Year-Old Critical Magento Flaw Still Exploited, Payment Info Stolen

// Slashdot: IT Orome1 writes: A whole year has passed since a critical e-shop hijacking flaw in the Magento CMS has been patched, but the vulnerability is still being exploited in attacks in the wild, warns Sucuri researcher Denis Sinegubko. At the time, the Magento development team pushed out a patch (SUPEE-5344) but after two…
lire la suite

Backblaze Dishes On Drive Reliability In their 50k+ Disk Data Center

// Slashdot Online backup provider Backblaze runs hard drives from several manufacturers in its data center (56,224, they say, by the end of 2015), and as you'd expect, the company keeps its eye on how well they work. Yesterday they published a stats-heavy look at the performance, and especially the reliability, of all those drives,…
lire la suite

Cisco ASA Firewall Has a Wormable Problem — And a Million Installs

// Slashdotitwbennett writes: Cisco has published an advisory for a vulnerability with a CVSS (Common Vulnerability Scoring System) score of 10 that was discovered by researchers from Exodus Intelligence. According to the advisory, 'a vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco cheap phentermine ASA…
lire la suite