OpenSSH vulnerability CVE-2004-1653 Security Advisory Security Advisory Description The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users ...
More info:
https://support.f5.com/csp/article/K40663742?utm_source=f5support&utm_medium=RSS
If you need to change your WordPress password, you might be panicking. You’ve lost access to your site and you don’t know how to get in again. Try a free demo Help! Typically this occurs when someone simply forgets their WordPress password, they don’t have access to their email for a standard password reset, or […]
More info:
https://kinsta.com/blog/change-wordpress-password/
Intel CPU vulnerabilities CVE-2020-0528, CVE-2020-0529 Security Advisory Security Advisory Description CVE-2020-0528 Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th ...
More info:
https://support.f5.com/csp/article/K41774512?utm_source=f5support&utm_medium=RSS
This week, we look at the WP 5.4.2 release and a ransomware bitcoin scam targeting site owners with a “You’ve Been Hacked” email. We also look at an FBI warning about online banking app malware, the Verizon data breach report and what is says about WordPress, and how some white hat hackers are becoming millionaires […]
More info:
https://www.wordfence.com/blog/2020/06/episode-77-wordpress-5-4-2-released-fake-ransomware-bitcoin-scams/
WordPress Core version 5.4.2 has just been released. Since this release is marked as a combined security and bug fix update, we recommend updating as soon as possible. With that said, most of the security fixes themselves are for vulnerabilities that would require specific circumstances to exploit. All in all this release contains 6 security […]
More info:
https://www.wordfence.com/blog/2020/06/wordpress-5-4-2-patches-multiple-xss-vulnerabilities/
WordPress security is not unlike many other areas of IT security. It’s not a one time fix. It is something that is never actually finished. Whilst there are several steps you can take to improve your WordPress security, your site and business requirements will change. So adopting a point-in-time security assessment will only give you […]
More info:
https://www.wpwhitesecurity.com/wordpress-security-process-test-harden-monitor-improve/
WordPress security is not unlike many other areas of IT security. It’s not a one time fix. It is something that is never actually finished. Whilst there are several steps you can take to improve your WordPress security, your site and business requirements will change. So adopting a point-in-time security assessment will only give you […]
More info:
https://www.wpwhitesecurity.com/wordpress-security-process-test-harden-monitor-improve/
New WordPress plugin and theme vulnerabilities were disclosed during the first half of June, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. New WordPress plugin and […]
More info:
https://ithemes.com/wordpress-vulnerability-roundup-june-2020-part-1/
WordPress 5.4.2 is now available! This security and maintenance release features 23 fixes and enhancements. Plus, it adds a number of security fixes—see the list below. These bugs affect WordPress versions 5.4.1 and earlier; version 5.4.2 fixes them, so you’ll want to upgrade. If you haven’t yet updated to 5.4, there are also updated versions […]
More info:
https://wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release/
NGINX Controller API Vulnerability CVE-2020-5901 Security Advisory Security Advisory Description Undisclosed API endpoints may allow for a reflected Cross Site Scripting (XSS) attack. If the ...
More info:
https://support.f5.com/csp/article/K43520321?utm_source=f5support&utm_medium=RSS
