Security
Wordpress 2.8.3 admin exploit
It’s possible for a malicious user reset admin password on latest version Wordpress 2.8.3. Check out explanation here, patch here and exploit here.
Wordpress 2.8.3 is out
Wordpress fixes latest security problems, download it now.
Hacking CSRF Tokens
Great combination of techinques published by SecureThoughts.
Wordpress 2.8.2 update
Wordpress 2.8.2 is out and covers/patches some XSS problems in comments at admin section.
Truth about pen-testing
A very good and self explanatory article that covers 10 points on the truth about pen-testing, written by Alberto SoliƱo. Check it out here.
ImageShack was hacked
anti-sec again is the group who everyone is talking. They hacked imageshack and promote their anti full-disclosure policy. Great discussion at Slashdot about this.
Wordpress 2.8.1 is out
Wordpress update is out, download here.
Milw0rm is be closed?
After str0ke announce that milw0rm will be closed, it seems that a couple of guys will continue his work. Hope they continue the great job str0ke made in the last years of milw0rm existence.
Michael Jackson death malware
Michael Jackson death malware is already spreading according to the latest news.
VopCrew Multi Scanner v5.0
IRC bot scanner coded in PERL and developed by Vrs-hCk. This tool checks for LFI, RFI, SQL Injections and other types of injections on a IRC environment.
It’s also combined with a injector code that uses the usual gzinflate and base64 plus a few extra str_rot13 php function.
By the way, I already saw this in action [...]
Categories
Recent Comments