Security Leftovers and Proprietary Software
700,000 WordPress Sites Affected By Zero-day Vulnerability in File Manager Plugin
Yesterday a zero-day vulnerability was discovered in a popular WordPress plugin, File Manager. The vulnerability allows arbitrary file upload and remote code execution.
File Manager plugin is a useful plugin that allows users to browse site files in an easy way. The plugin has over 700,000 active installations that make it a desired target for attackers.
Yesterday the vulnerability was discovered by Seravo as part of their WordPress upkeep service. They noticed unusual activity on several of their customers’ websites and further investigation revealed the severe vulnerability in the File Manager plugin.
Kees Cook: security things in Linux v5.6
Linux v5.6 was released back in March. Here’s my quick summary of various features that caught my attention:
Australian firm Tandem Corp hit by Windows NetWalker ransomware [iophk: Windows TCO]
"We continue to work with our external data security providers and, if any personally identifiable information has been accessed, we will notify those who may have been impacted as well as the appropriate authorities as required, including the Office of the Australian Information Commissioner.
Zoom's market value surges past General Motors and Boeing
Zoom projected a total revenue of $2.4 billion dollars ( for its fiscal year ending in January. This is up from the 1.8 billion dollars (1.5 billion euros) it forecast back in June, and takes into account the users that will not renew the monthly subscriptions they signed up for in the first quarter.
Cisco says it will issue patch ‘as soon as possible’ for bugs [attackers] are trying to exploit
Justin Elze, a principal security consultant at security company TrustedSec, pointed out that in order for the vulnerability to be exploited, a protocol known as IGMP needs to be enabled. That protocol is less common in enterprise networks and tends to be used by cable TV networks to do video streaming, he said.
Audible Unveils 'Sesame Street' Podcast
Last year, the beloved children's series announced a move to HBO Max for its 51st season, a deal that includes five new seasons of the show.
Animal Crossing Continues To Be An Innovative Playground As Biden Campaign Begins Advertising On It
For nearly half a year now, especially when this damned pandemic really took off, we've been bringing you the occasional story of how Nintendo's Animal Crossing keeps popping up with folks finding innovative ways to use the game as a platform. Protesters advocating for freedom in Hong Kong gathered in the game. Sidelined reality show stars took to the game to ply their trade. Very real people enduring very real layoffs used the game's currency as a method for making very real money. As someone who has never played the game, the picture I'm left with is of a game that is both inherently malleable to what you want to do within it and immensely social in nature.
GnuPG 2.2.23 released, fixing a critical security flaw
We are pleased to announce the availability of a new GnuPG release: version 2.2.23. This version fixes a *critical security bug* in versions 2.2.21 and 2.2.22.
