Security News for Everyone
31 May 2017 22:06
Actualizacion de Magento, adjuntamos el changelog:
Today, Magento is releasing new updates to increase product security and functionality. The releases contain over 15 security enhancements and Magento 2.x updates that also address image resizing and MasterCard BIN number expansion. We strongly recommend that all merchants upgrade to these versions as soon as is reasonably possible.
Download and install the Enterprise Edition updates by logging into My Account and navigating to the version you want to download. (See How to get the Magento software for a discussion of Magento 2.x installation procedures, and How to Apply and Revert Magento Patches for Magento 1.x instructions.). Community Edition software will be available in the Release Archive of the Community Edition download page.
These releases include:
Multiple critical security enhancements. These updates help close access control bypass, CSRF, and authenticated Admin user remote code execution vulnerabilities. See Magento 2.0.14 and 2.1.7 Security Patches and SUPEE-9767 Security Patches for more information.
Support for MasterCard BIN number expansion. MasterCard recently added a new series of Bank Identification Numbers (BIN). While certain Magento versions already support the new BINs, merchants using the following versions must upgrade or apply a patch by June 30, 2017 or face potential fines from MasterCard and lost sales.
• Enterprise Edition 2.1.2 or earlier
• All Enterprise Edition 2.0.x releases
• All Enterprise Edition 1.14.2.x releases or earlier
• All Community Edition 1.9.2.x releases or earlier
More information is available at MasterCard BIN Range Update.
Reversion of the changes to image resizing that we introduced in Magento 2.1.6. Certain image resizing changes introduced unanticipated problems. We have reverted these changes in this release, and will provide improvements to image resizing in a future product update. See the Magento 2.1.7 Enterprise Edition Release Notes for additional information you may need when upgrading from Magento 2.1.6 or 2.1.5 to this release.
Full details are available in the release notes:
Magento Community Edition 2.1.7
Magento Enterprise Edition 2.1.7
Magento Community Edition 2.0.14
Magento Enterprise Edition 2.0.14
Magento Community Edition 1.9.3.3
Magento Enterprise Edition 1.14.3.3
Best regards,
The Magento Team
Читать полностью…
Security News for Everyone
31 May 2017 16:34
📃 "Entrevista a ACABGang de @" http://www.eldiario.es/cultura/tecnologia/privacidad/ACABGang-espanoles-controlados-Hazteoir_0_631687653.html
Extrato:
"...¿Qué medidas aconsejan ACABGang para evitar el control? "Fácil, usar una VPN(recomendamos PIA) o navegar desde la red de TOR. Si tenéis información muy confidencial y pensáis que podéis estar en riesgo si la descubren, en nuestra opinión tendréis que usar Kodachi3". Que es un sistema operativo basado en Debian 8.6 (Linux), que pretende ser lo más seguro, antiforense y anónimo posible. Una opción interesante para los que quieran algo más permanente que TAILS y más sencillo de usar e instalar que Qubes, el sistema favorito de Edward Snowden."
Links de interes en el artículo:
⛓ "Comparte tu ordenador para formar una VPN" http://www.eldiario.es/turing/vpn-acceso-compartir-ordenador_0_117589016.html
⛓ "Linux Kodachi3, un SO seguro, anti-forense, anónimo... y fácil de usar" http://www.hackplayers.com/2017/01/linux-kodachi3-un-so-seguro-anti.html
⛓ "Guía práctica de Tails" http://www.eldiario.es/turing/vigilancia_y_privacidad/Guia-practica-Tails-distribucion-Linux_0_253374668.html
⛓ Página oficial de Qubes https://www.qubes-os.org/
⛓ Más info de Qubes: https://es.wikipedia.org/wiki/Qubes_OS
#Hacker #Ciberdelincuente #ACABGang #Tails #Kodachi3 #Qubes #VPN
Читать полностью…
Security News for Everyone
31 May 2017 08:44
Hackers están introduciendo exploits en los ficheros de subtítulos - MuySeguridad
http://muyseguridad.net/2017/05/26/exploits-ficheros-subtitulos/
Читать полностью…
Security News for Everyone
30 May 2017 20:04
CVE-2017-1000367 in Sudo's
get_process_ttyname() for Linux http://www.openwall.com/lists/oss-security/2017/05/30/16
Читать полностью…
Security News for Everyone
30 May 2017 11:56
¡Buenos días a todo/@! si sois usuarios de Android tened en cuenta lo siguiente:
http://es.gizmodo.com/todo-lo-que-debes-saber-acerca-de-judy-el-nuevo-malwar-1795639151
Hay más de 36 millones de usuarios afectado/as por este nuevo Ransomware, difundidlo y asegurad vuestro Smartphone.
#Android #Ransomware
Читать полностью…
8605