Posted on Monday February 17, 2020
An anonymous reader quotes a report from ZDNet: WordPress site owners who use commercial themes provided by ThemeGrill are advised to update one of the plugins that come installed with these themes in order to patch a critical bug that can let attackers wipe their sites. The vulnerability resides in ThemeGrill Demo Importer, a plugin that ships with themes sold by ThemeGrill, a web development company that sells commercial WordPress themes. The plugin, which is installed on more than 200,000 sites, allows site owners to import demo content inside their ThemeGrill themes so they'll have examples and a starting point on which they can build their own sites. However, in a report published yesterday, WordPress security firm WebARX says that older versions of the ThemeGrill Demo Importer are vulnerable to remote attacks from unauthenticated attackers. Remote hackers can send a specially crafted payload to vulnerable sites and trigger a function inside the plugin. The vulnerable function resets the site's content to zero, effectively wiping the content of all WordPress sites where a ThemeGrill theme is active, and the vulnerable plugin is installed. Furthermore, if the site's database contains a user named "admin" then the attacker is granted access to that user with full administrator rights over the site.
Posted on Saturday February 15, 2020
Slashdot reader golden_donkey quotes Forbes: Are you booting up your Windows 10 machine and discovering you can't log in to your profile? It appears you're not alone. Reports are increasing across Twitter and Microsoft forums that following the most recent Patch Tuesday update (KB4532693), users are complaining that their profiles and desktop files are missing, and that custom icons and wallpaper have all been reset to their default state... The KB4532693 update is allegedly causing much more serious headaches for some users. A newer report by Windows Latest cites multiple users in their comments section complaining that the data is nowhere to be found and allegedly not recoverable. Microsoft has now "yanked KB4524244 from its update servers..." reports ZDNet, "after acknowledging reports of an issue affecting a sub-set of devices." Microsoft says customers who have successfully installed the update don't need to take any further steps. Those who have configured PCs to defer installation of updates by at least four days should also be unaffected. For those who are experiencing issues related to this update, Microsoft recommends uninstalling the update. Forbes also shared a video "on a related note." Its title? "How To Choose A Linux Distro That's Right For You..."
Posted on Friday February 14, 2020
Businesses need technology to be profitable and productive. But not all technologies are capable of delivering on their perceived benefits. To make sure your investments are worth keeping, you need to perform technology business reviews.
Posted on Wednesday February 12, 2020
Bloatware is pre-installed software (that may or may not be malicious) that typically requires an unwarranted amount of disk space, slowing down your computer and exposing you to more cybersecurity risks.
Posted on Tuesday February 11, 2020
We have released the February security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month's security updates can be found in the Security Update Guide.
Posted on Monday February 10, 2020
The booming market for cybersecurity products is a sign that businesses are taking the issue seriously. But before your company invests in any product, ask yourself if it's something you really need. Here are some tips on how you can make the most out of your cybersecurity investment.
Phone: +1-989-776-2080
Toll Free: +1-855-674-2968
Email: info (at) netservicesgroup dot com
DUNS 155892800
SPIN 143027933
100% Michigan
NSG is owned & operated, offering enterprise-level IT service & support, right in your own back yard.