Blog

BIG-IP SIP ALG profile vulnerability CVE-2020-5926 Security Advisory Security Advisory Description A BIG-IP virtual server with a Session Initiation Protocol (SIP) ALG profile, parsing SIP ... More info: https://support.f5.com/csp/article/K42830212?utm_source=f5support&utm_medium=RSS

F5 SSH server key size vulnerability CVE-2020-5917 Security Advisory Security Advisory Description The BIG-IP and BIG-IQ host OpenSSH servers use keys less than 2048 bits that are no longer ... More info: https://support.f5.com/csp/article/K43404629?utm_source=f5support&utm_medium=RSS

cURL and libcurl vulnerability CVE-2016-8619 Security Advisory Security Advisory Description The function `read_data()` in security.c in curl before version 7.51.0 is vulnerable to memory double ... More info: https://support.f5.com/csp/article/K46123931?utm_source=f5support&utm_medium=RSS

BIND vulnerability CVE-2020-8623 Security Advisory Security Advisory Description If BIND is built with "--enable-native-pkcs11" then a specially crafted query for a zone signed with RSA can ... More info: https://support.f5.com/csp/article/K82252291?utm_source=f5support&utm_medium=RSS

BIND vulnerability CVE-2020-8624 Security Advisory Security Advisory Description Change 4885 inadvertently caused "update-policy" rules of type "subdomain" to be treated as if they were of type " ... More info: https://support.f5.com/csp/article/K91090139?utm_source=f5support&utm_medium=RSS

On August 13, 2020, the Wordfence Threat Intelligence team finished investigating two vulnerabilities in Advanced Access Manager, a WordPress plugin with over 100,000 installations, including a high-severity Authorization Bypass vulnerability that could lead to privilege escalation and site takeover. We reached out to the plugin’s author the next day, on August 14, 2020, and received […] More info: https://www.wordfence.com/blog/2020/08/high-severity-vulnerability-patched-in-advanced-access-manager/

The Wordfence Threat Intelligence team discovered vulnerabilities in the Advanced Access Manager plugin installed on over 100,000 WordPress sites. A high severity authorization bypass could lead to privilege escalation and site takeover. Critical vulnerabilities found in the Quiz and Survey Master plugin could also lead to site takeover on the 30,000 WP sites using the […] More info: https://www.wordfence.com/blog/2020/08/episode-83-100000-sites-impacted-by-vulnerabilities-in-advanced-access-manager/

The iThemes Security Pro plugin has over 50 different ways for you to secure and protect your WordPress website. You can enable most of the security methods in iThemes Security Pro with just a click of a button. However, if you can spare a few minutes to dive into the settings, you can add several […] More info: https://ithemes.com/5-advanced-tips-tricks-for-ithemes-security-pro/

Jim Walker Free Consultation by Phone We Fix Hacked Websites Fast (619) 479-6637. One of the most popular software firewall options for cPanel servers is the ConfigServer Security & Firewall (CSF). In late 2019, a number of web server administrators began noticing that previously filtered ports like SSH, MySQL and others, would inexplicably become […] More info: https://hackrepair.com/blog/tvcnet-and-hackrepair-com-instrumental-in-fixing-longstanding-cpanel-bug-that-renders-server-based-firewalls-useless

In the Feature Spotlight posts, we are going to highlight a feature in iThemes Security Pro and share a bit about why we developed the feature, who the feature is for, and how to use the feature. Today we are shining the spotlight on the Password Requirements feature in iThemes Security Pro, which is a […] More info: https://ithemes.com/ithemes-security-pro-feature-spotlight-password-requirements/