Blog

This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […] More info: https://pagely.com/blog/wordpress-security-updates-november-2020/

In a previous post, I discussed how attackers can trick website owners into installing malware onto a website — granting the attacker the same unauthorized access as if they had exploited a vulnerability or compromised login details for the website. But did you know attackers use the same tactic against other bad actors? They do […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/TaHYg7x7N-k/free-symchanger-malware-tricks-users-into-installing-backdoor.html

The second release candidate for WordPress 5.6 is here! WordPress 5.6 is slated for release on December 8, 2020, and we need your help to get there—if you haven’t tried 5.6 yet, now is the time! You can test WordPress 5.6 release candidate 2 in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option). Or download the release […] More info: https://wordpress.org/news/2020/12/wordpress-5-6-release-candidate-2/

For those running a multi-user website, not being able to see which users are online can present problems. Multiple authors, ecommerce managers, and editors all making simultaneous alterations make it difficult to pinpoint when adverse actions on your WordPress site took place. Fortunately, webmasters have a solution in the form of a WordPress plugin that […] More info: https://wpactivitylog.com/show-online-users-wordpress-plugin/

QEMU vulnerability CVE-2020-27617 Security Advisory Security Advisory Description eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can ... More info: https://support.f5.com/csp/article/K41142448?utm_source=f5support&utm_medium=RSS

Jetty vulnerability CVE-2019-10247 Security Advisory Security Advisory Description In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running ... More info: https://support.f5.com/csp/article/K41412302?utm_source=f5support&utm_medium=RSS

Firefox is the only major browser that still evaluates every website it connects to whether the certificate used has been reported as revoked. Firefox users are notified of all connections … Read moreThe post Design of the CRLite Infrastructure appeared first on Mozilla Security Blog. More info: https://blog.mozilla.org/security/2020/12/01/crlite-part-4-infrastructure-design/

In the Feature Spotlight posts, we will highlight a feature in the iThemes Security Pro plugin and share a bit about why we developed the feature, who the feature is for, and how to use the feature. Today we will cover the iThemes Security Check, a way to secure your website with a single click. […] More info: https://ithemes.com/ithemes-security-pro-feature-spotlight-ithemes-security-check/

Intel CPU vulnerability CVE-2020-0592 Security Advisory Security Advisory Description Out of bounds write in BIOS firmware for some Intel(R) Processors may allow an authenticated user to ... More info: https://support.f5.com/csp/article/K04160444?utm_source=f5support&utm_medium=RSS

Intel CPU vulnerability CVE-2020-0591 Security Advisory Security Advisory Description Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to ... More info: https://support.f5.com/csp/article/K82356391?utm_source=f5support&utm_medium=RSS