If you use Joomla, please update!
If you use Joomla CMS to run your website and haven’t updated it recently then your site is at risk. Unfortunately many sites have already been affected by this weakness and in these cases it would appear that not only are the files infected, but the databases are also being compromised, adding users with admin rights to the site which give the attackers another avenue to access it.
This weakness is due to Joomla itself, rather than something on our server, and is affecting sites with many providers besides ourselves. More information on the compromise itself can be found here https://blog.sucuri.net/2015/12/remote-command-execution-vulnerability-in-joomla.html
The Joomla team are aware of this issue and have already released an update to patch the vulnerability, which is available as the latest version of Joomla. We have updated our one-click installer to use this latest version.
How to update Joomla
How to keep your site safe
Backup, backup, backup
This is the most important step you can take to keep your site safe. If you hold a safe, clean and recent backup of your site you know you can easily restore if needed.
Keep software up-to-date
Not only does the core installation need to be kept up-to-date but so do any add-ons or plugins you’re using.
Keep away from free versions of premium software
If an add-on or theme usually costs money but a site or individual is offering it for free, be careful. Attackers often hide backdoors in pirate software which will allow them access to your site once you’ve installed it.