security

  1. MagicalAzareal

    Zoom Security Incidents and Lies

    https://www.theregister.co.uk/2020/04/01/zoom_spotlight/ And this... is why you never market a product with a features it doesn't have (like end to end encryption) or to be more secure than it actually is. It turns out the British Government winded up using it for sensitive high level...
  2. ManagerJosh

    vBulletin 5.x 0day pre-auth RCE exploit

    New 0Day just got dropped for vBulletin 5.x. It's believed that it impacts all versions from vBulletin 5.0.0 till 5.5.4. https://www.zdnet.com/article/anonymous-researcher-drops-vbulletin-zero-day-impacting-tens-of-thousands-of-sites/...
  3. R0binHood

    Wordfence now includes 2FA on their free tier to help protect your Wordpress site

    Wordfence have just announced 3 new login security features including free 2FA, which is pretty big. I've spent a lot of time researching free 2FA options for Wordpress and the good ones are nearly all paid. It's crazy that it's not included in the core at this point. (Side note: I give XF a...
  4. H-DB

    Two Critical 0-Day Remote Exploits for vBulletin Forum Disclosed Publicly (Version 5)

    https://thehackernews.com/2017/12/vbulletin-forum-hacking.html
  5. Alfa1

    Another hacker developer banned from XenForo (HQCoder)

    On XenForo.com a Vietnamese coder named HQCoder released very similar addons to Brivium and seems to have copied code from legitimate developers. If you are running any of the addons by HQCoder then remove these immediately because these may include security risks! last month he released his...
  6. DanielGarneau

    Advice on Securing PhpBB 3.1.9, before going live with a new forum ?

    Hello everyone at TAZ, What advice would you have to give me for securing my new PhpBB 3.1.9 forum, before I make it publicly available to humans and robots? So far I installed and activated the "Stop Forum Spam" extension, and created niche related questions for the "Sortables Captcha"...
  7. Doctor 404

    Just ordered a VPS from OVH

    I just ordered a VPS from OVH and got some stuff setup. The problem i have is that even though i managed to do this stuff by myself (Setup the gameservers, mysql and voiceservers) i think im missing stuff that i must certainly not know (Im not very tech savvy about linux based systems). The...
  8. Digital Doctor

    How did vB know how the breech occurred?

    I read IB knows how the vB5 breech happened and they have patched it. How would they know ? They checked the server logs ? Any other ways ?
  9. Shiro

    Human Spammers: People are paid to spam your forum.

    You may be aware of services like Amazon Mechanical Turk or Microworkers. These are crowdsourcing services that allow vendors to pay small amounts of money for the completion of tasks. These tasks often range from things like helping Google and Bing rank search results (human experience), and...
  10. Floyd R Turbo

    Tapatalk is bypassing 2FA in Xenforo 1.5

    https://support.tapatalk.com/threads/xf-1-5-tapatalk-bypasses-2-factor-authentication-in-xenforo.31618/ Here's what I did: Via PC, enabled 2FA and verified Via iPhone / Safari, logged out and logged back in. It asked for 2FA and I verified this. I left the "remember for 30 days" unchecked I...
Top