Apache mod_http2 vulnerability CVE-2018-11763
More info:
https://support.f5.com/csp/article/K28902827
PDF & Print <= 2.0.2 – Unauthenticated Cross-Site-Scripting (XSS)
https://wpvulndb.com/vulnerabilities/9134
More info:
https://wpvulndb.com/vulnerabilities/9134
OWASP Top 10 Security Risks – Part I
http://feedproxy.google.com/~r/sucuri/blog/~3/J-7GSzBTmbw/owasp-top-10-security-risks-part-i.html It is National Cyber Security Awareness Month and in order to bring awareness to what threatens the integrity of websites, we would like to start a series of post on the OWASP top 10 security risks. OWASP stands for the Open Web Application Security Project, an online community that produces articles, methodologies, documentation, tools, […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/J-7GSzBTmbw/owasp-top-10-security-risks-part-i.html
VMware Security Advisory: VMSA-2018-0024
Today VMware has released the following new and updated security advisories: VMSA-2018-0024 – https://www.vmware.com/security/advisories/VMSA-2018-0024.html Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories. Customers should review the security advisories and direct any questions to VMware Support.The post VMware Security Advisory: VMSA-2018-0024 appeared first on VMware Security & Compliance Blog.
More info:
https://blogs.vmware.com/security/2018/10/vmsa-2018-0024.html
DSA-4309 strongswan – security update
Googles OSS-Fuzz revealed an exploitable bug in the gmp plugin caused by thepatch that fixes CVE-2018-16151 and CVE-2018-16151 (DSA-4305-1).
More info:
https://www.debian.org/security/2018/dsa-4309
Supporting Referrer Policy for CSS in Firefox 64
The HTTP Referrer Value Navigating from one webpage to another or requesting a sub-resource within a webpage causes a web browser to send the top-level URL in the HTTP referrer field. Inspecting that HTTP header field on the receiving end … Continue readingThe post Supporting Referrer Policy for CSS in Firefox 64 appeared first on Mozilla Security Blog.
More info:
https://blog.mozilla.org/security/2018/10/02/supporting-referrer-policy-for-css-in-firefox-64/
RHSA-2018:2835-1: Moderate: firefox security update
Red Hat Enterprise Linux: An update for firefox is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2018-12383, CVE-2018-12385
More info:
http://rhn.redhat.com/errata/RHSA-2018-2835.html
SSL vs. Website Security
http://feedproxy.google.com/~r/sucuri/blog/~3/feaU-I06P70/ssl-vs-website-security.html Having a website today is way easier than it was 10 or 15 years ago. Tools like content management systems (CMS), website builders, static site generators and alike remove a lot of the friction around building and maintaining sites. But, is there a price for such convenience? I would dare to say that one […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/feaU-I06P70/ssl-vs-website-security.html
My WordPress website got hacked after restore. Again! Why?
https://blog.threatpress.com/wordpress-website-hacked-repair/Quite often we hear about the repeated security incidents related to WordPress sites. This is not something specific to WordPress sites, it’s more about site maintenance and security management. Most repeated site hacks occur due to the unprofessional restore of sites after previous incidents when the consequences are fixed, but not the causes. Correct security […]
More info:
https://blog.threatpress.com/wordpress-website-hacked-repair/
PDF & Print <= 2.0.2 – Unauthenticated Cross-Site-Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9134