Blog

Community news and analysis: April 2015

Posted on May 8, 2015 - 14:54 by ccondon

Featured news

  • Google: Safe Browsing insight into a Javascript-based DDoS attack; the security risks of unwanted ad injectors; new Password Alert Chrome extension protects users from entering Google passwords into phishing sites
  • Mozilla on deprecating non-secure HTTP
  • WordPress 4.2.2 critical security release fixes several cross-site scripting vulnerabilities. (4.2.1, another critical security release, previously fixed a widely covered cross-site scripting vulnerability in the commenting system.)
  • Looking for a different kind of case study? Our partners at Area 1 Security explore phishing...via comic book. Take a look at “Operation Pineapple Sparkle.”

Malware news + analysis

Other security news

Community news and analysis: March 2015

Posted on April 13, 2015 - 12:11 by ccondon

Featured news

Google cracks down on Chrome extensions that inject ads and degrade users’ browsing experiences (31 March). Google also added information about unwanted software to their Safe Browsing API last month (24 March).

Automattic: Five ways to secure WordPress plugins (27 March), preventing cross-site scripting in JavaScript (25 March), and a blind SQL injection vulnerability found in Yoast’s popular WordPress SEO plugin (13 March).

Three cheers for open information: Check out DreamHost’s first ever Transparency Report!

Malware news

ESET analyses “Casper” malware used against Syrian targets and likely developed by the same group behind the Babar and Bunny malware (5 March).

SiteLock demonstrates what it looks like to infect a website (19 March).

Sophos on the new TeslaCrypt ransomware targeting gamers running Windows (16 March) and developments in Microsoft Office malware (6 March).

A couple pieces of interesting Sucuri analysis: WordPress malware causes pseudo-DarkLeech infection (26 March); ‘inverted WordPress Trojan’ adds useful features along with malware (11 March).

Other security news

Mozilla on memory scanning for server security (12 March) and revoking trust in one CNNIC intermediate certificate (23 March).

Qualys: GHOST remote code execution exploit (17 March).

Fortinet: Cross-site scripting vulnerability discovered in WordPress Photo Gallery plugin with 12 million downloads (20 March).

Community news and analysis: February 2015

Posted on March 3, 2015 - 11:08 by ccondon

Featured news: Superfish, new malware warnings, universal SSL

Read Mozilla’s directions for getting Superfish out of Firefox (Feb. 27), Sophos on Superfish removal (Feb. 20), and a Fortinet Superfish FAQ. (Feb. 20) ESET also has a wise piece on unwarranted panic and false positives. (Feb. 20) Note: We hope we don’t ever have to write the word “Superfish” again.

Google Safe Browsing expands Chrome warnings: New warnings let users know when they’re about to visit a site known for encouraging downloads of unwanted or suspicious software. (Feb. 23)

Feedback and data-driven updates to Google’s Project Zero disclosure policy (Feb. 13)

Universal SSL: Public beta version of new CloudFlare service encrypts data from the browser to the origin for free. (Feb. 24)

Malware news + vulnerabilities

Google releases free, cloud-based web application security scanner that can help App Engine developers check for cross-site scripting and mixed content vulnerabilities. (Feb. 19)

Highlights from Internet Identity’s 2014 eCrime Trends Report (Feb. 25)

Fortinet: Decoy files used to spread CTB-Locker ransomware (Feb. 16)

Automattic (Feb. 6), Sucuri (Feb. 16), and SiteLock (Feb. 26) on a serious vulnerability affecting most versions of the Fancybox-for-WordPress plugin

SiteLock on a security flaw in the UpdraftPlus premium WordPress plugin (Feb. 17)

Sucuri: Vulnerabilities in Gravity Forms WP plugin (Feb. 26) and analytics plugin WP-Slimstat (Feb. 24)

Security news + perspectives

In case you missed it: After six years, StopBadware is shutting down its community forum. Details and recommended alternatives here.

Automattic: WordPress 4.1.1 is out! This one’s a maintenance release. (Feb. 18)

ESET on exploits: What are they, and how do they work? (Feb. 27)

DreamHost’s Mika E. talks about the virtues of open source and his experience writing plugins for WordPress. (Feb. 10)

SiteLock: How you can tell if a website is secure (Feb. 24)

Sucuri: Why websites get hacked (Feb. 26)

Pages