You can't fool me when it comes to SPF, DKIM, and DMARC!

March-DKIM

Every day, we send and receive emails, and often, these contain important information that we want delivered securely and for the intended recipient's eyes only. When important things end up in the spam folder, it is a pain… but this is an inconvenience that you can address with a degree of success.Since we are bombarded with fake emails, spam and spoofs trying to trick and do us harm, fighting spam is necessary. If you send emails, there’s a number of tools you can (or should) use to not be classified as spam and show you’re legit: SPF, DKIM and DMARC. 

Continue reading
  923 Hits

In cyberspace where dangers creep

2023-JCM-Template-cyberspace-poem

In cyberspace where dangers creep,
Your secrets kept are not that deep,
Beware the hackers, lurking near,
They'll steal your data, and cause you fear.

Continue reading
  368 Hits
Tags:

Extended Security Support for Joomla 3.x - giving an old friend another chance

July-J3Support

August 17, 2023 marks an historic date for the Joomla project: after more than 10 years, the project’s support for the 3.x version comes to an end. However there are still plenty of 3.x sites in the wild, some of them unable to migrate to 4.x in the remaining time frame. Do these sites need to be switched off in a couple of weeks?

Continue reading
  17711 Hits

How my new Joomla 4 website got hacked

JCM-November-How-my-Joomla4-website-got-hacked1

At a quarter past midnight, just when I went to bed, I decided to check my email. I was away in the Ardennes (Malmedy, Belgium) with a few work friends.

Continue reading
  33911 Hits

New to Joomla 4.2, Multi-factor Authentication (MFA)

October-J42-Multifactor

With 4.2, we now have a new way to authenticate our sites. Two-factor Authentication has grown outdated with many new authentication methods arriving, so along comes Multi-factor Authentication (MFA).

Continue reading
  15631 Hits

Who’s snooping around your website?

August-Hacking

What makes a website a target of attack?  Is your website a potential target?  Do you know if your website is being targeted?

Continue reading
  1630 Hits

Joomla 3.10 enters the Security Support Phase

May-J3.10

Joomla 3 has been around for a long time. It is easy to forget how successful the series has become and how much it has evolved over the course of the minor versions.

As it approaches its final year as a mature, stable version of Joomla, it is about to enter its security support phase.

Continue reading
  32720 Hits

Joomla’s New HTTP Headers Plugin For J4

HTTPHeaders

Following on from last month's article about security, passwords, and Joomla’s WebAuthn plugin this month, we’re going to look at another Joomla security feature that launched with J4. That is the HTTP Headers plugin which is now included as part of Joomla’s core functions.

Continue reading
  37502 Hits

A Dive into the WebAuthn API in Joomla 4

WebAuthn-Passwordless-Login

Have you noticed there’s a new Web Authentication button on the new Joomla 4 login screens?

It's there because of Joomla’s new WebAuthn API that allows secure logins with a FIDO certified key. So, let's take a dive into passwords, security, and WebAuthn, and find out how to activate it on your user account in Joomla 4.

Continue reading
  33071 Hits

A Security Overview of Joomla’s Checking and Validation of File Uploads

September-Security

Content Management Systems are what you choose when you are not willing to build and to administrate a whole new front and backend for a website and if your content creators are not familiar with developing source code. While running your Joomla CMS there could come new demands in the matter of functionality or design from you or your users. The fast and easy way is to install a plugin that will do the magic. But that may lead to new vulnerabilities in your system. In particular, file uploads are a possible attack vector. In this article, we will talk about vulnerabilities through files and plugins.

Continue reading
  3773 Hits
Tags:

By accepting you will be accessing a service provided by a third-party external to https://magazine.joomla.org/