For well over a decade our focus at ionCube has been on PHP security but recently with the release of ionCube24 we have been looking into different kinds of vulnerabilities. This post has a few of the interesting issues we have found this week.

It’s been a really busy week in the news so here’s a selection of this week’s more interesting vulnerability disclosures and cybersecurity news.



Looks like you really need to keep on your toes with patching

How many times has your eyes glazed over at the constant stream of alerts?

So much for this method then

Look, no passwords!



Control systems have their problems too!


A slight oversight perhaps? Still, it results in an open door

And Dell responds about the allegation

Another hole in Facebook

Not much choice but to use and hope nothing nasty happens

A potential breach

A bit of a mess with certificates which could result in some man-in-the-middle attacks.

With the OpenSSL last week you can bet most routers and embedded systems will never be updated! Ouch!

Something that may come to bite many of us in the future


They cant seem to shake the issues off

Yoast hit again

A SOAP issue

Our old friend unserialize


School boy error – what were they thinking

Many exploit kits use IFRAMEs to activate do ensure you follow these instructions to ensure Internet Explorer is really safe, if you use Firefox then use the NoScript plugin and set the Forbid IFRAME tick box as its off by default

An old flash bug comes back

This article could make you seriously rethink how you create passwords

See the link above on IFRAMES for how to help with this issue

You can’t always trust email sources

Web Server

It took a while to find out what the issues are but at least its not as bad as HEARTBLEED. Maybe,

Weekly Cyber Security News