Magento has just released patch SUPEE-6482, which addresses four different vulnerabilities affecting Magento Community and Enterprise editions. We strongly advise all Magento store administrators to update to the latest version to address these vulnerabilities (1.9.2.1 for Community or 1.14.2.1 for Enterprise). Those that do not want to update to the most current version of Magento […]
In the wake of a number of serious vulnerabilities — including the critical ShopLift vulnerability — Magento announced in May that it would be introducing the Magento Alert Registry to keep eCommerce retailers up-to-date about potential security problems. You can now sign up here. “We are committed to platform security and are taking proactive steps intended to […]
WordPress is a complex software ecosystem. Its huge userbase and an active developer community numbering in the tens of thousands make for a potential security nightmare, but, in fact, it functions surprisingly smoothly. For users who hear only about the most recent security vulnerability, it might not appear so, but the widespread publicity of security […]
Magento has released a bundle of patches that fix several vulnerabilities. The vulnerabilities addressed by the patch can be exploited by attackers to disclose confidential information and execute code remotely. The bundle (SUPEE-5994) can be downloaded here and should be applied as soon as possible by users of Magento Community Edition and Magento Enterprise Edition. […]
One of the most heartbreaking experiences I’ve had when advising people about WordPress was with a friend of mine who had spent weeks setting up her site, writing content, and posting images, only to lose everything just as she was about to launch because she mistyped a command on her VPS’s command line. Of course, […]
A patch has been released to fix a remote code execution vulnerability in both Magento Enterprise and Community Editions. In February, Check Point researchers announced that they released details of the critical RCE (remote code execution) vulnerability in the Magento platform. Checkpoint originally found this exploit back in February and contacted Magento privately regarding the […]
We’re happy to announce that we’ve brought two-factor authentication to Magento in partnership with Magento development agency Human Element. This new plugin, named Sentry, will allow Magento retailers a solution for secured, two-factor authentication. Two-factor authentication offers enormously enhanced security for Magento eCommerce stores. Passwords alone have never been a great way to handle secure […]
If you don’t update your WordPress site, it may be vulnerable to hackers. Updating a WordPress site is one of those tedious tasks that has to be done, but doesn’t usually confer any obvious benefit. Sometimes you’ll get a new feature, but most of the time, you hit the update button, the site prints out […]
The Heartbleed bug was one of the worst online security vulnerabilities in recent memory, allowing an attacker to read chunks of a server’s memory that might contain private keys, authentication credentials, and other sensitive data. In the wake of Heartbleed, it’s a good time for WordPress site owners to audit their security procedures and implement […]
Most WordPress users knows that WordPress plugins should be updated. Updates frequently include patches that fix security vulnerabilities. Part of every WordPress user’s routine should include regular plugin and core updates. But there’s another source of potential vulnerability that WordPress users may not be aware of: many themes include bundled plugins and those plugins are […]
Your inbox needs more Nexcess
Grow your online business faster with news, tips, strategies, and inspiration.