Tag: security

Important Magento Security Update – Zend Platform Vulnerability

While doing routine sanity checks, on of our QA Engineers, Sammy Shaar, was alerted about an important Magento security update. The vulnerability potentially allows an attacker to read any file on the web server where the Zend XMLRPC functionality is enabled. This might include password files, configuration files, and possibly even databases if they are stored on the same machine as the Magento web server. To see if you site has been affected, please see this page. Luckily, Magento has released patches for…

Feb 23 was a security day

Busy day yesterday: Cloudflare leaked secrets Google cracked SHA-1 Dropbox opensourced Securitybot: Automated Security at Scale