Drupal eliminates the vulnerabilities exploited by spammers

Drupal eliminates the vulnerabilities The developers of Drupal introduced versions 7.56 and 8.3.4, in which several vulnerabilities were eliminated, including bugs used by spammers. One of the main corrected problems was the vulnerability of CVE-2017-6922. The bug was that the files downloaded by an anonymous user were available not only to him, but to all anonymous users in general. Of course, only those sites that allowed anonymous downloads of files were affected. Since October 2016, Drupal...


During the hacking of OneLogin thousands of users were affected

OneLogin Hacked The popular provider of single sign-on solutions, OneLogin, suffered a hacker attack. Then it was reported that unknown intruders managed to get unauthorized access to data on the American region. Representatives of the company explained that the burglars somehow managed to get keys to AWS, which they used to access the AWS API. After that, the attackers became available database tables, which contained information about the users of the application, as well as "various types of...