Initial Publication Date: 2020/03/31 11:15AM PDT AWS is updating all AWS Federal Information Processing Standard (FIPS) endpoints to a minimum Transport Layer Security (TLS) version of 1.2 across all AWS Regions by March 31, 2021. This update will revoke the ability to use TLS 1.0 and TLS 1.1 on all FIPS endpoints. No other AWS endpoints will be affected by this change. When connecting to an AWS service endpoint, your client provides its TLS minimum and TLS maximum version. The AWS service
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2020-001/
The fourth release candidate for WordPress 5.4 is live! WordPress 5.4 is currently scheduled to land on March 31 2020, and we need your help to get there—if you haven’t tried 5.4 yet, now is the time! You can test the WordPress 5.4 release candidate in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option) […]
More info:
https://wordpress.org/news/2020/03/wordpress-5-4-rc4/
With many of us under either lockdown or shelter-in-place orders due to the COVID-19/Corona virus, fear and stress are rampant. This additional stress lowers our critical thinking capabilities and increases our vulnerability. Hackers targeting these human vulnerabilities are using the global pandemic to attempt exploitation through numerous scams and phishing campaigns. We also cover plugin […]
More info:
https://www.wordfence.com/blog/2020/03/episode-71-hackers-targeting-covid-19-fears/
On February 28, 2020, the Wordfence Threat Intelligence team became aware of a newly patched stored Cross-Site Scripting (XSS) vulnerability in IMPress for IDX Broker, a WordPress plugin with over 10,000 installations. Although all Wordfence users, including those still using the free version of Wordfence, were already protected from this vulnerability by the Web Application […]
More info:
https://www.wordfence.com/blog/2020/03/vulnerabilities-patched-in-impress-for-idx-broker/
WordPress activity logs help site administrators better manage their WordPress websites and users, and keep them secure. Activity logs are also very helpful in a post hack scenario, to identify the source of the attack. If you are new to WordPress activity logs, this article is for you. We will explain what activity logs are, […]
More info:
https://www.wpsecurityauditlog.com/wordpress-admin/wordpress-activity-logs-newbies/
The fifth release candidate for WordPress 5.4 is live! WordPress 5.4 is currently scheduled to land on March 31 2020, and we need your help to get there—if you haven’t tried 5.4 yet, now is the time! You can test the WordPress 5.4 release candidate in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option) […]
More info:
https://wordpress.org/news/2020/03/wordpress-5-4-rc5/
Here it is! Named “Adderley” in honor of Nat Adderley, the latest and greatest version of WordPress is available for download or update in your dashboard. Say hello to more and better. More ways to make your pages come alive. With easier ways to get it all done and looking better than ever—and boosts in speed you […]
More info:
https://wordpress.org/news/2020/03/adderley/
On March 23, 2020, our Threat Intelligence team discovered 2 vulnerabilities in WordPress SEO Plugin – Rank Math, a WordPress plugin with over 200,000 installations. The most critical vulnerability allowed an unauthenticated attacker to update arbitrary metadata, which included the ability to grant or revoke administrative privileges for any registered user on the site. The […]
More info:
https://www.wordfence.com/blog/2020/03/critical-vulnerabilities-affecting-over-200000-sites-patched-in-rank-math-seo-plugin/
When you use two-factor authentication (2FA) on your WordPress website, you need the username, password, and a one-time code to login. The one-time code can be generated by an app, sent to you over email, or generated by a third party specialized device. However, how can you still login if you not have access to […]
More info:
https://www.wpwhitesecurity.com/2fa-backup-codes/
I really did not want to be writing this blog post, but as I have been working remotely for 20 years now, and due to coronavirus, friends and family have joined me in working from home. One of my biggest …
More info:
https://300m.com/privacy/is-zoom-safe/
