This is a weekly series where you can get caught up on recent events relevant to open source security, with an initial focus on WordPress security.
This series is brought to you by Patchstack and your host Robert. I look forward to helping keep you regularly up to date on open source security issues here at the Patchstack weekly Update.
Patchstack Weekly - Do You Need a 'security.txt' File?
Security.txt is a new proposed standard to encourage website owners to adopt a more proactive approach to security.
The file is an easy way to quickly communicate your vulnerability disclosure program to security researchers. Big companies like Google, Slack, Github and Automattic are already using it - should you?
Patchstack Weekly - The Spurious Infinity of Security
The practice of security is boundless, with infinite context about what constitutes danger. Today's episode looks into how you can practice security to better your resume, services, business, and life.
This week's vulnerability roundup will share details on three security bugs that were patched last month in a popular Learning plugin for WordPress.
Patchstack Weekly - How Can Developers Prove Security?
This week's knowledge share is for developers and site owners alike. Robert will be discussing all about how open-source projects (or really any code project) can show, not just tell, their users that their project's code is secure and safe to use.
This week's vulnerability roundup will share details about three high-risk security bugs in WordPress components - of which two received patches and one went without.
Patchstack Weekly - What Makes a Secure Hosting Service?
The security of your web hosting provider is just as important as the security of your WordPress site. So in this episode Robert talks about how you can check for some important security features your hosting provider may or may not be offering.
This week's security news will cover two critical vulnerabilities - one that received a patch, and one that did not.
Patchstack Weekly - Are You Running Insecure Plugins?
Join Robert on his second episode of new year's security resolutions - this time, he'll be running you through the checklist for ensuring the plugins on your site are safe to use.
He'll also be talking about the recent Doctor Web report about a botnet targeting specific outdated WordPress plugins - which is a great reminder to always keep all your components up-to-date!
Patchstack Weekly - Rotate Your Passwords
In this episode we want to say two things: 1) Happy new year and 2) rotate your passwords!
Rotating your passwords regularly is a key security practice. We feel it's important to stress this in light of the latest news from the LastPass security breach - we now know that attackers did gain access to encrypted customer data, including password vaults.
Granted, this doesn't mean they got their hands on passwords and emails in plain text, but if you've used LastPass then it's high time to change all your passwords now.