Miscellaneous Tech News

Obsolesce

@dbeato said in Miscellaneous Tech News:

http://www.cyberdefensemagazine.com/wordpress-warning-major-hole-serious-risk-cve/

Here's a fix for it until WordPress fixes it: https://github.com/Quitten/WordPress/blob/master/wp-dos-patch.sh

I got that from here: http://baraktawily.blogspot.com/2018/02/how-to-dos-29-of-world-wide-websites.html

dbeato

@tim_g said in Miscellaneous Tech News:

@dbeato said in Miscellaneous Tech News:

http://www.cyberdefensemagazine.com/wordpress-warning-major-hole-serious-risk-cve/

Here's a fix for it until WordPress fixes it: https://github.com/Quitten/WordPress/blob/master/wp-dos-patch.sh

I got that from here: http://baraktawily.blogspot.com/2018/02/how-to-dos-29-of-world-wide-websites.html

Awesome.

Obsolesce

@dbeato said in Miscellaneous Tech News:

http://www.cyberdefensemagazine.com/wordpress-warning-major-hole-serious-risk-cve/

Oh I didn't read your link all the way to the bottom, the same fix is linked there too.

JaredBusch

@dbeato said in Miscellaneous Tech News:

http://www.cyberdefensemagazine.com/wordpress-warning-major-hole-serious-risk-cve/

WTF WordPress.

dbeato

@jaredbusch said in Miscellaneous Tech News:

@dbeato said in Miscellaneous Tech News:

http://www.cyberdefensemagazine.com/wordpress-warning-major-hole-serious-risk-cve/

WTF WordPress.

Yeah, I was surprised by their answer as if it was not a security vulnerability at all...

scottalanmiller

What's new in the Linux 4.16 kernel.

scottalanmiller

AMD Raven Ridge APUs due out tomorrow.

scottalanmiller

What's coming in Kodi 18 due later this year?

scottalanmiller

Oracle still trying to get DTrace on Linux.

Obsolesce

Cryptomining Supply Chain Attack Hits Government Websites

https://www.wordfence.com/blog/2018/02/cryptomining-javascript-supply-chain-attack/?utm_source=list&utm_medium=email&utm_campaign=021118

scottalanmiller

@tim_g said in Miscellaneous Tech News:

Cryptomining Supply Chain Attack Hits Government Websites

https://www.wordfence.com/blog/2018/02/cryptomining-javascript-supply-chain-attack/?utm_source=list&utm_medium=email&utm_campaign=021118

So surprised...

dbeato

Telegram Zero Day Vulnerability
https://securelist.com/zero-day-vulnerability-in-telegram/83800/

scottalanmiller

@dbeato said in Miscellaneous Tech News:

Telegram Zero Day Vulnerability
https://securelist.com/zero-day-vulnerability-in-telegram/83800/

JaredBusch

@scottalanmiller said in Miscellaneous Tech News:

@dbeato said in Miscellaneous Tech News:

Telegram Zero Day Vulnerability
https://securelist.com/zero-day-vulnerability-in-telegram/83800/

Patched prior to release of article. Telegram accepted the security researchers data and fixed the application.

dbeato

http://www.zdnet.com/article/skype-cannot-fix-security-bug-without-a-massive-code-rewrite/

JaredBusch

@dbeato said in Miscellaneous Tech News:

http://www.zdnet.com/article/skype-cannot-fix-security-bug-without-a-massive-code-rewrite/

Hahahaha and that is atotally different answer from a different company..

WTF, who cares about security.

Obsolesce

@dbeato said in Miscellaneous Tech News:

http://www.zdnet.com/article/skype-cannot-fix-security-bug-without-a-massive-code-rewrite/

At least the System account doesn't have network share access (typically).

DustinB3403

Another Zero Day, this time with Adobe Flash and IE.

black3dynamite

http://www.omgubuntu.co.uk/2018/02/ubuntu-18-04-minimal-install-option

Should've removed Amazon web app too.

black3dynamite

http://www.omgubuntu.co.uk/2018/02/ubuntu-data-collection-opt-out