Search for any article in the internet or for a certain company, institution, organization, etc..

which has a case/scenario related to Information Security Threat or Information Security mismanagement.

Make this as a case study by pointing out the following in your paper.
1. Narrate what were the specific problem(s) encountered related to information security.
I have been using Joomla for years now and still love it. My site was hacked recently and no real
damage was done just an homepage redirect and site title changed.

To be honest my Joomla was kept pretty clean, the only addons I had were a contact form, calendar,
and forum. They were updated too!

Here is what the hacker left.
<mod deleted>

The disturbing thing is this guy is out to destroy Joomla, take a look what happens when I type his
name (<mod deleted>) in google.
<mod deleted>

The only thing I am unsure about was the file settings I assigned to files in "htdocs" with FTP. For
instance I set permissions to some folders to 777, but didn't think that effected web users.

Anyway Just thought I'd put his name or so called name on this forum so we have a note of him.

2. Who were the person(s) involved and their responsibilities and how they contributed to the problem.

Dean Marshall Consultancy's team of professional security experts understand web technology. As
experts in the Joomla CMS, you can trust us to help you with all of your website security needs.
Contact us now for our Joomla security services and we could harden the security of your existing
website, offer security advice about your server set-up and best practise for website administrators.


3. How would you able to solve the problem if your are an information analyst....
Security is an ever growing concern for website owners, especially websites that use Content
Management Systems such as Joomla. Content Management Systems give you the power to manage a
website with ease, giving you access to a wide number of files that you put within your website (at
present the Joomla 2.5 CMS provides you with 4,500+ Files and 1,000+ folders. That's even before you
install your extensions). Hackers are able to download copies of these CMSs and look for any
vulnerability that will give them access to your web space.

Many website owners often forget about the 'nitty gritty' of running a website. They concentrate on
adding/updating content and forget to update Joomla and any installed extensions until it's too late.
Many of times we are contacted after a website has been hacked where the webmaster has forgotten
to update the core and extensions. Some didn't know how to and some webmasters made changes to
the core Joomla files which would have been overwritten with the update - editing 'core' Joomla files
should never be done!

Review and action Security Checklist to make sure you've gone through all of the
steps (please note some steps are optional, but please review them all).
Change all passwords and if possible user names for the domains control panel,
mysql, FTP, Joomla! Super Admin, and Joomla! Admin password; do change them
often. Passwords should be at least 12 mixed alphanumeric characters and contain
no common word phrases.
Do not use the standard Admin user, disable it. If you need to reset your admin
password, see these instructions.
Delete and Replace all templates and files with clean copies,
Check and/or replace all .pdf, image, photo files for exploits. Delete any that are
suspicious
Check you server logs for IP's calling suspicious files or attempting POST commands
to non-form's
Use proper permissions on files and directories. They should never be 777
[1]
, but
ideal is 644 for files and 755 folders.
Disable anonymous FTP