Welcome to the Patchstack Weekly Security Update, Episode 50! This update is for week 49 of 2022. This week’s knowledge share is about the lingering problems that can happen after a compromise. This is related to the recent news of LastPass reporting a secondary incident months after an initial break-in. I will discuss this negative […]
Welcome to the Patchstack Weekly Security Update, Episode 49! This update is for week 47 of 2022. This week’s knowledge share will be all about how to find bugs in code – security bugs that is. I will share techniques I use for basic static code analysis and provide examples of what to look out […]
Welcome to the Patchstack Weekly Security Update, Episode 48! This update is for week 46 of 2022. This week’s knowledge share is about the security concern caused when software has been abandoned or has reached its end of life (EOL). I will discuss what the risks of running unsupported software, and what you can do […]
Welcome to the Patchstack Weekly Security Update, Episode 47! This update is for week 45 of 2022. This week’s knowledge share is about the PHP world’s smallest security bug. I say smallest because it is one character long. You may wonder, how could one character cause so much chaos? Stick around for this week’s knowledge […]
Welcome to the Patchstack Weekly Security Update, Episode 45! This update is for week 43 of 2022. Last week’s news included a new WordPress security release. WordPress 6.0.3 was made publicly available on Monday October 17th. You can read a summary of the WordPress 6.0.3 release on the Patchstack blog, or stay tuned for this […]
With another busy month behind us, let’s see what the Patchstack Alliance members dug up in September! Our researchers found 53 confirmed vulnerabilities. 9 of the vulnerabilities were found in plugins with 100,000+ installs across WordPress, including one with 2 million installs. Thought to be fair, that vulnerability in question was not particularly severe. A […]
Summary A new WordPress security release was announced today. On October 17th, 2022 WordPress Core released version 6.0.3 a security only release. This release includes a substantial number of security bug patches, so I will be reviewing them and sharing the details with you in this post. All security releases are important. You may want […]
Welcome to the Patchstack Weekly Security Update, Episode 44! This update is for week 42 of 2022. This week I will talk with you about an unsettling security risk caused when a malicious actor preys upon a site owner when they are experiencing an emergency. I will share what precautions you can take today in […]
Welcome to the Patchstack Weekly Security Update, Episode 43! This update is for week 41 of 2022. This week I am continuing to share knowledge about OWASP ZAP. I will share with you details of two features available in the OWASP ZAP HUD and how to use them. Hopefully, by the end of this episode, […]
We’ve always said the best way to handle website security is by preventing attacks in the first place. We’re happy to announce that One.com is the latest hosting provider joining the spearhead to tackle open-source security problems at the root. One.com has introduced Patchstack’s WordPress vulnerability alerts to customers on their Managed WordPress subscription, and […]