Wordpress is back in news again. It’s suspected some of the recent high profile breaches have come from Wordpress exploits. Which is in fact very simple but effective flaw.
An attacker could exploit this vulnerability to compromise the admin account of any wordpress/wordpress-mu <= 2.8.3
From what I can tell the vulnerability allows an attacker to reset [...]
Continue reading about Wordpress 2.8.3 Admin Password Reset Exploit
The Conficker worm has been stepping up its activities with reports made of distributed denial of service (DDoS) attacks on a number of Russian websites.
David Harley, director of malware research at ESET, working with researchers from Arbor Networks, claimed that a Russian newspaper is stating that attacks on tonks.ru, roem.ru and others are evidence of [...]
Continue reading about Russian website claims that Conficker is launching DDoS attacks
Hackers have posted personal information on 1,200 Ebay customers to an Ebay forum, dedicated, ironically, to fraud prevention. The information was up for around an hour this morning before Ebay shut the forum down and displayed email details, CVV2 numbers, telephone numbers, home addresses and possibly credit card details to visitors.Ebay says the information was [...]
Continue reading about Ebay anti-fraud forum becomes stage for hackers
Hackers are starting to agitate for Microsoft to start paying for information on security flaws found in its software products.
The issue surfaced this week after the MSRC (Microsoft Security Response Team) posted a message on the sla.ckers.org message board, calling on third-party researchers to submit vulnerability information directly to Redmond before going public.
The invitation — [...]
Continue reading about Should Microsoft start paying for vulnerabilities?
From the “neat-find-department” comes word from McAfee that Windows Vista is vulnerable to a Sticky Keys backdoor that could be exploited — under perfect circumstances — to launch malicious executables.
McAfee researcher Vinoo Thomas said the security risk, which is already well-known on Windows XP, exists because Windows Vista does not check the integrity of the [...]
Continue reading about Vista vulnerable to ‘Sticky Keys’ backdoor