According to a Google Security Researcher who was able to defeat all of the current patches and make the vulnerability easier to exploit, they are now recommending the following unofficial patch until it is pushed upstream:
Further Information:
source: hostingseclist
An update for Xen was just released to address two major security vulnerabilities and it is recommended that you update as soon as possible.
An update for cPanel was just released to address various security vulnerabilities. These updates provide targeted changes to address security concerns with cPanel and WHM. We recommend that you update as soon as possible.
Multiple vulnerabilities for the Drupal CMS have been discovered. Drupal have released versions 8.3.4 and 7.56 which contain fixes for these security vulnerabilities. We recommend that you update Drupal as soon as possible.
An update for OpenSSL on RHEL was just released to help address the Poodle OpenSSL security vulnerability and it is recommended that you update as soon as possible. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade…
An update for Magento was just released to address a critical security vulnerability and it is recommended that you update as soon as possible. Official Link: http://bit.ly/1flmoA8 Source: hostingseclist.com
Joomla! 3.7.1 is now available. This is a security release for the 3.x series of Joomla! which addresses one critical security vulnerability and several bug fixes. The security issue was found to be the result of inadequate filtering of requested data that lead to a SQL Injection vulnerability. We…
aaPanel is a free and Open source Hosting Control Panel for RHEL and Debian based systems. It is the Internationalized version for the BAOTA panel(www.bt.cn), developed in China. It allows users to manage their web server through a web-based GUI (Graphical User Interface).
Researchers from the University of Maryland recently defeated Google’s reCAPTCHA 2 audio challenge system with the unCAPTCHA 2 proof of concept which bypasses the latest version of reCAPTCHA with 91% accuracy as of January, 2019.
In April 2020, Google announced Web Vitals — a new set of metrics designed to measure the speed and user experience of websites. Last week, Google announced that these metrics will make its way into a core algorithm update as new ways of judging and ranking sites based on…
We have been made aware of a serious security vulnerability in Bash that affects multiple operating systems and applications.
Opinions divided on encrypted dns queries Dns is also called ‘the last unencrypted mile’ of the internet: the last step in the route that an internet package takes before it presents a website. Exactly this last bit is sent completely in plaintext. The reason for this is that the…
WordPress 4.7.2 was released last Thursday, January 26th. WordPress have just announced that In addition to the three security vulnerabilities mentioned in the original release post, WordPress 4.7 and 4.7.1 had one additional vulnerability for which disclosure was delayed.
Researchers have found a serious bug in the WP Live Chat Support plugin. This is the second time in six weeks that a vulnerability has been found in the plugin which is being used on thousands of WordPress websites. The latest bug allows hackers to inject their own code…
We are excited to make it easier and more convenient for our customers to shop at Woktron. By incorporating the latest in mobile technology, Apple Pay and Google Pay provide our customers options to help simplify and further secure their online purchases.
Newsletter, a free WordPress plugin with more than 300,000 installations, was found to contain multiple vulnerabilities that could eventually lead to the takeover of an affected website. The bugs were discovered by the Wordfence team who notified the developer of the plugin.
