Merry Christmas and a happy New Year!
We wish you a very Happy Holiday season and a peaceful and prosperous New Year!
We wish you a very Happy Holiday season and a peaceful and prosperous New Year!
Meta warns: These apps steal passwords Details: https://about.fb.com/news/2022/10/protecting-people-from-malicious-account-compromise-apps/ Android Apps: —————————————- Android Package Name | App Name —————————————- al.puik.cus | CallShowLite apex.hoolom.racecar.app | Apex Race Game callerscreen.paper.ringshow | CallerPaper Show com.abs.provideo_editor | Video Converter Master com.acetoon.studio.facephoto | Acetoon Photo Cartoon com.addtextcoon.shapermoter | Photo Frame PIP Collage Maker com.adonarusso.daily.horoscope | ZodiHoroscope – Fortune Finder com.ads_manager_helper | Ads Manager Helper com.ads.optimization | Ad Optimization Meta com.adsagency.socialmng | […]
PSA: Zero-Day Vulnerability in WPGateway Actively Exploited in the Wild! On September 8, 2022, the Wordfence Threat Intelligence team became aware of an actively exploited zero-day vulnerability being used to add a malicious administrator user to sites running the WPGateway plugin. Details https://www.wordfence.com/blog/2022/09/psa-zero-day-vulnerability-in-wpgateway-actively-exploited-in-the-wild/
WordPress 6.0.2 Security and Maintenance Release This security and maintenance release features 12 bug fixes on Core, 5 bug fixes for the Block Editor, and 3 security fixes. Because this is a security release, it is recommended that you update your sites immediately. https://www.heise.de/news/Sicherheitsupdate-Angreifer-koennten-WordPress-Websites-attackieren-7249431.html?wt_mc=nl.red.security.security-nl.2022-09-01.link.link
A NEWLY FOUND EXPLOIT COULD ALLOW REMOTE ATTACKERS TO TAKE CONTROL OF YOUR SHOP. Attackers have found a way to use a security vulnerability to carry out arbitrary code execution in servers running PrestaShop websites. For details, please read the entire article. Details: https://build.prestashop.com/news/major-security-vulnerability-on-prestashop-websites/ Please Update now!
On June 16, 2022, the Wordfence Threat Intelligence team noticed a back-ported security update in Ninja Forms, a WordPress plugin with over one million active installations. We uncovered a code injection vulnerability that made it possible for unauthenticated attackers to call a limited number of methods in various Ninja Forms classes, including a method that unserialized user-supplied content, resulting in Object Injection. This could allow […]
The WordPress plugin UpdraftPlus is vulnerable. If exploited, the vulnerability could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords). Details: https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/#more-141314 https://www.heise.de/news/WordPress-Plug-in-UpdraftPlus-koennte-Website-Backups-leaken-6510427.html?wt_mc=nl.red.security.security-nl.2022-02-24.link.link
As a reminder if you are having trouble sending or receiving emails. TLS versions 1.0 and 1.1 are no longer supported for email clients and webbrowsers. This can lead to problems receiving and sending emails, if you are still using an email client with an older operating system. To fix these problems, you need to update your operating system and email client software to the […]
WordPress Security The latest WordPress security news, tips and updates: https://ithemes.com/blog/category/wordpress-security/
All shared hosting packages: PHPmyadmin and webmail (Roundcube) were updated to the latest version today.
WordPress Plugin – Critical Vulnerability in Essential Addons for Elementor Plugin Details: https://www.heise.de/news/WordPress-Plug-in-Essential-Addons-for-Elementor-als-Schadcode-Schleuder-6344583.html?wt_mc=nl.red.security.security-nl.2022-02-03.link.link https://patchstack.com/articles/critical-vulnerability-fixed-in-essential-addons-for-elementor-plugin/
Dual stack connections via IPv4 and IPv6 are now available for all new orders (shared hosting). For existing hostings, the host systems Host1 and Host4 have already been equipped with IPv6 & IPv4, support for Host2 and Host3 is coming soon.
Backdoor Found in Themes and Plugins from AccessPress Themes Due to the way the extensions were compromised, we suspected an external attacker had breached the website of AccessPress Themes in an attempt to use their extensions to infect further sites. Details: https://jetpack.com/2022/01/18/backdoor-found-in-themes-and-plugins-from-accesspress-themes/ Please update or remove (un-install completely) the extensions mentioned in the details from the link above. If there are no updates for this […]
In order to avoid blacklisting of our mail servers due to unprotected contact forms & other forms, the forms must be secured with Captcha, e.g. (re-captcha v2) this is required to use PHP mail. If your application does not support PHP mail at the moment, please let us know when a captcha protection has been integrated and therefore the PHP mail function should be activated. […]
4 security issues affect WordPress versions between 3.7 and 5.8. If you haven’t yet updated to 5.8, all WordPress versions since 3.7 have also been updated to fix the security issues. details english: https://wordpress.org/support/wordpress-version/version-5-8-3/ Sicherheitsupdate: Angreifer könnten sich auf WordPress-Websites einnisten. In der aktuellen Version des Content Management System WordPress haben die Entwickler vier Sicherheitslücken geschlossen. details german: https://www.heise.de/news/Sicherheitsupdate-Angreifer-koennten-sich-auf-WordPress-Websites-einnisten-6320363.html?wt_mc=nl.red.security.security-nl.2022-01-10.link.link
Too many plugins can lead to security breaches on your site, site crashes, bad performance, slow loading speeds, and more. It may come as no surprise that piling a ton of plugins on top of each other on your website can cause some conflicts. Some plugins will disrupt the way others function, causing problems on your site. Details: https://pressable.com/why-its-smart-to-limit-plugins-on-your-wordpress-site/
From all of us here at GLOBE.LU we wish you a holiday season filled with joy and happiness!
Hosting Package: PROWEB-XL Promo Code: GLOBE21 please enter the promo code during checkout (Promo code expiry date: 01/01/2022) https://www.globe.lu/en/hosting/
Why does my website say it’s not secure? Any modern browser will display the “Not secure” warning in the address bar when your website is using HTTP instead of HTTPS. An SSL certificate can be used to encrypt and decrypt data transferred to and from your website. The best way to deal with the question “Why does my website say not secure?” is to install […]
Let’s Encrypt DST Root CA X3 expiration on Sept. 30 2021 Due to significant changes of the certificate provider Let’sEncrypt problems with some outdated clients can occur (web browser, email clients). The Let’s Encrypt DST Root CA X3 will expire on September 30, 2021. That means those older devices that don’t trust ISRG Root X1 will start getting certificate warnings when visiting sites that use […]