RIPS Technologies – WindowsTechs.com

SonarSource now provides high-precision SAST tooling for developers, enabling them to own Code Security

Posted on December 18, 2020 by Deb Schalm

Geneva, December 17th, 2020, In 2020 SonarSource became a leader in Code Quality and Code Security solutions, upgrading its tools to bring unmatched SAST (Static Application Security Testing) precision and performance to developers. Now there’s a… Continue reading SonarSource now provides high-precision SAST tooling for developers, enabling them to own Code Security→

SonarSource Acquires RIPS Technologies and Accelerates in the Application Security Market

Posted on May 13, 2020 by Deb Schalm

The acquisition furthers the industry leader’s continued commitment to empower all development teams to build more secure software GENEVA, May 13, 2020 – SonarSource, maker of SonarQube and leader for Code Quality and Code Security solutions, tod… Continue reading SonarSource Acquires RIPS Technologies and Accelerates in the Application Security Market→

Serious flaw found and patched in WordPress, but it might lurk in plugins

Posted on February 19, 2019 by Joe Warminsky

WordPress recently patched a long-running, potentially serious vulnerability in its core code. But a similar flaw in third-party plugins could still allow hackers to take over websites that use the popular publishing software, according to German web security company RIPS Technologies. Exploiting the vulnerability requires an attacker to have access to an account with “author” privileges for the target website — a common designation for WordPress users. Once logged in, a hacker could manipulate how WordPress reads and writes files in its image database, essentially tricking the software into saving a malicious script file into a directory that typically handles photos. “An attacker who gains access to an account with at least author privileges on a target WordPress site can execute arbitrary PHP code on the underlying server, leading to a full remote takeover,” RIPS researcher Simon Scannell wrote in a blog post Tuesday. The bug — which RIPS is categorizing as a “path traversal” vulnerability — is exploitable WordPress instances […]

The post Serious flaw found and patched in WordPress, but it might lurk in plugins appeared first on CyberScoop.

Continue reading Serious flaw found and patched in WordPress, but it might lurk in plugins→

Update now! WordPress 5.0.1 release fixes seven flaws

Posted on December 14, 2018 by John E Dunn

Don’t delay, update your Wordpress website today. Continue reading Update now! WordPress 5.0.1 release fixes seven flaws→

Joomla Patches Eight-Year-Old LDAP Injection Vulnerability

Posted on September 21, 2017 by Michael Mimoso

Joomla on Tuesday patched a critical LDAP injection vulnerability that had lingered in the content management system for eight years. Attackers could use this bug to steal admin login credentials. Continue reading Joomla Patches Eight-Year-Old LDAP Injection Vulnerability→

Critical Vulnerability Patched in Roundcube Webmail

Posted on December 7, 2016 by Michael Mimoso

Open source webmail provider Roundcube was patched against a vulnerability that could be trivially exploited to run code on servers or access email accounts. Continue reading Critical Vulnerability Patched in Roundcube Webmail→