Joomla Critical 0day Remote Command Execution Vulnerability - Patch Now

A vulnerability that affects all versions of Joomla from 1.5.0 to 3.4.5 have just been released (CVE-2015-8562). 

The Joomla security team released a patch to address this critical remote command execution vulnerability that is already being exploited in the wild. 

Joomla is one of the most popular Content Management Systems (CMS), alongside Wordpress, Drupal and Magento. Joomla CMS is used to build web sites and online applications in conjunction with the many supported shopping cart, e-commerce and payment gateway extensions.  

Joomla users need to upgrade to version 3.4.6 immediately. For Joomla 3 and above, updating is a simple one-click process through the admin panel. For the unsupported versions 1.5.x - 2.5.x the users need to patch using the Joomla hotfixes.

Combating cybercrime during the holidays. Advice for retailers and shoppers

Online shopping, especially during the holiday period, is a massively important trading platform for many businesses. For online retailers their ability to service high customer demand and ensure the availability of their website throughout this period is crucial to their success.

The shopping frenzy has already started, with the adoption of Black Friday and Cyber Monday in many countries adding additional pressure on high street, and online retailers. In the UK and Europe, this only increased further during the holiday week and the discounts the day after Christmas. With these periods being hugely busy on the high street, an increasing number of shoppers are moving to the Internet to hunt for their bargains.

During this overwhelming period of spending, online retailers and shoppers need to be wary since this also is a lucrative period for Cybercriminals. In this article, we have highlighted a few key steps retailers and shoppers can take to keep themselves safe from cybercrime during the holidays.

Restore Points in Windows 8.1

How to create a Restore Point:
1. Press the WinKey+X to display the system menu and click System.
2. On the left side menu, click System Protection.
3. In the Protection Settings section, click the C: (system) drive.
4. Click the Create button.
5. Type a name for the System Restore file (The Date and Time will be added automatically).


Rolling Back to a Restore Point in Windows 8.1:
1.Save your work and then close all running programs.
2.Press the WinKey+X to display the system menu and click System.
3.On the left side menu, click System Protection.
4.Click the System Restore button.
5.Click Next
6.Select the restore point you’re considering and then click the Scan for Affected Programs button.
7.If you don’t see any major problems with the restore point click Close, and then click Next.
8.Follow the instructions to save any open files, close all programs, and then click Finish.

IRISSCON 2015 Recap - IRISSCERT

I had the pleasure of attending the 7th Irish Reporting and Information Security Service Computer Emergency Response Team (IRISSCERT) Cyber Crime conference (#IRISSCON) in Dublin, Ireland. See: www.iriss.ie

The event took place on Thursday, 19/Nov/2015 in the Berkley Court Hotel, in Ballsbridge Dublin. 

The annual all-day conference focuses on providing attendees with an overview of the current cyber-threats most businesses are facing; primarily in Ireland and throughout the world. During IRISSCON, experts share their thoughts and experiences on cybercrime and cybersecurity, while a number presentations provide the opportunity all attendees to discuss the issues that matter the most.

Thought leaders from the industry, academia and the government present at IRISSCON and the main audience is primarily the business community within Ireland, discussing the following topics:

• Cyber Crime
• Cyber Security
• Cloud Security
• Incident Response
• Data Protection
• Incident Investigation
• Information Security Threats
• Information Security Trends
• Securing the Critical Network Infrastructure

In case you are not aware of this, IRISSCERT is a not-for-profit company that provides a range of free services to Irish businesses, related to Information Security issues. Effectively, the mission is to help raise the awareness and counter the security threats posed to Irish businesses and its Internet space. 

POS Malware Alert - AbaddonPOS and Cherry Picker

Two new malware files have been identified targeting point-of-sale (POS) terminals called AbaddonPOS and Cherry Picker. 

The AbaddoPOS malware is delivered by the Angler Exploit Kit or through an infected Microsoft Office document. The malware targets the memory of all processes running on the infected system (excluding its own memory space) looking for card data. Once the card data has been found, it is sent back to a Command and Control (C&C) server. 

The Cherry Picker also targets card data but there is some further functionality built-in to it. It tries to clean up after itself and this is the main reason why it went undetected for such a long time. Another characteristic of the Cherry Picker is that it focuses on just one process that is known to contain card data. That way it attracts as little attention as possible, compared to trying to target all running processes on the infected system.