ImageMagick Vulnerabilities Place Countless Websites at Risk, Active Exploitation Confirmed

Yesterday afternoon May 3rd, 2016 Slack security engineer Ryan Huber posted an article warning about surrounding vulnerabilities in ImageMagick, an image manipulation software solution installed on millions of Web sites.

“If you use ImageMagick or an affected library, we recommend you mitigate the known vulnerabilities by doing at least one of these two things (but preferably both!):” says Ryan Huber.  We have included these solutions below at the bottom of this post.

This vulnerability not only affects the core ImageMagick software, but any third-party software compiled with the ImageMagick libraries, such as server running PHP’s imagick, Ruby on Rails rmagick and paperclick, NodeJS’s ImageMagick, and possibly other software solutions out there.

Attackers are essentially uploading malicious images to web applications whether it be forums, or … READ MORE

Security and the Cloud

Security and the Cloud: Debunking Security Misconceptions About the Cloud

When working with a cloud hosting service, security is likely your top priority. Researching companies to work with is an important step in selecting a host, because it could be the difference between having a secure system in place and exposing your proprietary information to potential attacks. There are many misconceptions when it comes to the cloud and security, which is why it is necessary to get all of the information you can before making a decision.

One of the top myths floating around various industries is that most businesses do not have faith in or haven’t yet moved to a cloud hosting solution. In fact, the cloud market is expected to … READ MORE