Drupal releases patch for 'highly critical' remote code execution flaw that puts millions of sites at risk
Sites based on the CMS Drupal are at risk from a remote code execution flaw which has been classed as "highly critical". Site owners are being urged to install updates to ensure they are protected.
The security flaw -- CVE-2019-6340 or SA-CORE-2019-003 -- affects Drupal 8.5.x and 8.6.x but there are certain conditions that must be met in order for a site to be vulnerable.
Three-hundred-and-twenty-three in a series. Welcome to this week's overview of the best apps, games and extensions released for Windows 10 on the Windows Store in the past seven days.
Recent builds highlight several new features of the upcoming Windows 10 version 1903 update. New features include options to access Linux files using WSL, Windows Sandbox scripting support, and more.
Most Commented Stories
Today in Tech History
Following the scandal surrounding the collection of user data, Facebook has removed its Onavo VPN app from the Google Play Store -- a full six months after the iOS version of the Facebook Research app was kicked out of the App Store by Apple.
Facebook will also be ending its controversial paid data collection program which saw the company paying people for access to information about their device and internet usage. The app will continue to function as a VPN -- minus the questionable privacy invasion -- for a little while to give users the chance to seek out an alternative, but it will ultimately close down completely.
The abuse of opioids and other prescription drugs in America is an absolute tragedy and epidemic. It affects people from all socioeconomic classes. Not only do these drug abusers risk death and financial ruin, but their actions negatively impact friends and family too. In other words, even if you don't abuse prescription drugs, there's a good chance your life will be impacted by somebody that does.
While many people envision prescription drug abusers buying their pills from an abandoned building or street corner (and that does happen), the truth is, many people get their drugs from medicine cabinets. In fact, according to Google, more than half of prescription drug abusers get started down the path to addiction with pills obtained from people they know -- friends and family. Why is this? Well, one reason is many people apparently don't know how to properly dispose of their unneeded prescription pills -- the search giant has seen a huge increase in searches for how to do so.
According to a new survey 83 percent of security professionals believe that employees have accidentally exposed sensitive customer or business data at their organization.
The study from data protection specialist Egress also finds that accidental data breaches are often compounded by a failure to encrypt data prior to it being shared -- both internally and externally.
If you're a user of WinRAR -- a staple tool for decompressing files whose popularity stems from not only its support for RAR files, but also its never-ending trial period -- it's time to ensure you have the latest security patch installed.
Security experts from Check Point Research have revealed details of a serious bug that has been present in the software for at least 14 years. The archiving tool was found to have a vulnerability in one of its .dll files, which could be exploited by simply opening a compressed file, and allows an attacker to "gain full control over a victim's computer".
Microsoft releases Windows 10 19H1 Build 18342 with Timeline for Chrome and access to Linux files from File Explorer
Microsoft has released a new Windows 10 build to insiders -- Windows 10 19H1 Build 18342. This new build sees improvements to gaming that fix problems with State of Decay. There is also the new and much-requested ability to access Linux files from Explorer, a host of bug fixes, and the launch of a Chrome extension for Timeline.
But while this is a significant update with a lot to explore, it's not for everyone. Microsoft has disabled the rollout of the build for systems with certain processors.
While Apple reigns supreme on mobile from both a hardware and operating system perspective (iPhone and iOS are best in class), Google is still king of apps and services. Things like Google Maps, Chrome, and Gmail are used by many iPhone and iPad users. Why do Apple fans opt for these Google solutions? They simply work well and are extremely dependable. Apple Maps, for instance, is good, but Google Maps is great. The search giant provides reliable tools that people enjoy using.
Today, Google announces that its Maps app for iOS is getting even better. You see, users can now "follow" their favorite locations, such as theaters, restaurants, and museums to name a few. As a result of following these places, you will be provided with interesting information about them, such as discounts, holiday hours, or dinner specials, for example.
Howard Stern is arguably the greatest broadcaster of all time -- his radio show is legendary for its innovation and laugh-out-loud comedy. For well over 30 years, Stern has been broadcasting in some form -- first terrestrial radio, but since 2006, he has been on satellite (what is now known as SiriusXM).
As great as listening to Howard is, his show can be very visual too -- it can be very rewarding to actually see what is happening in his radio studio. His E! television show is long gone, as is his "Howard TV" on demand service. Thankfully, the SiriusXM mobile app for Android and iOS now offers Howard Stern video content. Of course, wouldn't it be better to watch that content on your television rather than a small screen? Starting today you can, as the video content is now available on Amazon Fire TV. Previously, the only way to get the video onto your TV was using a Chromecast dongle.
Faced with continued criticism about privacy, Facebook is rolling out an update to Android users that gives a greater degree of control over the sharing of location data with the social network.
Specifically, the update makes it possible to stop Facebook from using tracking your location in the background when you are not using the app. The change brings parity to the iOS and Android Facebook apps.
Employees and contractors are exposing confidential and sensitive information online and in the cloud in some 98 percent of organizations. This is found primarily in Dropbox, Google, and Microsoft SharePoint.
This is among the findings of a new report from insider threat specialist Dtex Systems which has analyzed information from work-issued endpoints and more than 300,000 employee and contractor accounts.
Cloud data warehouses (CDW) offer broader data capabilities, stronger performance, and greater flexibility than traditional on-premise databases according to a new survey.
Now in its fifth year, the GitHub Security Bug Bounty has been updated to offer larger rewards to those who find bugs. At the same time, the scope of the program is being expanded and protections for researchers have been added through new Legal Safe Harbor terms.
As well as expanding the program to cover any of its "first-party services", GitHub has effectively removed any upper limit on the size of reward pay-outs for critical bugs.
The latest Symantec Annual Threat Report reveals that cybercriminals are continuing to follow the money, but as ransomware and cryptojacking show falling returns they are turning to other techniques.
One of these is formjacking -- essentially virtual ATM skimming -- where cybercriminals inject malicious code into retailers' websites to steal shoppers' payment card details.