Cesar Anjos
Browsing Category
Security Advisory
175 posts
WordPress Vulnerabilities & Patch Roundup — June 2022
Antony Garand Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Critical RCE Vulnerability in Elementor WordPress Plugin
Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 Vulnerability: Remote code execution (RCE) Patched Version: 3.6.3 On April 12th, an important security update was…
Adobe Patches Critical RCE Vulnerability in Magento2
Ben Martin On Sunday, February 13th, Adobe pushed an emergency update to their Magento2 ecommerce software patching a critical unauthenticated remote code execution vulnerability. It is marked…
AccessPress Themes Hit With Targeted Supply Chain Attack
Security researchers at Automattic recently reported that the popular WordPress plugin and theme authors AccessPress were compromised and their software replaced with backdoored versions. The…
WordPress 5.8.3 Security Release
On January 6th, an important security update was released for the WordPress core addresses four separate vulnerabilities. WordPress website administrators are advised to update their…
What is the Log4j Vulnerability?
Editorial: This post was last updated October 17th, 2022. What is the Log4j vulnerability? Originally found on the popular game Minecraft, this critical server security…
Adobe Patches Critical Magento Vulnerabilities in Recent Update
Adobe has recently released several critical security patches for both their open source and commercial versions of their ecommerce platform. There are a total of…
The Importance of Website Backups
Juliana Lewis Today is World Backup Day. This date was created to remind people of the importance of having backups set up for everything that matters. I am pretty sure your website falls into…
PHP Repository Exploited by Hackers
The official PHP git repository, http://git.php.net/, was compromised this Sunday, March 28. An attacker was able to modify the PHP source code twice and inject…
How Do Websites Get Hacked?
Mike Martens As much as the web has grown, surprisingly not a lot has changed in how websites get hacked. The most important thing you can do…
UCEPROTECT Scam: When RBLs Go Bad
Marc Kranat What is a Realtime Blackhole List (RBL)? A Realtime Blackhole List (RBL) contains lists of email servers, domain names, and IP addresses that are associated…