulnerability Enterprise Digital Footprint
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.