Month: mayo 2021

Over the past year, the key to business resiliency has meant an accelerated shift to an anywhere workforce and a rapid cloud adoption. This has created an evolving threat landscape and an increasing need for SaaS-delivered endpoint security. VMware is committed to delivering cloud-native technology to its customers to provide security across environments and devices. Today, we are thrilled to announce that VMware Carbon Black Cloud has been named a Leader in The Forrester Wave™: Endpoint More info: https://blogs.vmware.com/security/2021/05/forrester-names-vmware-a-leader-in-endpoint-security-software-as-a-service.html?utm_source=rss&utm_medium=rss&utm_campaign=forrester-names-vmware-a-leader-in-endpoint-security-software-as-a-service

Following the recent statement by WordPress’s co-founder Matt Mullenweg and the Creative Commons CEO, Catherine Stihler’s post, I’m happy to formally announce that CC Search is now part of the WordPress open source project, newly coined Openverse. Both Matt and I are long-time supporters of Creative Commons. I hope that this will provide a long-term, […] More info: https://wordpress.org/news/2021/05/welcome-to-openverse/

Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. This report covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. Each vulnerability includes a severity rating of Low, Medium, High, or Critical. Responsible disclosure and reporting of vulnerabilities is an […] More info: https://ithemes.com/wordpress-vulnerability-report-may-2021-part-2/

WordPress 5.7.2 is now available. This security release features one security fix. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated. WordPress 5.7.2 is a short-cycle security release. The next major release will be version 5.8. You can update to […] More info: https://wordpress.org/news/2021/05/wordpress-5-7-2-security-release/

It has been almost four months since we released the last update of the WP 2FA plugin. So naturally, today we are very excited to announce WP 2FA 1.6.0. Since the plugin is now used by more than 15,000 users, we are getting a lot of useful feedback. Because of the feedback, this update comes […] More info: https://www.wpwhitesecurity.com/wp-2fa-1-6-0/

Critical infrastructure has increasingly become a top target for cybercriminals. Over the weekend, we learned of the ransomware attack against a U.S. fuel company, Colonial Pipeline, that carries nearly half the fuel consumed along the U.S. East Coast. This is one of the largest disruptions of U.S. critical infrastructure by a cyberattack in history. It The post Critical Infrastructure Remains at Risk Following Ransomware Attack appeared first on Security & Compliance Blog. More info: https://blogs.vmware.com/security/2021/05/critical-infrastructure-remains-at-risk-following-ransomware-attack.html?utm_source=rss&utm_medium=rss&utm_campaign=critical-infrastructure-remains-at-risk-following-ransomware-attack

More info: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&actp=RSS

We have been alerted about applications that use the root store provided by Mozilla for purposes other than what Mozilla’s root store is curated for. We provide a root store … Read moreThe post Beware of Applications Misusing Root Stores appeared first on Mozilla Security Blog. More info: https://blog.mozilla.org/security/2021/05/10/beware-of-applications-misusing-root-stores/

Note: We’ve updated this post to reflect the evolving security standards around mixed content, SSLs, and server access as a whole. With the web’s increased emphasis on security, all sites should operate on HTTPS. Installing an SSL allows you to make that transition with your website. But it can also have an unintended consequence for […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/_g9FmAupO1A/how-to-find-fix-mixed-content-issues-with-ssl-https.html

Apple patches a gatekeeper bypass vulnerability that has been exploited in the wild on MacOS. Though this vulnerability requires some social engineering to exploit, it is believed to have been actively exploited since January 9, 2021. Some Digital Ocean customers were affected by a data breach exposing personally identifiable information. A WordPress trac conversation considers […] More info: https://www.wordfence.com/blog/2021/04/episode-115-update-your-mac-gatekeeper-bypass-vulnerability-exploited-in-the-wild/