Greetings from VMware Security Response Center ! We wanted to post a quick acknowledgement that VMware will be a part of the Tianfu Cup International PWN Contest 2020, this year from our home offices in Palo Alto and Bangalore to review any vulnerabilities that may be demonstrated during the contest. We would like to thank The post VMware and Tianfu Cup 2020 appeared first on Security & Compliance Blog.
More info:
https://blogs.vmware.com/security/2020/11/vmware-and-tianfu-cup-2020.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-and-tianfu-cup-2020
On October 6, 2020, our Threat Intelligence team discovered a High-Severity Object Injection vulnerability in Welcart e-Commerce, a WordPress plugin with over 20,000 installations that claims top market share in Japan. After we finished our investigation, we contacted the plugin’s publisher, Collne Inc. on October 9, 2020. Full disclosure was sent on October 12, 2020, […]
More info:
https://www.wordfence.com/blog/2020/11/object-injection-vulnerability-in-welcart-e-commerce-plugin/
We’ve seen a wider variety of PHP web shells being used by attackers this year — including a number of shells that have been significantly updated in an attempt to “improve” them. Depending on the scope of changes and feature enhancements that are added to an existing web shell’s source code, these updates can be […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/ff9X45xiG1E/alfa-team-shell-v4-1-tesla-a-feature-update-analysis.html
