Go offline with the Player FM app!
Episode 87: Vulnerabilities Affect Discount Rules for WooCommerce Plugin, ModSecurity & Windows
Archived series ("Inactive feed" status)
When? This feed was archived on October 25, 2021 06:08 (). Last successful fetch was on September 16, 2021 15:41 ()
Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 272367521 series 2491387
Vulnerabilities were recently patched in the Discount Rules for WooCommerce plugin installed on over 40,000 WordPress sites. Developers from OWASP Core Rule Set said ModSecurity v3 is exposed to denial of service exploits, though the maintainers of ModSecurity reject that claim. A severe vulnerability called Zerologon in Windows Netlogon was patched in August; this bug could be exploited to attack enterprise servers. And a security researcher also discovered that the Windows TCPIP Finger command can also function as a file downloader and a makeshift command and control server. Last weekend, nearly 2,000 Magento stores were compromised in the largest hacking campaign since 2015.
125 episodes
Archived series ("Inactive feed" status)
When? This feed was archived on October 25, 2021 06:08 (). Last successful fetch was on September 16, 2021 15:41 ()
Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 272367521 series 2491387
Vulnerabilities were recently patched in the Discount Rules for WooCommerce plugin installed on over 40,000 WordPress sites. Developers from OWASP Core Rule Set said ModSecurity v3 is exposed to denial of service exploits, though the maintainers of ModSecurity reject that claim. A severe vulnerability called Zerologon in Windows Netlogon was patched in August; this bug could be exploited to attack enterprise servers. And a security researcher also discovered that the Windows TCPIP Finger command can also function as a file downloader and a makeshift command and control server. Last weekend, nearly 2,000 Magento stores were compromised in the largest hacking campaign since 2015.
125 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.