Bernard Sfez blog and notes

Tiki Express Tutorials, notes or security related informations.
A good part is related to Tiki Wiki, the complete web application builder.
Other are related to the technologies used with my ready-to-use Web Applications.

Using unique password is good for your health

Author: Bernard Sfez - Published

Online credential stealing this year alone affected millions of users.
On the dark web files containing password and email from Netflix, Last.FM, LinkedIn, MySpace, dating site Zoosk, adult website YouPorn, as well as popular games like Minecraft and Runescape have been found and several database leaking have been reported from websites such as LinkedIn, vk.com, and Tumblr.

May be it is time for you to learn and understand why unique and different password for your activities are important and can save you, your work and your family ?

I received a threatening email today on an old mailbox used to compartiment SPAM and "unsafe" registration on different website and application.
A simple combination used for hacking, games or porn forum I had to scan to test tools... something like 10 years ago. :-D

Scanning them back I see one that was closed a few month ago and I guess the database was sold or ended in the wrong hands.

Security and bug-fix updates: Tiki 17.1, Tiki 16.3, 15.5 and Tiki 12.12 released!

Author: Bernard Sfez - Published

The Tiki Community has released updates to all supported branches of the Tiki Wiki CMS Groupware project. These updates address several vulnerabilities found in Tiki, as well as bringing miscellaneous bug fixes.

Special thanks to:

for reporting and assisting in verifying fixes for the security issues!

All Tiki website administrators are strongly encouraged to upgrade their sites to the latest Tiki versions: Tiki 17.1, Tiki 16.3, Tiki 15.5 LTS, and Tiki 12.12 LTS.

Visit https://tiki.org/Download to get the latest version.

It is time to update your Tiki ! (Tiki 16.1, 15.3 and 12.10 released)

Author: Bernard Sfez - Published

A new breed of Tiki has been released a week ago and the Tiki Community urge every user to update as it solve critical security issues. LTS (Long Term Services) versions are concerned, 12.x and 15.x, as well as the under going development 16.x branch so you got no excuses. With so many improvement and a few regression and bug fixes it is in your best interest to upgrade as those version not only contain security fixes but hundreds of small improvement, enhancement and regressions fixes.

The process is pretty smooth and doesn’t require that much knowledge thanks to the Tiki Install/Update process and your data will be safer as well as your files. As usual do backup of your database and if you feel it is too complicate for you ask from the Tiki Community for help, contact me or check the Tiki consultant list to have it done.

Skype being heavily targeted this end of year

Author: Bernard Sfez - Published

Skype the popular text, voice and video communicator has being targeted several time on several platform since October 2016.
If you were on Windows and Android it is now several weeks you are urged to update your version of Skype. Since an old backdoor was also found (by Trustwave's SpiderLabs analysts) on Mac OSX version it seem that everyone should update skype, period.

Skype, acquired by Microsoft for $8.5 billions in 2011 was born in 2003 (only) but became rapidly a very commonly used application with 300 millions of users, around 20% of adult Internet users are Skype aficionados! With such penetration, simple breach or hack have a huge impact on the entire community. Not infected system are getting spammed and must defend themselves or be defended while all this have a cost and decrease Internet performances. The virus infection come with a slow wave propagation. While this may fool some of us (we are not affected at the same time) this give a good advantage for those who are away from the source and by the time the virus or hack affect the system that they are connected to or may received information from they should have updated or upgraded their own application.

Drupal modules vulnerability, THE third party plugins issue (again)

Author: Bernard Sfez - Published

Drupal is calling upon its users to patch a dangerous remote code execution hole that can easily let attackers hijack sites. The content management system has some 15 million downloads, compared to WordPress with 140 million and Joomla with 30 million. Drupal is deployed on big ticket and business sites including nine percent of the world’s 10,000 most popular sites.

If Drupal core is not affected and not all sites will be impacted, the issue is again raising the question about third-party modules/plugins/add-ons that are not part of the core (code) but may cause significant damage to the project itself, your users, your business, all your hard work.... It is critical to review published advisories (July 12 2016) to determine if any modules you currently use have been flagged up.

Security update: Tiki 15.2, Tiki 14.4 and Tiki 12.9 released!

Author: Bernard Sfez - Published

The Tiki Community has released updates to all current versions of Tiki Wiki CMS Groupware. This update addresses a critical vulnerability found in third-party code that is included with Tiki. The update also includes many fixes and updates.

Special thanks to Mehmet Dursun İNCE of www.invictuseurope.com and to Robert Abela of www.netsparker.com for their cooperation and assistance in reporting the security issues.

We highly encourage all Tiki administrators to update their sites to the latest Tiki versions: Tiki 15.2, Tiki 14.4, and Tiki 12.9 LTS.

Visit https://tiki.org/Download to update the latest version.

FortiOS SSH Undocumented Interactive Login Vulnerability

Author: Bernard Sfez - Published

Aoutch... after an "unauthorized" backdoor was found in Juniper Networks firewalls, Juniper's ScreenOS, the first report of a highly suspicious code in FortiOS firewalls has been confirmed and tested as an SSH backdoor that can be used to access its firewall equipment.

This issue affected all FortiOS versions from 4.3.0 to 4.3.16 and 5.0.0 to 5.0.7, which cover FortiOS builds from between November 2012 and July 2014.
Proof-of-Concept exploit code was made available online by an anonymous user (operator8203@runbox.com), who posted the exploit code on the Full Disclosure mailing list this week, helping wannabe hackers generate the backdoor's dynamic password. FortiOS SSH backdoor can be then accessed via the Fortimanager_Access username.

Are DoS attacks just crashing or disrupt your service on the internet ?

Author: Bernard Sfez - Published

From what we are monitoring DoS denial of service (also named DDoS - distributed denial of service) attack are the most usual weapon in the worldwide and middle-east scene. It is cheap, easy to set up and doesn't require much knowledge. IT Admin tend to think that the technique consist only to overload the target servers by increasing exponentially the requests getting into it. But can it really hurts target's business or even disrupt country services for more than a short period of time ?

Beside direct motive like blackmailing/ doing harm to a competitor / political reasons for DoS attack. Are there other, more indirect motives ?
Would it be possible to get data or even control from the service with a DoS attack ?

  • «
  • 1 (current)
  • 2