Lynis is a well known, seasoned security tool for Linux based systems (including macOS and/or other Unix-based operating systems. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open-source software with the GPL license and available since 2007.
Continue reading “Lynis: A Security Auditing Tool For Linux”A new vulnerability in PHP-FPM has been noted which could lead to remote code execution on nginx. An earlier message on Twitter exposed the CVE-2019-11043 bug:
Continue reading “PHP-FPM/Nginx Vulnerability – CVE-2019-11043”Reading Time: 2 minutesAMP for WP -Accelerated Mobile Pages allows your site to be faster for mobile visitors. Along with last week’s report, the AMP plugin has also been added to the list exploited. The AMP for WP plugin was reported on October 20, 2018, by its developers. Luckily, the newest version, 0.9.97.20, of this plugin has patched for their known security flaws. This exploit has the means of putting 100,000+ users at potential risk, so its best to check if you are utilizing this plugin. In this tutorial, we will be checking if you use this plugin. Along with updating, we will also show you how to check if your site for compromises. Continue reading “WordPress Exploit – AMP Plugin”
Reading Time: 2 minutesAs of November 9, 2018, the WP GDPR Compliance plugin has been exploited by hackers. This plugin aids e-commerce site owners in compliance with European privacy standards. Since the very nature of GDPR is to protect the personal data and privacy of EU citizens, it should be tended to as soon as possible to avoid a costly cleanup. WP GDPR Compliance is also known for working in conjunction with many forms including Contact Form 7, Gravity Forms, and WordPress Comments. Continue reading “WordPress GDPR Plugin Exploit – All You Need To Know”
Reading Time: < 1 minute
Information on CVE-2015-5154 was made public on July 27, 2015. The vulnerability is in QEMU, a generic and open source machine emulator and virtualizer that is utilized by Xen, KVM, and other modern hypervisors / virtualization platforms.
Specifically a flaw with how QEMU’s IDE subsystem handles buffer access while processing certain ATAPI commands, exploitation can allow for the execution of arbitrary code on the host with the privileges of the host’s QEMU process corresponding to the guest.
A patch is available, and Liquid Web’s Heroic Support has proactively scheduled a reboot to patch all affected servers.
Reading Time: < 1 minute
VENOM, or Virtualized Environment Neglected Operations Manipulation, was made public on May 13, 2015. The vulnerability is in QEMU, a generic and open source machine emulator and virtualizer that is utilized by Xen, KVM, and other modern hypervisors / virtualization platforms.
Specifically a flaw with how QEMU handles out-of-bounds memory access, exploitation can cause the entire hypervisor to crash and may allow an attacker to access other virtual machines outside of their own.
A patch is available, and Liquid Web’s Heroic Support has proactively scheduled a reboot to patch all affected servers.
Continue reading “Information on CVE-2015-3456 QEMU Vulnerability (VENOM)”
Reading Time: < 1 minuteThe popular WordPress plugin WP Super Cache has been found to have a cross-site scripting (XSS) vulnerability in versions prior to 1.4.4. On sites with outdated versions, it is possible for an attacker to take complete control of the WordPress site. Please note: this vulnerability only affects users which have installed WP Super Cache. However, if you are unsure if you use the plugin or not you should still take precautions to protect your site.
Thankfully, this is vulnerability is simple to address; version 1.4.4, available now, contains a patch.
Reading Time: < 1 minute
Hopefully, you’re already well-versed in logging into your WordPress site as an administrator!
Reading Time: 2 minutesOn September 24th, a vulnerability was reported in the GNU Bourne-Again-Shell (BASh, or Bash), specifically a flaw with how Bash processes values of environment variables, that allows remote code execution of varying types in many common configurations. The overall risk is severe due to bash being configured for use, by default, on most Linux servers.
While Liquid Web immediately began working to proactively patch this vulnerability, some servers may remain vulnerable depending on their update settings or other unforeseen intervening factors. Thus, we’ve provided the instruction below.
To Summarize:
Continue reading “CVE-2014-6271 and CVE-2014-7169 Info – Bash Vulnerabilities”