WordPress 4.2.4 Security and Maintenance Release

WordPress 4.2.4 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered ... Read More »

11th Aug 2015
Serious Flaw in iOS Mail App Exposes Users to Phishing Attacks

The email client shipped with Apple’s iOS mobile operating system is plagued by a vulnerability that can be exploited to load remote arbitrary HTML content in the application, a researcher has warned. Czech researcher Jan Souček published proof-of-concept (PoC) code and a video earlier this week to demonstrate his findings. The expert ... Read More »

14th Jun 2015
Study: New malware strains up in 2014, along with DDoS attacks

The average organization saw the download of 106 different unknown malware during every hour of 2014, a number 48 times bigger than 2013's 2.2 downloads per hour. Moreover, from 2013 to 2014 new malware strains increased by more than 71 percent to 142 million, up from 83 million, according to Check Point's “2015 Security ... Read More »

4th Jun 2015
ICANN now requires verification of Whois contact info in order to keep a domain active.

VERY IMPORTAINT!  PLEASE READ!ICANN now requires verification of Whois contact info in order to keep a domain active. If you change the contact info for your domain, you will receive a verification email and will need to follow the instructions in the email to verify your information.  If you fail to do so, your domain will stop working ... Read More »

15th May 2015
WordPress 4.2.2 Security and Maintenance Release

WordPress 4.2.2 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately. Version 4.2.2 addresses two security issues: The Genericons icon font package, which is used in a number of popular themes and plugins, contained an HTML file vulnerable to ... Read More »

11th May 2015
Critical XSS 0-Day Disclosed in WordPress

This is a Public Service Announcement, it does not mean you are affected. It is being shared to help bring awareness to a vulnerability that affects multiple WordPress installs. This morning a critical 0-Day Cross-Site Scripting (XSS) vulnerability was released in WordPress. This vulnerability targets the way that the ... Read More »

26th Apr 2015
SSL certificate flaw allows hackers to crash devices running iOS 8

A flaw in iOS 8 would allow attackers to render devices running the mobile OS useless if they're within range of a fake wireless hotspot, according to researchers from security firm Skycure. The vulnerability exploits an issue in how iOS 8 handles SSL certificates. By manipulating the certificates, researchers found they were able to get ... Read More »

22nd Apr 2015
Drupal Core - Moderately Critical - Multiple Vulnerabilities

Advisory ID: DRUPAL-SA-CORE-2015-001 Project: Drupal core Version: 6.x, 7.x Date: 2015-March-18  Security risk: 14/25 (Moderately Critical) AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:Default Vulnerability: Access bypass, Open Redirect, Multiple vulnerabilities Description Access bypass (Password reset URLs - ... Read More »

20th Mar 2015
Apple Security Update 2015-002 is now available

Security Update 2015-002 is now available and addresses the following: iCloud Keychain Available for: OS X Yosemite v10.10.2 Impact: An attacker with a privileged network position may be able to execute arbitrary code Description: Multiple buffer overflows existed in the handling of data during iCloud Keychain recovery. These issues were ... Read More »

10th Mar 2015
Cumulative Security Update for Internet Explorer

The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less ... Read More »

10th Mar 2015