Linux kernel vulnerability CVE-2018-5391 Security Advisory Security Advisory Description The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially ...
More info:
https://support.f5.com/csp/article/K74374841
Linux kernel vulnerability CVE-2018-5391 Security Advisory Security Advisory Description The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially ...
More info:
https://support.f5.com/csp/article/K74374841
- La ciudad más afectada ha sido Albany, capital del estado, donde algunos de sus servicios dejaron de operar con normalidad.
El fin de semana pasado el gobierno de Nueva York anunció que la ciudad sufrió un ataque de ransomware que consiguió comprometer algunos de los sistemas administrativos del gobierno. El ataque se enfocó casi exclusivamente en el área de Albany, capital de Nueva York, y afectó el funcionamiento regular de algunos de los sistemas de la ciudad, de los cuales algunos continúan sin poder operar de forma regular.
“La ciudad de Albany ha sido víctima de un ataque de ransomware; estamos realizando las investigaciones correspondientes para determinar el alcance e impacto total del incidente”, declaró Kathy Sheedan, alcaldesa de Albany. Por ahora, los habitantes que deseen obtener copias de sus certificados de nacimiento, matrimonio y licencias, entre otros, deberán esperar al restablecimiento de los sistemas afectados o dirigirse a sedes aledañas alternativas.
Representantes del sindicato de oficiales de policía de Albany declararon recientemente que, por el momento, no cuentan con acceso a algunos de los sistemas de la policía local, como los sistemas de calendarización, email corporativo o cualquier sistema que requiera conexión a Internet para su funcionamiento. Algunos oficiales incluso afirmaron que el ransomware ha afectado a sistemas instalados en las patrullas.
“Debido a esta situación, nuestra capacidad de respuesta a incidentes puede verse afectada, pues nuestras herramientas de trabajo no están funcionando del todo”, afirmaron los representantes del sindicato. “Los sistemas informáticos de una corporación policial deberían ser más difíciles de hackear”, concluyeron.
Noticias de Seguridad (02/04/2019)
Más información
https://www.wordfence.com/blog/2019/04/podcast-episode-5-the-pipdig-scandal-and-an-interview-with-raquel-landefeld/ This week I chat about the Pipdig controversy in full with Mikey Veenstra and Kathy Zant. Kathy and I cover the news. And we have an amazing interview with Raquel Landefeld who is a community organizer for WordPress, co-founder of agency Mode Effect and a well known and loved personality in the WordPress community. […]
More info:
https://www.wordfence.com/blog/2019/04/podcast-episode-5-the-pipdig-scandal-and-an-interview-with-raquel-landefeld/
http://feedproxy.google.com/~r/sucuri/blog/~3/5dQ2CXg13JM/typo3-overtakes-wordpress-cms-attacks-popularity.html It all started with a Twitter Poll we put out a couple of weeks ago, trying to find out what is the most used CMS by our customers. We added the usual suspects in the poll options; WordPress, Joomla, Drupal. We casually added an “Other” option, just in case someone was using a rare […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/5dQ2CXg13JM/typo3-overtakes-wordpress-cms-attacks-popularity.html
https://wordpress.org/news/2019/04/minimum-php-version-update/WordPress 5.2 is targeted for release at the end of this month, and with it comes an update to the minimum required version of PHP. WordPress will now require a minimum of PHP 5.6.20. Beginning in WordPress 5.1, users running PHP versions below 5.6 have had a notification in their dashboard that includes information to […]
More info:
https://wordpress.org/news/2019/04/minimum-php-version-update/
https://wpvulndb.com/vulnerabilities/9247
More info:
https://wpvulndb.com/vulnerabilities/9247
https://www.wordfence.com/blog/2019/04/pipdig-update-dishonest-denials-erased-evidence-and-ongoing-offenses/ In last week’s post, we reported on some concerning code identified in the Pipdig Power Pack (P3) plugin. The plugin, which is installed alongside WordPress themes sold by Pipdig, was found to contain a number of suspicious or malicious features. Among these features were a remote “killswitch” Pipdig could use to destroy sites, an […]
More info:
https://www.wordfence.com/blog/2019/04/pipdig-update-dishonest-denials-erased-evidence-and-ongoing-offenses/
https://www.wordfence.com/blog/2019/03/peculiar-php-present-in-popular-pipdig-power-pack-plugin/ This week, our team was notified of suspicious code present in a plugin offered alongside themes sold by Pipdig, a UK-based web development team. The user, who wishes to remain anonymous, reached out to us with concerns that the plugin’s developer can grant themselves administrative access to sites using the plugin, or even delete […]
More info:
https://www.wordfence.com/blog/2019/03/peculiar-php-present-in-popular-pipdig-power-pack-plugin/
https://perishablepress.com/security-obscurity/ ob·scure/əbˈskyo͝or/adjective 1. not discovered or known about; uncertain. In the purely literal sense, the concept of obscurity applies to every transaction on the Web. The HTTP request knows not, nor could possibly know, the actual response it will receive from the server. There is only expected response. Online nothing is certain until it is. […]
More info:
https://perishablepress.com/security-obscurity/
