Monthly Archives: May 2013

Basefarm SIRT Newsletter 22

This week we had the U.S. Government seize the online currency site Liberty Reserve due to being a “financial hub of the cybercrime world”. There is also an interesting articles from arstechnica how easy it is to decrypt passwords, and … Continue reading

Posted in IT security | Tagged , | Comments Off on Basefarm SIRT Newsletter 22

Ruby on Rails Exploit publicly used in the wild

The exploits mentioned on the blog in January for Ruby on Rails are now publicly being exploited in the wild. While this exploit has been known and surely used quite a bit since then, it shows the importance of patching … Continue reading

Posted in IT security | Tagged , | Comments Off on Ruby on Rails Exploit publicly used in the wild

Drupal.org compromised – 967,659 users and (hashed) passwords stolen

The Drupal.org Security Team and Infrastructure Team has discovered unauthorized access to account information on Drupal.org and groups.drupal.org. Information exposed includes usernames, email addresses, and country information, as well as hashed passwords. However, we are still investigating the incident and … Continue reading

Posted in IT security | Tagged , | Comments Off on Drupal.org compromised – 967,659 users and (hashed) passwords stolen

ModSecurity 2.7.4 released – fixes critical DoS vulnerability

A new stable release of ModSecurity (2.7.4) was released yesterday, fixing an issue where an attacker could cause a DoS on a server running ModSecurity. It is recommended to upgrade as soon as possible. More information: http://www.modsecurity.org/ https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES http://www.shookalabs.com/

Posted in IT security | Tagged , | Comments Off on ModSecurity 2.7.4 released – fixes critical DoS vulnerability

Geek day 2013

Tomorrow is the official Geek day for geeks and nerds around the world. The Geek day has been celebrated on May 25 since 2006. The day originated in Spain as “Día del Orgullo Friki” and with help from internet it … Continue reading

Posted in Our weekday | Tagged , | Comments Off on Geek day 2013

Basefarm SIRT Newsletter 21

News links for this week goes through a bit of a mix, containing articles such as a three part interview with a Blackhat hacker which is interesting to read through. Another interesting article, which although is a very old subject, … Continue reading

Posted in IT security | Tagged , , | Comments Off on Basefarm SIRT Newsletter 21

Basefarm SIRT Newsletter 20

One of the most talked about stories this week is the fact that a company found out that Skype is actually monitoring and checking links posted. This should, in my opinion, not come as a surprise to anyone working in … Continue reading

Posted in IT security | Tagged , | Comments Off on Basefarm SIRT Newsletter 20

Welcome to Basefarm’s bank and finance seminar in Stockholm!

Welcome to Basefarm’s free breakfast seminar in Stockholm for you in the bank & finance industry! May 29 we will go through everything you need to know about business critical bank and finance systems like secure payments and DDoS. We … Continue reading

Posted in Events | Tagged , , , | Comments Off on Welcome to Basefarm’s bank and finance seminar in Stockholm!

Patch Tuesday May 2013

Patch Tuesday of this month offers updates where Microsoft has released fixes for ten vulnerabilities where two of them are critical (for Windows and Internet Explorer), and eight as important. It’s recommended to update as soon as possible. Adobe have … Continue reading

Posted in IT security | Tagged , , , | Comments Off on Patch Tuesday May 2013

Basefarm SIRT Newsletter 19

This week have had some critical vulnerabilities released, and those running ColdFusion, NginX and Internet explorer are also highly advised to look at the Basefarm SIRT posts below, as there are some critical vulnerabilities that needs addressing. A very large … Continue reading

Posted in IT security | Tagged , | Comments Off on Basefarm SIRT Newsletter 19