Tuesday, March 01, 2016

Breached Credit Union Comes Out of its Shell — Krebs on Security

Breached Credit Union Comes Out of its Shell — Krebs on Security

Swiss systems engineer Claudio Marcel Kuenzler described his investigation of a site that was hacked through the Akeeba Backup function.

“The file was uploaded with a simple GET request by using a vulnerability in the com_joomlaupdate (which is part of Akeeba Backup) component,” Kuenzler wrote, noting that there is a patch available for the vulnerability.