Friday Squid Blogging: Studying the Colossal Squid
A survey of giant squid science. As usual, you can also use this squid post to talk about the security stories in the news that...
Critical vulnerability patched in Jira Service Management Server and Data Center
A critical vulnerability was fixed this week in Jira Service Management Server, a popular IT services management platform for enterprises, that could allow attackers to...
CVE-2013-10016
A vulnerability was found in fanzila WebFinance 0.5 and classified as critical. This issue affects some unknown processing of the file htdocs/admin/save_taxes.php. The manipulation of...
CVE-2013-10015
A vulnerability has been found in fanzila WebFinance 0.5 and classified as critical. This vulnerability affects unknown code of the file htdocs/admin/save_Contract_Signer_Role.php. The manipulation of...
A Hacker’s Mind News
A Hacker’s Mind will be published on Tuesday. I have done a written interview and a podcast interview about the book. It’s been chosen as...
A Vulnerability in vBulletin Could Allow for Remote Command Execution
A vulnerability has been discovered in vBulletin which could allow for remote command execution. vBulletin is a tool used to manage and create online forums....
CVE-2021-36425
Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/inc_act/act_ftptakeover.php file. Read More
CVE-2021-36424
An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation. Read More
MalVirt Loaders Exploit .NET Virtualization to Deliver Malvertising Attacks
The new loaders also leverage obfuscated virtualization techniques to avoid detection Read More
Atlassian Patches Critical Authentication Flaw in Jira Software
The Jira versions affected by the vulnerability are 5.3.0, 5.3.1, 5.3.2, 5.4.0, 5.4.1 and 5.5.0 Read More