Second (*) WordPress upgrade this year! It fixes important vulnerabilities reported by Secunia (Advisory ID SA23595). (*) The first one occured only a few days ago.
Category: Security
Q1 2007 Vulnerability Challenge
Targets: Vista and IE7. Let the show begin! Source: labs.idefense.com.
anti-RFID wallet
RFID is a not-yet-widely-deployed technology but all security experts agree on the fact that information theft will become one of the major issue! Be prepared! Use one of those anti-RFID wallet proposed on mobileedge.com! They’ll block radio waves generated by your future ID card or passport! 😉
WordPress “file” Script Insertion Vulnerability
WordPress is a well known blogging platform. (This blog is running WordPress 😉 ). A vulnerability has been found which can be exploited to conduct script insertion attacks. See details here. After the upgrade, the following link may be usefull if you use PHP5!
Wifi security: can do better!
Today, I went to a well known commercial area near Louvain-La-Neuve. There, you can find another well known telecom operator point of sale. Usually, when I’ve some time to waste (when my wife is doing some shopping 😉 ), I sniff Wifi access points. Today, I found one, unsecured. I
SpamAssassin upgrade
We never do enough to fight spam! SpamAssassin upgraded up to release 3.1.7 on my MTA.
Top-ten Security Trends for 2007
Experts predict the Future The Ten Most Important Security Trends of the Coming Year Mobile Devices 1. Laptop encryption will be made mandatory at many government agencies and other organizations that store customer/patient data and will be preinstalled on new equipment. Senior executives, concerned about potential public ridicule, will demand
System admins creativity…
Today, I was scanning a web server with nikto. System admins have really a great creativity to find nice server tags 🙂 # telnet www.xxxx.be 80 Trying xx.xx.xx.xx… Connected to www.xxxx.be. Escape character is ‘^]’. HEAD / HTTP/1.1 Host: www.xxxx.be HTTP/1.1 200 OK Date: Tue, 12 Dec 2006 14:34:44 GMT
Passwords management in browser: don’t be lazy!
An interesting article on SecurityFocus today: Password Management Concerns with IE and Firefox. I agree, we have more and more passwords to remember: intranets, webmails, e-commerce, … Let the browser manage and fill by itself logins and passwords is nice. But don’t be lazy! Do not use this feature and
Nmap 420
A new release of Nmap is out! Release 4.20. This release implements a new 2nd generation OS detection system.