Cybersecurity Alerts, News, and Tips




Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins

WP Time Capsule and InfiniteWP WordPress plugins are affected by security flaws that could be exploited to take over websites running the popular CMS. Experts at security firm WebArx have ethically disclosed vulnerabilities in WP Time Capsule and InfiniteWP plugins, both were patched earlier this month by the developer Revmakx. The flaws in WP Time […]
The post Critical auth bypass issues affect InfiniteWP Client and WP Time Capsule WordPress plugins appeared first on Security Affairs.


5ss5c Ransomware emerges after Satan went down in the hell

The cybercrime group behind Satan ransomware and other malware seems to be involved in the development of a new threat named 5ss5c. The threat actors behind the Satan, DBGer and Lucky ransomware and likely Iron ransomware, is back with a new piece of malware named ‘5ss5c’. The Bart Blaze believes that the threat actors have […]
The post 5ss5c Ransomware emerges after Satan went down in the hell appeared first on Security Affairs.


How Security Keeps Up When Developers Drive Open-Source

Open source is transforming software development. No longer do individual businesses need to purchase or build everything they need in-house. Instead, they can rely on a modern, interdependent ecosystem in which developers work together on mutually beneficial projects. This way, a single company doesn’t need to shoulder the entire development cost or have all the skills needed for the project.
But, it hasn’t always been this way.


Special Cases Are a Code Smell

LA Parking Sign
A Warning Sign
Los Angeles is famous for its complicated parking signs:They’re totems of rules and exceptions, and exceptions to the exceptions. Often, when we code, we forget a lesson that’s obvious in these preposterous signs: Humans understand simple, consistent rules, but fail on
special cases.
A Trivial Example
Say you’re given an array of integers, and you want to calculate the sum of each element’s neighbors. Try it:


VMware addresses flaws in VMware Tools and Workspace ONE SDK

VMware has released security updates to address a local privilege escalation vulnerability in VMware Tools version 10 for Windows. VMware has released VMware Tools 11.0.0 that addresses a local privilege escalation issue in Tools 10.x.y tracked as CVE-2020-3941. The issue, classified as a race condition flaw that could be exploited by an attacker to access […]
The post VMware addresses flaws in VMware Tools and Workspace ONE SDK appeared first on Security Affairs.