Detailed Analysis of macOS Vulnerability CVE-2019-8507

FortiGuard Labs Threat Analysis Report on an Memory Corruption Vulnerability in QuartzCore while Handling Shape Object. On March 25, 2019, Apple released macOS Mojave 10.14.4 and iOS 12.2. These two updates fixed a number of security vulnerabilities, including CVE-2019-8507 in QuartzCore (aka CoreAnimation), which I reported to Apple on January 3, Continue Reading

Reminder: cPanel & WHM Version 76 now EOL | cPanel Newsroom

As of cPanel & WHM Version 78’s move to STABLE on April 8th, cPanel & WHM Version 76 has reached End of Life and will no longer be supported by cPanel except when upgrading to a supported version. In accordance with our EOL policy (https://go.cpanel.net/longtermsupport), 76 will continue functioning on Continue Reading

Introducing MDaemon 19 – with Updates for Security, Reporting, & Webmail

This week, we released MDaemon 19, with new features that benefit administrators and end users. The following is a summary of key improvements. You can view the complete list of updates in the MDaemon release notes. New Features for Administrators One of the first things administrators will notice is that Continue Reading

Announcing OpenJDK 11 packages in Ubuntu 18.04 LTS

OpenJDK 11 is now the default Java package in Ubuntu 18.04 LTS, replacing OpenJDK 10, the previously supported rapid release version and original package default for Ubuntu 18.04. This OpenJDK package is covered by the standard, LTS upstream security support and will also be the default package for the upcoming Continue Reading

EasyApache 4 Apr 18 Release | cPanel Newsroom

We are happy to announce that cPanel, L.L.C. has released an update for EasyApache 4! With this release, we are introducing an experimental version of NGINX to cPanel & WHM. For a more in-depth breakdown, please review our related NGINX blog announcement. Also included are fixes for issues with ea-apache24-mod-pagespeed, ea-memcached, and libmemcached. Take a Continue Reading

Predator the Thief: New Routes of Delivery

A FortiGuard Labs Threat Analysis Paper Introduction In March 2019, FortiGuard Labs discovered a running campaign against Russian-speakers using a new version of “Predator the Thief” stealer malware. The same actor was using one set of dummy files to deliver the stealer via different forms of phishing, including Zipped files, Continue Reading

Transitioning to ISRG’s Root – Let’s Encrypt

On July 8, 2019, we will change the default intermediate certificate we provide via ACME. Most subscribers don’t need to do anything. Subscribers who support very old TLS/SSL clients may want to manually configure the older intermediate to increase backwards compatibility. Since Let’s Encrypt launched, our certificates have been trusted Continue Reading

The End of Cross-Site Scripting: WordPress 5.1.1 Released

Older versions of WordPress make all posts vulnerable to cross-site scripting. But the cross-site scripting vulnerability in WordPress is a thing of the past now since the release of v5.1.1. The WordPress team have introduced several fixes in this new version. But first – What does a cross-site scripting vulnerability Continue Reading

>