Huge SQL injection knowledge base
NTObjectives released a SQL Injection cheat sheet which can be found at http://www.ntobjectives.com/go/sql-injection-cheat-sheet/, A more comprehensive knowledge base of SQL injection can be found at – http://websec.ca/kb/sql_injection
Hidden bugs that made Amazon Web Service outage worse
Amazon web services on the east coast was down due to an electrical storm. Along with the power outage, Amazon discovered unforseen bugs in their services code which increased their outage. Amazon accepted that they have never came across such a bug. – http://packetstormsecurity.org/news/view/21192/Hidden-Bugs-That-Made-Amazon-Web-Service-Outage-Worse.html
Three critical fixes planned for July’s Patch Tuesday – Critical
Microsoft is planning to release nine bulletins during tuesday;s July security update, this release includes patches for Windows XP, Vista, Windows 7 & Windows 2008. This patch set adresses critical flaws that could allow remote code execution across the entire family of products and makes a very interesting vector for worm development. Start preparing to patch your windows networks – http://packetstormsecurity.org/news/view/21204/Three-Critical-Fixes-Planned-For-Patch-Tuesday.html
WordPress closes XSS, XSRF and information disclosure bugs
If you run a WordPress site, consider updating to the latest 3.4.1 verion. Prior versions, like 3.4.0, can allow a remote authenticated user to perform questionable activity such as install code to steal other users authentication cookies.
Leave a Reply