Day: 4 marzo, 2020

LLDPD vulnerabilities CVE-2015-8011 and CVE-2015-8012 Security Advisory Security Advisory Description CVE-2015-8011 Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd ... More info: https://support.f5.com/csp/article/K06878231?utm_source=f5support&utm_medium=RSS

PHP vulnerability CVE-2020-7061 Security Advisory Security Advisory Description In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar ... More info: https://support.f5.com/csp/article/K01128223?utm_source=f5support&utm_medium=RSS

PHP vulnerability CVE-2020-7063 Security Advisory Security Advisory Description In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using ... More info: https://support.f5.com/csp/article/K31263502?utm_source=f5support&utm_medium=RSS

https://www.wordfence.com/blog/2020/02/episode-67-avoiding-common-vulnerabilities-when-developing-wordpress-plugins/ Almost every week, a new vulnerability is discovered in a popular WordPress plugin or theme, leaving developers scrambling to fix it before it’s widely exploited. Surprisingly, almost all critical vulnerabilities boil down to a few common mistakes. In this talk from WordCamp Phoenix, Ramuel Gall reviews these common errors and provides advice on creating […] More info: https://www.wordfence.com/blog/2020/02/episode-67-avoiding-common-vulnerabilities-when-developing-wordpress-plugins/

https://www.wordfence.com/blog/2020/02/episode-68-more-plugin-vulnerabilities-and-active-attack-campaigns/ This week, we review numerous plugin vulnerabilities in popular WordPress plugins and the attacks that are targeting them. We also review the Duplicator vulnerability affecting over 1 million sites, and Chloe Chamberland’s discovery of multiple vulnerabilities in the Pricing Table by Supsystic plugin. Some WordPress-focused companies, Elementor and Strattic, receive venture funding. More info: https://www.wordfence.com/blog/2020/02/episode-68-more-plugin-vulnerabilities-and-active-attack-campaigns/

Subset of High-profile, Public, and Documented Cyberattacks Since the early 1970s, when the first computer virus was created, which spurred the creation of the first anti-virus program, malware and cyberattacks have evolved rapidly, leaving cybersecurity struggling to keep pace. Close to 40 years later, breaches show no sign of stopping as the attack surface continues The post History of Destructive Cyberattacks appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2020/03/history-of-cyberattacks.html

https://www.wordfence.com/blog/2020/03/covid-19-and-wordpress-community-engagement-in-2020/ This is an update regarding Wordfence’s community engagement in 2020 along with a recommendation for WordCamps globally and for the global WordPress community. As always, I’m taking a data-driven approach to this post. I present an update from the WHO regarding the containment of COVID-19 in China and what has worked. I then discuss […] More info: https://www.wordfence.com/blog/2020/03/covid-19-and-wordpress-community-engagement-in-2020/