Archive for March, 2007

Assess It All, Or Lose It All

« 13 March 2007 | 11:51 | Forensics, Stories | No Comments | 1,521 Views »

Security Monkey published a good case study about evidence seizure and what happens, if you forget to asses all relevant system data after a security incident occurs.



Wordpress 2.1.1 with backdoor

« 2 March 2007 | 23:50 | Security | 1 Comment | 3,215 Views »

Wordpress security warning! “If you downloaded WordPress 2.1.1 from wordpress.org within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately”. Please check



SQL Injection in Wordpress 2.1.1

« 1 March 2007 | 15:47 | Security | 2 Comments | 2,701 Views »

Upgrading to wordpress 2.1.1 was urgent, but we still have SQL injections, path disclosures and cross site scripting problems in this version! My colleague Sebastian Krause has some examples:



Advertisement | Anzeigen