This entry was posted in Podcasts on July 19, 2019 by Kathy Zant 0 Replies
At WordCamp Europe, Mark chats with Chris Teitzel, CEO and founder of Lockr. Lockr is a key management system for websites using CMSs like WordPress and Drupal. Chris talks about the challenges of securing sensitive information and how Lockr makes secure key management affordable. Chris speaks on security topics at WordCamps and DrupalCons around …
Read More
This entry was posted in Podcasts on July 17, 2019 by Kathy Zant 0 Replies
This week we review a critical vulnerability in the Ad Inserter plugin, currently installed on over 200,000 WordPress sites. The vulnerability, discovered by our Director of Threat Intelligence Sean Murphy, was patched quickly by the developer. We also cover Google’s decision to remove Chrome’s built-in XSS protection, a researcher’s discovery of vulnerability in Instagram’s 2FA, …
Read More
This entry was posted in Research, Vulnerabilities, WordPress Security on July 15, 2019 by Sean Murphy 3 Replies
Description: Authenticated Remote Code Execution Affected Plugin: Ad Inserter Affected Versions: <= 2.4.21 CVSS Score: 9.9 (Critical) CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H On Friday, July 12th, our Threat Intelligence team discovered a vulnerability present in Ad Inserter, a WordPress plugin installed on over 200,000 websites. The weakness allowed authenticated users (Subscribers and above) to execute arbitrary PHP …
Read More
This entry was posted in Podcasts on July 12, 2019 by Kathy Zant 0 Replies
At WordCamp Atlanta, Mark sat down with Chris Wiegman, the creator of Better WP Security. Now known as iThemes Security, it is installed on over 900,000 WordPress sites. Chris talks about his experiences as a flight captain flying over the Hawaiian islands and what happened when an earthquake occurred shortly after takeoff. He also talks …
Read More
This entry was posted in Podcasts on July 09, 2019 by Kathy Zant 0 Replies
A security researcher found vulnerabilities in the Mac client for Zoom, a popular video conferencing application. After 90 days and two weeks, the vulnerability still exists. Mitigating the vulnerability entails typing the following commands in terminal, replacing [pid] with the process ID: $> lsof -i :19421 $> kill -9 [pid] $> rm -rf ~/.zoomus $> …
Read More
This entry was posted in Podcasts on July 05, 2019 by Kathy Zant 0 Replies
Liquid Web COO Carrie Wheeler chatted with Mark at WordCamp Atlanta about her path from developer to leadership in the tech field. She talks about the three things all people look for in their jobs and how to provide context so they feel connected to an organization’s mission. She also talks about the competitive hosting …
Read More
This entry was posted in Podcasts on June 27, 2019 by Kathy Zant 1 Reply
Ryan Dewhurst is an ethical hacker and penetration tester who has developed a number of tools that make finding vulnerabilities in WordPress much easier. Penetration testers are professional ethical hackers that find vulnerabilities so they can be patched before they are exploited. Ryan is one of three contributors to WPScan, a command line tool that …
Read More
This entry was posted in Podcasts on June 24, 2019 by Kathy Zant 0 Replies
From Berlin we talk about our experience attending the largest WordCamp in the world and then dive into the news. We discuss 2,600 hacked WordPress sites being used for a free proxy service, Iranian cyber attacks, an attack at JPL affecting NASA and a WeTransfer security incident. We also cover a phishing breach at Oregon …
Read More
This entry was posted in Podcasts on June 21, 2019 by Kathy Zant 2 Replies
Mark sat down with Frank Robinson at WordCamp Atlanta a few weeks ago. Frank started Salon Media 22 in 2008, an agency focused on building sites and digital media in the beauty industry. Frank is a software designer and entrepreneur growing his business. We talk about why he focused on the beauty industry and how …
Read More
This entry was posted in Podcasts on June 20, 2019 by Kathy Zant 0 Replies
This week, we’re at WordCamp Europe in Berlin, Germany and there is a lot of WordPress and security news to cover. We talk about the recent outage with WordPress VIP Go, what’s new in WordPress version 5.2.2, vulnerabilities in two of Facebook’s WordPress plugins, a Google Chrome extension for reporting bad URLs and a Chrome …
Read More
