Subscribe

Archive | Updates

Archive of my @thehyden Twitter updates.

Panopta (exclusive offer) Get Two Free Months

Over the years Panopta has listened to customer feedback and continues to respond with additional development and improvements to their infrastructure, application and network performance monitoring tools. With Panopta you can easily keep an eye on the most fundamental metrics across your complex infrastructure so you can identify the root cause of problems. If you […]

WordPress Plugin being exploited. Delete inactive plugins

For the past few days an increasing number of WordPress websites have been infected by attackers exploiting a vulnerability in the WordPress plugin: WP Mobile Detector. The plugin with over 10,000 active installs was at one point removed completely from the WordPress repository with no patch available. However, as of today the WP Mobile Detector plugin has been patched […]

OpenSSL Security Updates – Severity: High

A new set of security updates for OpenSSL were just released this morning to address various security vulnerabilities, some of which are considered to be “high” severity. Please update as soon as possible. To update keep an eye open for Linux distro updates via package managers such as yum, apt-get, etc. Control panel updates for cPanel and others will be released over […]

Poodlebleed vulnerability SSL version 3.0

Google Online Security blog released details of a SSLv3 vulnerability called POODLE attack. Here you’ll find links to all the important info, all in one place! Official website: poodlebleed.com (Test your website against Poodlebleed) Security advisory (PDF download) | Google Blog | Firefox Blog | OpenSSL update | Red Hat | Nice article Fedora Blog | Discussion on […]

CVE-2014-6271: Vulnerability in Bash allows remote execution of arbitrary code

Patch instructions for CVE-2014-6271 and CVE-2014-7169 are at the end of this post. UPDATE 1: Patching Bash may not be the end of this. There’s still discussion regarding if the changes completely fixed or not. UPDATE 2: Another patch being tested. UPDATE 3: From Red Hat “Red Hat has become aware that the patch for CVE-2014-6271 is incomplete. An attacker can […]