Security Alert regarding Serious CMS Attack

Please note that this is an important security alert regarding serious hacking activity on CMS such as WORDPRESS, JOOMLA etc. installed sites especially on Wordpress sites. There is a serious attack on wordpress sites where a hacker uploads malicious files under the domain and those files are used to remove all contents present under that domain. This is very serious issue and we advice you to take the following immediate actions at your end;

Please note that the issue could be due to one or many among the following;

1. You might be running an outdate version or joomla,wordpress,drupal,whmcs etc
2. You migh not have updated to the latest security release of latest stable version or joomla,wordpress,drupal,whmcs etc
3. There could be files with permission levels other than 644
4. There could be folders with permission levels other than 755
5. You could be using a VULNERABLE THEMES or TEMPLATES or PLUGINS in wordpress,joomla,whmcs,drupal etc
6. Your wordpress or joomla admin login details are simple or compromised
7. Your cpanel login details are simple or weak.

Please do the folllowing immediately,

1. Upgrade your open source cms such as joomla,wordpress,whcms,drupal etc to lastest version
2. Remove unneccessary installations of joomla,wordpress,whmcs,drupal etc
3. Remove or upgrade vulenerable versions of plugins, themes, templates used in wordpress,joomla,whmcs,drupal etc
4. Check the file and folder permissions. See whether they are 644 for files and 755 for folders. If not, change them.
5. Reset your administartor password for joomla,wordpress,drupal,whmcs etc
6. Reset your cpanel and database login details.
7. Always use tough passwords like 3r48d*#R#T&3023r
8. Keep a backup of your domain in your local system for safety purpose

Kindly note that Unless this step is taken it might affect your entire reseller account.

For more information, please refer to

http://wordpress.org/plugins/secure-wordpress/
http://feeds.joomla.org/JoomlaSecurityNews
https://drupal.org/security/secure-configuration
Related Posts Plugin for WordPress, Blogger...

:: Useful web links List