Yes I am sure you heard the saying: If you fail to plan, Plan to fail How does one plan for as secure as possible while also meeting business objectives? Harry Folloder(CIO of Advantage WaypointLLC – 10$Bil in food service sales) has 6 tips in this article: http://www.darkreading.com/attacks-breaches/building-a-stronger-security-strategy-6-tips/a/d-id/1320247? Being in charge of a large IT … Read more
This story is unique: https://threatpost.com/wordpress-sites-backdoored-leaking-credentials/112703 A partial list of hacked sites are available on the link above (threatpost site from Zscaler research) : (Screenshot of Threatpost partial list) And the full list is here from Zscaler Threatlab website: http://research.zscaler.com/2014/12/compromised-wordpress-sites-serving.html Please do not go to the websites as they will give you malware.I went to one, … Read more
Of course you could also disconnect your computer from the Internet. Here is your computer disconnected from Internet: But even disconnected from Internet a virus can still enter your computer (airnet). This is where a computer can get a virus from a flashdrive. Stuxnet was transmitted by usb flash drives, several infected flash drives were … Read more
Sucuri blog has the detailed information: https://blog.sucuri.net/2015/05/jetpack-and-twentyfifteen-vulnerable-to-dom-based-xss.html In short, the plugins Jetpack and TwentyFifteen had a bad file which could be attacked by a XSS(Cross Site Scripting) method. As Sucuri blog mentions the attack is actually DOM(Domain Object Model)-based XSS, which even a WAF(Web Application Firewall) cannot see this. Of course it has to … Read more
Official Kali Linux BBQSQL site: http://tools.kali.org/vulnerability-analysis/bbqsql BBQSQL is a Python based blind SQL injection tool to test your SQL connections on the Internet. (why bbq? because SQL injection is delicious) This is a bit more advanced than the SVA -(Scan Vulnerability Analysis) within the SVAPE & C http://oversitesentry.com/tonyz/pubhtml/fixvirus/svapec/ SQL injection is more like the PE portion … Read more
