Netty vulnerability CVE-2019-20444 Security Advisory Security Advisory Description HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be ...
More info:
https://support.f5.com/csp/article/K14752415?utm_source=f5support&utm_medium=RSS
We intend to update Mozilla’s Root Store Policy to reduce the maximum lifetime of TLS certificates from 825 days to 398 days, with the aim of protecting our user’s … Read moreThe post Reducing TLS Certificate Lifespans to 398 Days appeared first on Mozilla Security Blog.
More info:
https://blog.mozilla.org/security/2020/07/09/reducing-tls-certificate-lifespans-to-398-days/
Spectre SWAPGS gadget vulnerability CVE-2019-1125 Security Advisory Security Advisory Description An information disclosure vulnerability exists when certain central processing units (CPU) ...
More info:
https://support.f5.com/csp/article/K31085564?utm_source=f5support&utm_medium=RSS
Spectre SWAPGS gadget vulnerability CVE-2019-1125 Security Advisory Security Advisory Description An information disclosure vulnerability exists when certain central processing units (CPU) ...
More info:
https://support.f5.com/csp/article/K31085564?utm_source=f5support&utm_medium=RSS
- La Comisión pone en marcha el procedimiento para la revisión de la Directiva sobre seguridad de redes y sistemas de información (NIS), comenzando con una consulta pública cuyo objetivo es recopilar opiniones sobre su implementación e impacto de posibles cambios.
Desde su adopción, la Directiva NIS ha asegurado que los Estados miembros estén mejor preparados para los incidentes cibernéticos y ha aumentado su cooperación a través del Grupo de Cooperación NIS.
Esta obliga a las empresas que brindan servicios esenciales en sectores vitales (energía, transporte, banca, infraestructuras del mercado financiero, salud, suministro y distribución de agua e infraestructura digital), así como proveedores de servicios digitales clave (como motores de búsqueda o servicios de computación en la nube o en línea) a proteger sus sistemas de tecnología de la información e informar a las autoridades nacionales sobre incidentes de ciberseguridad importantes.
La consulta, que estará abierta hasta el 2 de octubre de 2020, busca opiniones y experiencias de todos los ciudadanos que estén interesados.
Comisión Europea (13/07/2020)
On June 15, 2020, our Threat Intelligence team was made aware of a number of access control vulnerabilities that had recently been disclosed in KingComposer, a WordPress plugin installed on over 100,000 sites. During our investigation of these vulnerabilities, we discovered an unpatched reflected Cross-Site Scripting(XSS) vulnerability. Wordfence Premium customers received a new firewall rule […]
More info:
https://www.wordfence.com/blog/2020/07/xss-flaw-impacting-100000-sites-patched-in-kingcomposer/
Your WordPress website is a unique combination of plugins, files, posts, pages, users and so much more. With such a complicated mix, it’s important to understand how to monitor your website for changes and make sure your site is as secure as it can be. Not only that, but monitoring your site for changes can […]
More info:
https://wpactivitylog.com/monitor-wordpress-website-changes/
February 18, 2011 An anonymous reporter has publicly announced a previously undisclosed vulnerability affecting the BROWSER protocol on Windows systems. In addition, the reporter has released proof-of-concept exploit code. Use of the code can result in a denial-of-service condition on the target host, and the reporter has speculated that remote code execution is also possible. Microsoft indicates that all versions of Windows are vulnerable. The vulnerability affects hosts that are or could
More info:
https://aws.amazon.com/security/security-bulletins/windows-cifs-browser-heap-vulnerability/
We intend to update Mozilla’s Root Store Policy to reduce the maximum lifetime of TLS certificates from 825 days to 398 days, with the aim of protecting our user’s HTTPS … Read moreThe post Reducing TLS Certificate Lifespans to 398 Days appeared first on Mozilla Security Blog.
More info:
https://blog.mozilla.org/security/2020/07/09/reducing-tls-certificate-lifespans-to-398-days/
On June 24, 2020, our Threat Intelligence team was made aware of a possible vulnerability in the Adning Advertising plugin, a premium plugin with over 8,000 customers. We eventually discovered 2 vulnerabilities, one of which was a critical vulnerability that allowed an unauthenticated attacker to upload arbitrary files, leading to Remote Code Execution(RCE), which could […]
More info:
https://www.wordfence.com/blog/2020/07/critical-vulnerabilities-patched-in-adning-advertising-plugin/
