Well, is your website built using Joomla development? If so, hurry as Joomla has recently released a powerful security patch which is exclusively launched to arrest a serious glitch that is eight-year-old, which is a remote code execution susceptibility. This particular loophole was attacked and exploited several times and it is observed that the attacks have been consistent and has been increasing as per the experts in Sucuri Firm. It is clearly observed that the attacks have been strong and might affect all the websites that are built using Joomla development. The zero-day effect might be felt on most of the websites since Joomla is a very popular CMS and has been downloaded greater than 50 million times already.
It should be noted that all the websites that are built using Joomla development versions 1.5 and above are affected. Hence, updating the CMS version to the latest patched 3.4.6 version is vital. It should be noted that all the browsing data is not properly filtered during the session values are saved onto the database which might result into the remote code execution vulnerability. It should be noted that the attackers are pushing object injection using the HTTP user agent. Exploits are sent from the IP address 18.104.22.168, 22.214.171.124, and 126.96.36.199. It is also very wise to check for logs in user agents “JDatabaseDriverMysqli” or “O: If you are able to locate these logs. Consider that your website is compromised and report the same to either remediation or incident response phase for further assistance.