View Articles

WikiSuite (in one word) is a complete Free Open Source software and tools collection integrated into a Suite. There is no short way to say it but let's start with headers: Serve, Protect, Manage, Communicate, Share and Publish your organization's data using well-reputed software and tools assembled for that purpose. Yes it does all that and frankly, after years of trying to find one tool to fit the small/medium business common needs without investing in licences and IT team to setup, support and maintain their computerized system it looks like a seriously valid option. Most of the time, organizations or businesses have a different purpose than managing servers, databases, teams, emails, social networks and security but they need to use, share and manipulate data to achieve their everyday goals. WikiSuite is a good candidate to help you lower the resources (budget and staff) as well as security and privacy stress (you are in control) without scarifying the quality of the tools your organization is working with and yes it competes in several sectors directly with Office 365 or Google Apps for Work.

Drupal is calling upon its users to patch a dangerous remote code execution hole that can easily let attackers hijack sites. The content management system has some 15 million downloads, compared to WordPress with 140 million and Joomla with 30 million. Drupal is deployed on big ticket and business sites including nine percent of the world’s 10,000 most popular sites.

If Drupal core is not affected and not all sites will be impacted, the issue is again raising the question about third-party modules/plugins/add-ons that are not part of the core (code) but may cause significant damage to the project itself, your users, your business, all your hard work.... It is critical to review published advisories (July 12 2016) to determine if any modules you currently use have been flagged up.

The Tiki Community has released updates to all current versions of Tiki Wiki CMS Groupware. This update addresses a critical vulnerability found in third-party code that is included with Tiki. The update also includes many fixes and updates.

Special thanks to Mehmet Dursun İNCE of www.invictuseurope.com and to Robert Abela of www.netsparker.com for their cooperation and assistance in reporting the security issues.

We highly encourage all Tiki administrators to update their sites to the latest Tiki versions: Tiki 15.2, Tiki 14.4, and Tiki 12.9 LTS.

Visit https://tiki.org/Download to update the latest version.

I’m pleased to announce the release of Tiki Wiki 15, the latest LTS (Long Term Support) version of Tiki Wiki CMS Groupware.
Tiki Wiki15 brings numerous new features, enhancements and bug fixes and completes the transition to the Bootstrap framework for easy theming and smart device full support.

As the release manager of this version I can proudly say that the team did a very impressive work to deliver a very stable and free bug version of Tiki Wiki CMS. We did more than our best to track and fixe regressions as well as bugs and already hundreds several (as well as bsfez.com of course) have been successfully upgraded and are production. After 20 days of intensive usage I can confirm that this release of Tiki Wiki kept its promises to deliver to our broad user and customers base a robust web application they can rely on.

Tiki next LTS (Long Term Service) generation is almost final and is coming out with excellent report of almost none regression nor problem regarding the dozens of new features and options. With 194 commit between alpha and beta the team successfully nailed all the blockers and improve several key features within Tiki Wiki.

More information about the changes and the new stuff is available at Doc.Tiki
Tiki 15 Beta is available at SourceForge.
If you catch a bug during your install and test, please report at Dev.Tiki.

Aoutch... after an "unauthorized" backdoor was found in Juniper Networks firewalls, Juniper's ScreenOS, the first report of a highly suspicious code in FortiOS firewalls has been confirmed and tested as an SSH backdoor that can be used to access its firewall equipment.

This issue affected all FortiOS versions from 4.3.0 to 4.3.16 and 5.0.0 to 5.0.7, which cover FortiOS builds from between November 2012 and July 2014.
Proof-of-Concept exploit code was made available online by an anonymous user (operator8203@runbox.com), who posted the exploit code on the Full Disclosure mailing list this week, helping wannabe hackers generate the backdoor's dynamic password. FortiOS SSH backdoor can be then accessed via the Fortimanager_Access username.