Application : Concrete 5 Versions Affected: < 5.4 Exploit : Multiple SQL Injections and XSS Threat Level: Potentially high Fix: Update not available Credit: Ryan Dewhurst External Website: http://www.concrete5.org What does it mean, do I have to do anything, if … Continue reading →

Application : WordPress Adrotate Plugin Versions Affected: 3.6.5 Exploit : SQL Injection Threat Level: Low Fix: Update Plugin to 3.6.6 Credit: Miroslav Stamper External Website: http://adrotateplugin.com/page/updates.php What does it mean, do I have to do anything, if so what? Adrotate … Continue reading →

By now most people are aware that you should always be extra vigilante when receiving email’s appearing to be from your bank or asking for any personal details/passwords to be sent via email. However, sometimes your SPAM filter doesn’t pick … Continue reading →

With the deluge of pop up’s and malicious malware, there are a few handy open source plugins available for firefox to stop you spending hours running malware scans and virus scans to destroy trojans and the like. When visiting unknown … Continue reading →

I’ve been asked to write an article for a popular website in relation to hacking and what the most common forms of hacking are. So, I’ve put together a brief blog about it and will link to the full article … Continue reading →

Hackers always were, and will be a big concern among users of the internet – especially owners of publicly available servers, whatever they serve. Analysing the origins of attacks, one can see that they originate more frequently from countries such … Continue reading →

Application : Mambo CMS Versions Affected: 4.6.5 and Lower Exploit : SQL Injection Easy of use: Moderate Threat Level : Low Fix: Use another CMS in active development ZeroDay : No Credit: Aung Khant, http://yehg.net, YGN Ethical Hacker Group, Myanmar … Continue reading →

Application : WordPress TimThumb (Theme) Plugin Versions Affected: 1.* – 1.32 (Only version 1.19 and 1.32 were tested.) Exploit : Remote Code Execution Easy of use : Moderate Threat Level: High Fix: Update to latest ZeroDay : No Credit: Mark … Continue reading →

What is an SSL certificate? SSL certificates provide one means by which information can be communicated securely over the internet. They work using a form of encryption, where the website server and the website visitor’s computer perform a ‘handshake’ and the certificate is … Continue reading →

The professional networking site LinkedIn last week made a change to default privacy settings that made every user’s photograph and name available to be used for third-party advertising. The issue of default privacy settings is one that concerns many users … Continue reading →