-
Recent Posts
-
Recent Comments
-
Archives
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
-
Categories
-
Meta
Author Archives: Steve
Concrete5 CMS Advisory – Multiple Vulnerabilities
Application : Concrete 5 Versions Affected: < 5.4 Exploit : Multiple SQL Injections and XSS Threat Level: Potentially high Fix: Update not available Credit: Ryan Dewhurst External Website: http://www.concrete5.org What does it mean, do I have to do anything, if … Continue reading
Posted in Web Security Leave a comment
WordPress Security Advisory – Adrotate – SQL Injection
Application : WordPress Adrotate Plugin Versions Affected: 3.6.5 Exploit : SQL Injection Threat Level: Low Fix: Update Plugin to 3.6.6 Credit: Miroslav Stamper External Website: http://adrotateplugin.com/page/updates.php What does it mean, do I have to do anything, if so what? Adrotate … Continue reading
Posted in Web Security Leave a comment
Common forms of Hacking
I’ve been asked to write an article for a popular website in relation to hacking and what the most common forms of hacking are. So, I’ve put together a brief blog about it and will link to the full article … Continue reading
Posted in Web Security Leave a comment
Apache Security Advisory – Remote DoS
Apache Security Advisory – Remote DoS Application : Apache Web Server (mod_deflate module) Versions Affected : 1.3 – 2.2. Exploit : Range header DOS vulnerability Ease of use : Simple Threat Level : High Fix : Multiple, see below. ZeroDay … Continue reading
Posted in Managed Hosting Leave a comment
Mambo CMS Security Advisory – SQL Injection
Application : Mambo CMS Versions Affected: 4.6.5 and Lower Exploit : SQL Injection Easy of use: Moderate Threat Level : Low Fix: Use another CMS in active development ZeroDay : No Credit: Aung Khant, http://yehg.net, YGN Ethical Hacker Group, Myanmar … Continue reading
Posted in Web Security Leave a comment
WordPress Security Advisory – TimThumb Theme Plugin – Remote Execution
Application : WordPress TimThumb (Theme) Plugin Versions Affected: 1.* – 1.32 (Only version 1.19 and 1.32 were tested.) Exploit : Remote Code Execution Easy of use : Moderate Threat Level: High Fix: Update to latest ZeroDay : No Credit: Mark … Continue reading
Posted in Web Security Leave a comment
Mobile Ecommerce on the rise
79% of British consumers expect to use their mobile phones for shopping by 2014. £275 million expected to be spent through mobile phones by 2013. As retailers struggle to make ends meet, mobile ecommerce is providing a glimmer of hope. … Continue reading
Posted in Managed Hosting Leave a comment
Online shopping and PCI Compliance
Online shopping and PCI Compliance Last week has saw the largest online shopping week of the year. Estimates of upto £6.4 billion being spent online for Christmas gifts during December 2010, up from £5.5 billion in December 2009. There has … Continue reading
Spam reduced by 50%
In the last few months security firms have scored several notable successes against gangs that own and operate botnets – collections of hijacked home computers. The vast majority of spam or junk mail is routed through these hijacked machines. One … Continue reading
Posted in Web Security Leave a comment
Cheap dedicated servers anyone?
Cheap dedicated servers anyone? Dedicated servers with 24 x 7 support. Unlimited everything, in fact let me pay you! Too good to be true? Well maybe the part about me paying you is but the point I am trying to … Continue reading