New Critical Vulnerabilities in Drupal

A critical vulnerability has been fixed in Drupal A week ago on March 28, Drupal Security Team announced patches that close the critical bug in security, relevant for all versions of Drupal 6.x, 7.x and 8.x. The vulnerability allows an attacker to gain access to the hosting server with the rights of the web server. Hacker don't have exploit that exploits this vulnerability, but it is likely to appear in the very near future, therefore it is strongly recommended that all site owners on Drupal or...


Google improves security tools in Google Cloud, G Suite

Google Cloud Platform and G Suite security will be increase On Wednesday, Google announced a set of new security features for the Google Cloud Platform and G Suite. According to the company, new opportunities will give companies more control over their security environment. For the Google Cloud Platform, VPC Service Controls' virtual private cloud management services were implemented. Currently, the alpha version provides a firewall for API-based services, as well as functions to protect data...


Hackers hide a miner malware installer on Github

Be careful the miner malware installer is on Github Analysts of Avast Software reported a new method of a hidden distribution of crypto-currency miners. They found a malicious installer, hidden in IT projects on Github. The detected malicious program is spread exclusively through phishing advertising. It is mostly hosted on adult websites or resources dedicated to computer games. In addition to the banners that are tied to the server with a redirector on Github, the researchers found a portal...


New malware masks for IonCube files

New malware masks for IonCube files Security researchers from SiteLock warned administrators of WordPress and Joomla sites about new malware that masqueraded as legitimate ionCube files. Malware, called ionCube Malware, is used by cybercriminals to create backdoors on vulnerable websites, allowing them to steal data or install additional malware. According to researchers, malware was detected on more than 800 sites belonging to small companies operating on the platforms of CMS WordPress, Joomla...


The New version of WordPress 4.9.3 broke the automatic update function

The New version of WordPress 4.9.3 broke the automatic update function Site administrators working on WordPress have had a tough week when, on Monday, February 5 2018, a new version of CMS (WordPress 4.9.3) was published, which was supposed to fix a number of minor problems, but eventually, accidentally, corrupted the automatic updates mechanism, which allowed for independent CMS updates. Although the error was quickly noticed, and corrected the very next day in the WordPress 4.9.4 version,...