This vulnerability in PHP 5.3.12 and 5.4x before 5.4.2 when configured as a CGI script (php-cgi), a query which lacks and = sign will not be properly handled. So a remote attack may be possible. And the problem will be that one will not know it is on the web server, unless one check […]
We are all busy – the department is smaller, as we lost Jim, he retired. John was fired in the last layoffs. But what happened – we soldiered on. We have gotten new servers installed, systems retired taught the users a new program. It is as if we had Jim and John still here. But […]
System admin Jim is sitting in a café getting his favorite cappuccino, while waiting for the drink to be prepared he flips open the notebook computer and goes to his favorite website – checking on sports and news. Then of course checks his email with outlook on his desktop. What he did not realize is […]
Our Linux admin is a pretty sharp guy, he is working on updating website technology (php version). We have to keep up with patches and new technical abilities. Unbeknownst to him, a hacker somehow placed a “crontab” entry which will run every 60 minutes shutting down defenses and opening other attack avenues. The hacker used […]
The problem with looking at this sophisticated target and Michaels attacks can make you think: That only happens to the big companies – my business does not provide a large target, so I don’t have to worry. That is unfortunately not true. Small organizations need to do the right thing and secure their resources […]