The use of CMS has made web content management quick and easy. On the other hand the complexity of such systems makes them a potential target for attackers, especially if a website is not correctly maintained. The consequences of an intrusion can vary widely but their mitigation always takes a significant amount of valuable time. In this lecture we will examine the methods attackers use to gain access to websites, the consequences of such intrusions and, of course, what needs be done to prevent them in the first place.

Tadej Hren (SI-CERT, ARNES) has been with the Slovenian Computer Emergency Response Team where he has been working within ARNES since 2014.  He is responsible for the coordination of solving network security problems.