Social network Bebo is still inaccessible after an apparent technical error took the site offline yesterday.
Posts Tagged security
Attacks resume against US Department of Justice
The United States Department of Justice appears to be under attack for the second time since the popular MegaUpload file sharing site was taken down.
“Operation Italy” takes down government website
Plans by Anonymous to launch a distributed denial of service attack against www.governo.it were changed half an hour before the attack was scheduled to commence.
WordPress 3.3.1 Security and Maintenance Release
WordPress 3.3.1 is now available. This maintenance release fixes 15 issues with WordPress 3.3, as well as a fix for a cross-site scripting vulnerability that affected version 3.3. Thanks to Joshua H., Hoang T., Stefan Zimmerman, Chris K., and the Go Daddy security team for responsibly disclosing the bug to our security team. Download 3.3.1 or visit […]
Parallels Plesk Panel 9.3.0.3 Security Update (Linux only)
We have published Security Update #3 for Parallels Plesk Panel 9.3.0 that fixes PHP fasCGI vulnerability:
[-] An unauthenticated remote attacker being able to compromise the system and gain control over it security issues were resolved.
Parallels Plesk Panel 9.5 Prerelease (RTM)
Parallels Plesk Panel 9.5 is now available for downloads on Parallels PartnerNet.
http://www.parallels.com/partnernet/rtmdownloads/panel/
http://www.parallels.com/products/plesk95/
Changelog
1. [+] PCI Compliance: Parallels Plesk Panel can be made compliant with the Payment Card Industry Data Security Standard. This can be achieved by running a special PCI compliance resolver utility and additional tuning of system components, as described in the document Achieving PCI Compliance for Servers Managed by Parallels Plesk Panel 9.5. The document is available at http://www.parallels.com/products/plesk/docs/parallels-plesk-panel-9.5-pci-compliance/index.htm.
2. [+] Compatibility with Microsoft Internet Explorer 8: Parallels Plesk Panel is now compatible with Microsoft Internet Explorer 8.
3. [+] CloudLinux support: Parallels Plesk Panel can now work under CloudLinux operating system.
4. [+] Google Services for Websites support (beta): Parallels Plesk Panel 9.5 can now be easily integrated with Google Services for Websites. To learn more, refer to Parallels Plesk Panel 9.5 Administrator’s Guide at http://download1.parallels.com/Plesk/PPP9/Doc/en-US/plesk-9.5-administrators-guide/64635.htm.
5. [+] More virtualization solutions supported: Parallels Plesk Panel 9.5 can operate in virtual environments created by the following virtualization solutions: Parallels Virtuozzo Containers, Microsoft Hyper-V, Xen, and VMWare. There are special licensing options for Parallels Panel software operating inside virtual environments. For more information about licensing options, contact your vendor or call Parallels sales team. The phone numbers are listed at http://www.parallels.com/contact/.
6. [+] Upgraded components: phpMyAdmin to the version 2.9.11, and Horde Application Framework to the version 3.3.6.
7. [-] SpamAssassin spam filter incorrectly classified most of the messages delivered in the year 2010 as spam – issue resolved.
8. [-] Horde webmail did not open properly in Internet Explorer 8 – issue resolved.
9. [-] Cross-site scripting vulnerability was eliminated.
10. [-] A number of security issues were identified that could allow an unauthenticated remote attacker to compromise your system and gain control over it – these issues were resolved.
11. [-] Migration failed if the /tmp file system was full – issue resolved. Now you can specify any other location for the temporary directory.
Linux/Unix-specific
12. [-] Migration of websites from Plesk Control Panel 7.5.4 to Parallels Plesk Panel 9.2.1 failed if the SpamAssassin spam filter was configured to remove spam e-mail – issue resolved.
13. [-] ProFTPD 1.3.1 was prone to a security vulnerability that allowed attackers to perform cross-site request forgery types of attacks – to resolve this issue, ProFTPD was upgraded to the version 1.3.2e.
14. [-] If temporary directory on the server was full, FTP network error occurred on attempt to move a file from an FTP storage to the server repository – issue resolved.
15. [-] If, in Parallels Plesk Panel, there is a domain with the same name as server’s hostname, then a message sent to postmaster@$HOSTNAME is bounced back – issue resolved.
16. [-] During upgrade, the default client and domain template values were reset – issue resolved.
17. [-] Plesk 8.x key was not updated automatically to 9.x during product upgrade – issue resolved.
18. [-] After upgrade, var/qmail/control/me file contained only the hostname – issue resolved.
19. [-] Scheduled security scanning by Watchdog (System Monitoring) Module could not start – issue resolved.
20. [-] Postfix mail server occasionally failed to deliver some e-mail messages with the “Unprocessed command” errors – issue resolved.
21. [-] After upgrading Parallels Plesk Panel from versions 8.x to 9.x, scheduled backups could stop working – issue resolved.
22. [-] Web statistics were not calculated properly when the piped logs feature was switched on – issue resolved.
23. [-] The Watchdog (System Monitoring) Module showed security warnings (false positives) due to incorrect default configuration – issue resolved.
24. [+] Upgraded components: IceWarp (Merak) Mail Server to the version 10, Bind DNS server to the version 9.4.3-P4, PHP to the version 5.2.13
25. [+] It is now possible to specify an arbitrary temporary folder as a command-line parameter of the backup tool.
26. [*] Operation of Plesksrv.exe component was stabilized.
27. [-] Standard Parallels Plesk Panel configuration allowed to view extra information (read webmail folder) – issue resolved.
28. [-] If temporary directory on the server was full, FTP network error occurred on attempt to move a file from an FTP storage to the server repository – issue resolved.
29. [-] Parallels Plesk Panel hanged on attempt to remove domains with several mailboxes – issue resolved.
30. [-] Parallels Plesk Panel failed to install the DotNetNuke application on websites – issue resolved.
Parallels Plesk for Unix 8.3.0 Update 2
Parallels Plesk for Unix 8.3.0 Update 2 is released.
Change log:
1. [-] Remove debug information from mchk and mailmng output.
2. [-] Issue with mchk and mailmng error “Unable to initialize quota settings” is resolved.
3. [-] Bug “per-mailbox statistics information for some domains is not displayed” is resolved
4. [-] Bug “Watchdog does not run security scan” is resolved
5. [-] Issue with “Cannot load mod_bw.so into Apache” on FedoraCore6 is resolved
6. [-] Issue with JavaScript errors in WYSIWYG editor is resolved
7. [-] Several bugs in Autoinstaller are resoleved
8. [*] Security improvements
9. [-] Several API bugs are resolved
10. [-] Several Backup and Migration Manager bugs are resolved