Read Time:1 Second
Post Content
Monthly Archives: September 2024
GLSA 202409-28: HashiCorp Consul: Multiple Vulnerabilities
GLSA 202409-29: Docker: Multiple Vulnerabilities
GLSA 202409-26: IcedTea: Multiple Vulnerabilities
Squid Fishing in Japan
Read Time:4 Second
Fishermen are catching more squid as other fish are depleted.
Multiple Vulnerabilities in PHP Could Allow for Remote Code Execution
Read Time:31 Second
Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for remote code execution. PHP is a programming language originally designed for use in web-based applications with HTML content. Successful exploitation could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
WP Engine Reprieve
Read Time:59 Second
I’ve heard from WP Engine customers that they are frustrated that WP Engine hasn’t been able to make updates, plugin directory, theme directory, and Openverse work on their sites. It saddens me that they’ve been negatively impacted by Silver Lake‘s commercial decisions.
On WP Engine’s homepage, they promise “Unmatched performance, automated updates, and bulletproof security ensure your sites thrive.”
WP Engine was well aware that we could remove access when they chose to ignore our efforts to resolve our differences and enter into a commercial licensing agreement. Heather Brunner, Lee Wittlinger, and their Board chose to take this risk. WPE was also aware that they were placing this risk directly on WPE customers. You could assume that WPE has a workaround ready, or they were simply reckless in supporting their customers. Silver Lake and WP Engine put their customers at risk, not me.
We have lifted the blocks of their servers from accessing ours, until October 1, UTC 00:00. Hopefully this helps them spin up their mirrors of all of WordPress.org’s resources that they were using for free while not paying, and making legal threats against us.
Multiple Vulnerabilities in Foxit PDF Reader and Editor Could Allow for Arbitrary Code Execution
Read Time:35 Second
Multiple vulnerabilities have been discovered in Foxit PDF Reader and Editor, the most severe of which could result in arbitrary code execution. Foxit PDF Reader is a multilingual freemium PDF tool that can create, view, edit, digitally sign, and print PDF files. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Deepfake Ukrainian diplomat targeted US senator on Zoom call
Read Time:13 Second
The chair of the United States Foreign Relations Committee was targeted by a sophisticated deepfake operation which impersonated a top Ukrainian official, in what was an apparent attempt at election interference.
Read more in my article on the Hot for Security blog.
Governments Urge Improved Security and Resilience for Undersea Cables
Read Time:7 Second
The US, UK, EU and other global partners have called for a global approach to strengthening the security of global communications and data