According to this new post on DevShed, there have been several targeted attacks against U.S. bank websites (DDoS), some of which involved the compromise of PHP-based applications.

Once the hackers got into the PHP-based websites, they inserted toolkits to turn them into launch pads for their distributed denial-of-service attacks. Hackers then launched the attacks on banks by connecting directly to the compromised PHP-based websites and sending them commands, or took advantage of intermediate servers, proxies or scripts to make the websites do their bidding. InformationWeek lists three attack tools used by the hackers: KamiKaze, AMOS, and the "itsokaynoproblembro" toolkit, also known as Brobot.

Several major banks have been targeted including Bank of America, JP Morgan/Chase, HSBC and Well Fargo. The main problem was out-of-date software running on the site containing known security issues the attackers could exploit to install their own software.

If a hacker can break into a PHP-based website to use it as a staging area for an attack on a different website, they can also use that website to store stolen information. InformationWeek cited the example of the Eurograbber attack campaign, revealed earlier this month. The gang involved in that campaign stole $47 million from more than 30,000 corporate and private banking customers - and used PHP-based websites into which they hacked to store stolen information.

Without a doubt, two of the most popular PHP-based projects out there are WordPress and Joomla. In this new post from SitePoint they compare the two on the basis of both their support and community (part 4 of a 5 part series).

Let's face it, an open-source content management system without a thorough user base, support system and community is destined for failure. We are comparing two giants in the CMS game here, so we already know they must be doing many things right in these departments. In this part of our series, we're going to be covering exactly what Joomla and WordPress have to offer when it comes to the support community.

Their comparison includes things like: WordPress.org vs Joomla.org, their respective support forums, other initiatives surrounding them and places you can find others to help you in your WordPress or Joomla work.

Michael Babker has a new post to his blog talking about how recent opinions might be the death of Joomla! and how, unless things change, it could take its toll on the project.

It's quite obvious that the state of Joomla! is not one of stability, as evidenced by recent threads on the Joomla! Bug Squad. Threads such as Help in admin menu, Thanks but no thanks, and The purpose and tone of the bug squad list all demonstrate that there is a severe rift between the leadership and the community, and within members of the community as well. Simply put, now is not the time for the Joomla! community, especially the volunteers of the Joomla! Bug Squad, to fall apart.

In his opinion, the Joomla community can't continue to function like this without causing the project to collapse under itself. Pushing away the new developers just wanting to help and putting egos ahead of good contributions only hurts things.

The Joomla! Project CAN NOT go on in this state. Chasing away the volunteers will not do anything productive. Putting your own ego before the collective Joomla! ego will not do anything productive. Not having an open mind will not do anything productive. And being overly offended by the use of a certain term by a non-English speaker certainly will not do anything productive. Change needs to happen.

On JoomlaBlogger.net there's a recent post that wants to help you understand the Joomla templating system in "five easy steps".

There are very few tutorials on how to build templates. There are two books and a handful of other resources scattered around the web. So, we set out to build the very best template class we could. Here are first five sessions of the class: Joomla templates are not rocket science. You can learn how to build and modify them. We can show you how. Interested?

They break it up into the basic parts:

• Template setup and templateDetails.xml
• Index.php
• CSS/Cascading Style Sheets
• Images
• Security

In a new post to the jfoobar blog today Wilco Jansen looks at two methods of profiling available to Joomla CMS users to help get the most performance out of your PHP applications - one onside Joomla and the other using XDebug.

In this article I want to explain the basics of profiling and profiling tools available in Joomla and PHP. In follow up articles I will explain the usage of the tools presented in this blog. I will also try to set up a performance analyses so we can see what the state of Joomla 1.6 is, but that is also for later concern. This article is based on tools that are freely available for almost all platforms.

The post is pretty quick and is more of an exposure to the two technologies than a detailed guide. Enabling the Joomla profiling is just a matter of turning on the "Debug System" command in the "Global Configuration" panel to add additional data to the logs. On the PHP side (at a lower level) you can get even more detail with XDebug including the output of a cachegrind file that can be tool through a tool for better visualization (like KCacheGrind or Webgrind).

On PHPBuilder.com today Voja Janjic has written up a "top ten" list of the most useful Joomla components you can use for your Joomla-based site.

Joomla, the PHP-based, open-source content management system (CMS), has grown in popularity thanks to its wealth of templates, modules and components, as well as its ease of installation. In this article I present the most useful Joomla components I have found in my Web development. They cover everything from e-commerce to internationalization to SEO

Components that made the list include:

• JCE (content editor)
• JoomFish (multilingual features)
• FlexBanner
• AdsManager

Each item has a brief description of what it does and a link of where to find the latest version.

Koen Kuipers of the FinishJoomla.com site pointed us to a new post that gives some usage numbers about how many groups out there are using the popular content management system to power their sites.

We all know that Joomla is a tremendously popular CMS. In the past several attempts have been made to estimate the number of websites using Joomla. While these attempts were worthy contributions to the discussion, all of them were using their own methods and therefore had their own shortcomings. Several of the earlier attempts will be discussed and a new method for estimating the number of websites that use Joomla will be presented.

They look at the methods used by previous studies and how their method is different using this "new method". They've broken it down by number of sites, then number of domains, then total number of active domains based on publicly available statistics from other groups. In the end, out of the huge number of sites available on the web today, they came up with the number of around 1.5 to 2 million of them to be running Joomla.

In the latest post to his blog Josh Holmes talks about some of the things Microsoft is doing to contribute back to the Open Source community including code contributions and services they offer.

However, the thing that's really exciting to me is that what [Microsoft signing the Joomla! Contributor Agreement] means is that the Microsoft legal department has signed off on writing GPL'd code under the right circumstances. That's awesome! It's a clear demonstration of how far Microsoft has come in it's commitment to OSS projects.

He mentions a few of the projects they give back to including IronRuby, the Linux kernel, it's CodePlex project hosting service and many, many more (over 400 of them). There's also contributions that have been made from other teams too, like the work the SQL Server team has done on PHPBB.

AjaxLine has published what they consider to be the most useful and best extensions for your Joomla install for the month of March. The list includes:

• sigplus Image Gallery Plus
• Ninja RSS Syndicator (aka BCA RSS)
• Latest Events Teaser for Eventlist
• AllNews
• Jafilia
• MultiAds(Make Adsense and YPN Easy)
• Code For Blog

You can find these and many, many more over on the Joomla extensions site.

On the Joomla community site there's a recent post made of a video from the Joomla Day conference in Australia about creating a Joomla template from scratch. The presenter is Norm Douglas.

Norm Douglas recently presented about how to create a Joomla template from scratch at the Joomla Day in Melbourne, Australia, on 13 February 2010. This is a very informative 77 minute presentation and also covers using the Firebug Firefox addon, code editors and much more.

He covers some simple tools you get you started, the basics of HTML to create a sample layout and looks at CSS definitions that can make the layout look a bit better. Firebug (the plugin for Firefox) helps make locating the different parts of the page easier with a highlighting feature.