Archive for March, 2008
WordPress 2.5 Released with Added Security
WordPress 2.5 has been released.
From a security perspective, the new WP 2.5 promises secure cookie management, salted passwords and prepared SQL querying functions.
I won’t be upgrading right away… I’ll let it run a while. This may be a good move forward for the WP team. Nice work guys!
Automated WordPress Hacking Tool Cached by Google
Cyberinsecure recently posted details of an automated WordPress hacking tool that is doing the rounds. This malicious worm or program appears to create the directory, "wp-content/1/" as well as spam comments:
The blogs are most likely attacked by some kind of automated tool since the amounts of spam are too big to work manually on all [...]
Facebook Personal Photos Revealed Yet Again
Some members of social networks like Facebook post photos of themselves or others in potentially embarrassing or compromising situations that include illegal drug use or underage drinking that can cause trouble at school or work. Despite the risks, more people than ever are publishing photos and other intimate details about their lives.
Vulnerabilities in Facebook allow [...]
OWASP Talk: PHP Code Analysis: Real World Examples
OWASP chapter meetings and conferences are always a blast and definately worth attending. I’ll be speaking in London on the 3 April, for those who want to meet up.
The talks planned are:
- PHP Code Analysis: Real World Examples (David Kierznowski)
We delve beyond register_globals and analyse real world examples
of insecure PHP applications.
- [...]
Interview with Hacker S@BUN
Today’s interview is with S@BUN, a hacker from Turkey. S@BUN released a number of WordPress-related vulnerabilities recently and the BlogSec team wanted to find out a bit more about him.
Q: Would you please tell us a little about yourself?
A: I’m 26 years old and live in Turkey. Exploiting flaws has always been a hobby [...]
