Month: junio 2019

https://www.wordfence.com/blog/2019/06/podcast-episode-26-how-hackers-find-vulnerabilities-in-wordpress-with-ryan-dewhurst/ Ryan Dewhurst is an ethical hacker and penetration tester who has developed a number of tools that make finding vulnerabilities in WordPress much easier. Penetration testers are professional ethical hackers that find vulnerabilities so they can be patched before they are exploited. Ryan is one of three contributors to WPScan, a command line tool […] More info: https://www.wordfence.com/blog/2019/06/podcast-episode-26-how-hackers-find-vulnerabilities-in-wordpress-with-ryan-dewhurst/

Intel microprocessors vulnerability CVE-2019-0174 Security Advisory Security Advisory Description Logic condition in specific microprocessors may allow an authenticated user to potentially enable ... More info: https://support.f5.com/csp/article/K18165180

Apache Tomcat vulnerability CVE-2019-10072 Security Advisory Security Advisory Description The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write ... More info: https://support.f5.com/csp/article/K17321505

http://feedproxy.google.com/~r/sucuri/blog/~3/KPkFbILX68M/fake-instagram-verification.html Across various social media platforms there are verification checkmark symbols that appear near the name of the account’s page we view. For example, this verified account indicator seen from our our Twitter page: These verification checkmarks exist as a credibility indicator to help show authenticity and integrity to social media page visitors. In order […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/KPkFbILX68M/fake-instagram-verification.html

F5 tmsh vulnerability CVE-2019-6642 Security Advisory Security Advisory Description Authenticated users with the ability to upload files (via scp, for example) can escalate their privileges to ... More info: https://support.f5.com/csp/article/K40378764

OpenSSL vulnerability CVE-2011-0014 Security Advisory Security Advisory Description ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial ... More info: https://support.f5.com/csp/article/K10534046

OpenSSL vulnerability CVE-2011-0014 Security Advisory Security Advisory Description ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial ... More info: https://support.f5.com/csp/article/K10534046

More info: https://wpvulndb.com/vulnerabilities/9387

https://www.wordfence.com/blog/2019/06/podcast-episode-25-wordcamp-eu-wraps-up-and-wordpress-security-news/ From Berlin we talk about our experience attending the largest WordCamp in the world and then dive into the news. We discuss 2,600 hacked WordPress sites being used for a free proxy service, Iranian cyber attacks, an attack at JPL affecting NASA and a WeTransfer security incident. We also cover a phishing breach at […] More info: https://www.wordfence.com/blog/2019/06/podcast-episode-25-wordcamp-eu-wraps-up-and-wordpress-security-news/

Multiple security issues have been found in Thunderbird which may leadto the execution of arbitrary code if malformed email messages are read. More info: https://www.debian.org/security/2019/dsa-4471