The Magento Team has released the following accouncement about an serious vulnerability:

--- start ---

Adjust Mail Settings to Protect Your Sites
A new vulnerability has been found in a Zend Framework 1 and 2 email component . The component is used by all Magento 1 and Magento 2 software and other PHP solutions. This vulnerability is serious and can lead to a remote code execution attack if your servers use Sendmail as a mail transport agent. 

Review our Magento Security Center posting to learn how you can protect your sites from this vulnerability. Until patches are available in the next several weeks, we recommend you immediately update your mail settings. 

Please note that we’ve checked all Enterprise Cloud Edition sites and they are not affected by this issue. 

Thank you for your immediate attention to this matter. 

Best regards,
The Magento Team
© Magento 2017

--- end ---

WordPress 4.7.1 was released on Wednesday, fixing 8 security vulnerabilitie. Your site should have been automatically updated by now if you have a default WordPress configuration. If your site has not been updated, we recommend that you upgrade at your earliest convenience.

All customers should be aware of a new phishing attack against Gmail and other services. This attack is highly effective and it fooling even experienced technical users. Here's a detailed article from WordFence on the issue:

Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited

Due to evolving market conditions and our ongoing commitment to providing a top quality of service, the following changes in pricing will take place immediately.

On October 19, 2016, a privilege escalation vulnerability in the Linux kernel was disclosed. The bug is nicknamed Dirty COW because the underlying issue was a race condition in the way kernel handles copy-on-write (COW). Dirty COW has existed for a long time — at least since 2007, with kernel version 2.6.22 — so the vast majority of servers are at risk.

Reliable Penguin is in the process of upgrading all customer servers with the appropriate kernel updates. You can read more about the vulnerability here:

http://blogs.reliablepenguin.com/2016/10/27/dirty-cow-vulnerability-cve-2016-5195

and here:

https://dirtycow.ninja/

Contact Reliable Penguin support if you have questions or need assistance.

Reliable Penguin is pleased to announce the immediate availablity of SecureTide™ spam filtering by AppRiver as a pemium option on shared and managed hosting packages.

SecureTide™ blocks 99 percent of spam and viruses, keeping your inbox clean and your network safe. SecureTide is easy, effective and affordable email security from AppRiver, the company trusted to protect over eight million mailboxes worldwide. 

With SecureTide, there is no onsite hardware or software required and set-up is easy: A simple change to your MX records is all it takes to get started. You'll receive a daily Held Spam Report to see the spam you're (not) missing. You can also find and restore any legitimate messages which might have been mistaken for spam. To make SecureTide even more effective, the service also allows you to adjust your settings to add or block other senders automatically.

Here's the best part: You can try SecureTide free for 30 days. Once you see how effectively SecureTide works, simply pay a low monthly, per-user fee to keep it. And there's no long-term obligation or cancellation fee, so you can stop the service any time you'd like.

Easy. Effective. Affordable. Try SecureTide today and experience email without spam. For pricing and signup contact Reliable Penguin today.