Multiple Vulnerabilities Patched in Orbit Fox by ThemeIsle Plugin

On November 19, 2020, our Threat Intelligence team responsibly disclosed two vulnerabilities in Orbit Fox by ThemeIsle, a WordPress plugin used by over 400,000 sites. One of these flaws made it possible for attackers with contributor level access or above to escalate their privileges to those of an administrator and potentially take over a WordPress […] More info: https://www.wordfence.com/blog/2021/01/multiple-vulnerabilities-patched-in-orbit-fox-by-themeisle-plugin/

Admin Notices Manager 1.1: choose which admin notices you see & which not

We can all agree that 2020 was a difficult year. That’s why we are excited to start 2021 with our very first update of the Admin Notices Manager plugin. In this update we added the ability to choose which type of admin notices to show as normal on the WordPress dashboard, in the plugin pop-up, […] More info: https://www.wpwhitesecurity.com/anm-1-1-0/

Adobe Flash Player vulnerability CVE-2020-9746

Adobe Flash Player vulnerability CVE-2020-9746 Security Advisory Security Advisory Description Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer ... More info: https://support.f5.com/csp/article/K85113405?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2017-13166

Linux kernel vulnerability CVE-2017-13166 Security Advisory Security Advisory Description An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: ... More info: https://support.f5.com/csp/article/K02825271?utm_source=f5support&utm_medium=RSS

Evaluating Cookies to Hide Backdoors

Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often developed using a variety of techniques that can make it challenging to detect. For example, an attacker can inject a single line of code containing less than 130 characters into […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/i_aFuWVcTOY/evaluating-cookies-to-hide-backdoors.html

Evaluating Cookies to Hide Backdoors

Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often developed using a variety of techniques that can make it challenging to detect. For example, an attacker can inject a single line of code containing less than 130 characters into […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/i_aFuWVcTOY/evaluating-cookies-to-hide-backdoors.html

Encrypted Client Hello: the future of ESNI in Firefox

Background Two years ago, we announced experimental support for the privacy-protecting Encrypted Server Name Indication (ESNI) extension in Firefox Nightly. The Server Name Indication (SNI) TLS extension enables server and … Read moreThe post Encrypted Client Hello: the future of ESNI in Firefox appeared first on Mozilla Security Blog. More info: https://blog.mozilla.org/security/2021/01/07/encrypted-client-hello-the-future-of-esni-in-firefox/

The Month in WordPress: December 2020

We bid goodbye to 2020 in style with the release of WordPress 5.6 and the launch of Learn WordPress. But these weren’t the only exciting updates from WordPress in December. Read on to learn more! WordPress 5.6 is here The latest major WordPress release, version 5.6 “Simone”, came out on December 8. The release ships […] More info: https://wordpress.org/news/2021/01/the-month-in-wordpress-december-2020/
Translate »