Surviving the Week 07/06/2012

Huge SQL injection knowledge base

NTObjectives released a SQL Injection cheat sheet which can be found at http://www.ntobjectives.com/go/sql-injection-cheat-sheet/, A more comprehensive knowledge base of SQL injection can be found at – http://websec.ca/kb/sql_injection

Hidden bugs that made Amazon Web Service outage worse

Amazon web services on the east coast was down due to an electrical storm.  Along with the power outage, Amazon discovered unforseen bugs in their services code which increased their outage. Amazon accepted that they have never came across such a bug. –  http://packetstormsecurity.org/news/view/21192/Hidden-Bugs-That-Made-Amazon-Web-Service-Outage-Worse.html

Three critical fixes planned for July’s Patch Tuesday – Critical

Microsoft is planning to release nine bulletins during tuesday;s July security update, this release includes patches for Windows XP, Vista, Windows 7 & Windows 2008.  This patch set adresses critical flaws that could allow remote code execution across the entire family of products and makes a very interesting vector for worm development.  Start preparing to patch your windows networks – http://packetstormsecurity.org/news/view/21204/Three-Critical-Fixes-Planned-For-Patch-Tuesday.html

WordPress closes XSS, XSRF and information disclosure bugs

If you run a WordPress site,  consider updating to the latest 3.4.1 verion.  Prior versions, like 3.4.0, can allow a remote authenticated user to perform questionable activity such as install code to steal other users authentication cookies.

http://www.securitytracker.com/id/1027219

facebooktwittergoogle_plusredditpinterestlinkedin
About Dan Kuykendall 159 Articles
Connect with Dan on Google+

Be the first to comment

Leave a Reply

Your email address will not be published.


*