Microsoft issued 113 patches in a big update, unfortunately for IT staff already straining under WFH security concerns. Microsoft has released its April 2020 Patch Tuesday security updates, its first big patch update released since the work-from-home era truly got underway. It’s a doozie, with the tech giant disclosing 113 vulnerabilities. Out of these, 19 are rated as critical, and 94 are rated as important. Crucially, four of the vulnerabilities are being exploited in the wild; and two of them were previously publicly disclosed. In all, the update includes patches for Microsoft Windows, Microsoft Edge (EdgeHTML-based and the Chromium-based versions), ChakraCore, Internet Explorer, Microsoft Office and Microsoft Office Services… Source link
Read More »Ortus Solutions To Host Two-Day Workshop On Building Secure Applications
WASHINGTON (PRWEB) January 30, 2020 Ortus Solutions, Corp announced today it will be hosting a two-day workshop on April 20th and 21st focused on building secure MVC ColdFusion applications. The event will be held before the Adobe CF Summit East 2020 at the Regus Franklin Square from 9:00 am to 5:30 pm, with the aim of helping modernize developer skills to create applications with modern techniques and tooling. Attendees will be designing a twitter-like application (SoapBox) and will build it using the most popular ColdFusion MVC Framework: ColdBox. They will design the client in UML and build it using object… Source link
Read More »Chinese Hackers Use New Cryptojacking Tactics to Evade Detection
Chinese-speaking cybercrime group Rocke, known for operating multiple large-scale malicious crypto-mining campaigns, has now switched to new Tactics, Techniques, and Procedures (TTPs), including new C2 infrastructure and updated malware to evade detection. Rocke is a financially motivated threat group first spotted in April 2018 by Cisco Talos researchers while exploiting unpatched Apache Struts, Oracle WebLogic, and Adobe ColdFusion servers, and dropping cryptomining malware from attacker-controlled Gitee and GitLab repositories. During January, Palo Alto Network’s Unit 42 team found code that uninstalls multiple cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud from Linux servers, after analyzing new Rocke malware samples. Rocke’s new… Source link
Read More »Bulletproof Hosting Service in Former NATO Bunker Goes Down
Authorities in Germany this week shut down the services of a bulletproof hosting provider set up in a former NATO bunker that went five floors underground. The bunker was acquired in 2013 and managed by a Dutch national believed to have ties with organized crime in the Netherlands, who turned it into a heavily secured data center for illegal purposes. A bulletproof hosting provider rents hosting services with no restrictions to the nature of the content uploaded or distributed, or the type of business conducted. They are the alternative to regular providers that have strict rules against illegal endeavors and often do not respond to requests from authorities. Huge building for many servers On a 3.2 acre property in Traben-Trabach on the banks of Mosel river, the building itself has… Source link
Read More »Virtual Private Servers (VPS) Hosting : The Next Booming Segment
Latest Study on Industrial Growth of Global Virtual Private Servers (VPS) Hosting Market 2019-2025. A detailed study accumulated to offer Latest insights about acute features of the Virtual Private Servers (VPS) Hosting market. The report contains different market predictions related to market size, revenue, production, CAGR, Consumption, gross margin, price, and other substantial factors. While emphasizing the key driving and restraining forces for this market, the report also offers a complete study of the future trends and developments of the market. It also examines the role of the leading market players involved in the industry including their corporate overview, financial summary and SWOT analysis. The Major Players Covered in this Report:… Source link
Read More »Virtual Private Servers (VPS) Hosting : The Next Booming Segment
Latest Study on Industrial Growth of Global Virtual Private Servers (VPS) Hosting Market 2019-2025. A detailed study accumulated to offer Latest insights about acute features of the Virtual Private Servers (VPS) Hosting market. The report contains different market predictions related to market size, revenue, production, CAGR, Consumption, gross margin, price, and other substantial factors. While emphasizing the key driving and restraining forces for this market, the report also offers a complete study of the future trends and developments of the market. It also examines the role of the leading market players involved in the industry including their corporate overview, financial summary and SWOT analysis. The Major Players Covered in this Report:… Source link
Read More »Adobe Releases Security Updates for Flash Player, ColdFusion, and Campaign
Adobe has published their monthly Patch Tuesday updates for the month of June 2019. These updates includes fixes for vulnerabilities in Adobe ColdFusion, Adobe Campaign, and Adobe Flash Player. Each of the three programs included a fix for a Critical arbitrary code execution vulnerability and users are advised to install the updates as soon as possible. Adobe Security Updates Summary: APSB19-27 Security updates available for Adobe ColdFusion Adobe has released an update for ColdFusion that fixes three critical vulnerabilities that could allow arbitrary code execution on vulnerable servers. Vulnerability Category Vulnerability Impact Severity CVE Numbers File extension blacklist bypass Arbitrary code execution Critical (see note below) CVE-2019-7838 Command Injection
Read More »Update ColdFusion Now, Critical Zero-Day Bug Exploited in the Wild
Adobe today released emergency updates that fix a critical vulnerability for the ColdFusion web app development platform. The bug can lead to arbitrary code execution and has been exploited in the wild. The security issue allows an attacker to bypass restrictions for uploading files. To take advantage of it, the adversary has to be able to upload executable code to a directory of files on a web server. The code can then be executed via an HTTP request, Adobe says in its security bulletin. Critical bug exploited All ColdFusion versions that do not have the current updates are affected by the vulnerability (CVE-2019-7816), regardless of the platforms they are for. Charlie Arehart, an independent consultant credited for reporting the vulnerability, told us that he discovered the bug… Source link
Read More »Web Hosting Services Market Is Booming| Namecheap, InMotion
HTF MI recently introduced Global Web Hosting Services Market study with in-depth overview, describing about the Product / Industry Scope and elaborates market outlook and status to 2023. The market Study is segmented by key regions which is accelerating the marketization. At present, the market is developing its presence and some of the key players from the complete study are Namecheap, InMotion Hosting, Hostwinds, Liquid Web, OVH, DigitalOcean, Hostwinds, CPanel, Linode, Vultr, GoDaddy, 1&1, HostGator, TMDHosting, DreamHos, Bluehost, SiteGround, A2 Hosting, etc. Request Sample of Global Web Hosting Services Market Report 2018 @: https://www.htfmarketreport.com/sample-report/1592180-global-web-hosting-services-market-3 This report studies the Global Web… Source link
Read More »How running websites has changed in the last two decades (for an Ars IT guru)
The Pit, a BBS door game. In this shot, Lee Hutchinson was attacking these guys. Or, maybe they’re attacking him. Lee Hutchinson Ars Technica’s 20th Anniversary View more stories I was a true nerd growing up in the 1980s—not in the hipster way but in the 10-pound-issue-of-Computer-Shopper–under-my-arm way (these things were seriously huge). I was thoroughly addicted to BBSes (Bulletin Board Systems) by the time I was 10. Maybe it’s no surprise I ended up as a technical director for a science and tech site. In fact, I’d actually draw a direct line between the job of managing your own BBS (aka SysOping) to managing a modern Web infrastructure. And with everyone around Ars looking back given the site’s 20th anniversary, let’s make… Source link
Read More »