The Security Eunoia

SANS Internet Storm Center is currently developing a web honeypot project much like the Dshield project.
Volunteer researchers are needed for the next 3 months. Request is made for 70 hours per volunteer for the next 3 months.
Skills needed (up to 4 from the list is welcome):

PHP coding
SQL
Apache
Understanding of HTTP
IIS
Technical writing (documentation)
Experience with various open source [...]

It’s been reported that WordPress, a popular blogging application is vulnerable to cross-site scripting (XSS). The vulnerability, discovered in the RSS feed generator and complete with a PoC, affects all versions prior to and including version 2.6.3. A week after the vendor (WordPress) was notified, it released a new version (2.6.5).

Can’t kill Ubuntu enthusiasm:

On 1 November, the Zimbabwean Team held its first ever release party. People came from as far as 300km to attend the event. The IT manager of parliament, who is also a member of the LoCo, was present as well. Neil Coetzer says:
“The month of November left us with a great [...]

The Damn Vulnerable Linux (DVL) is a Linux-based security environment for IT security education. DVL distribution has been deliberately weakened to facilitate ethical hacking education. It is regularly updated with exploitable exercises with the solutions and corresponding exploits submitted by the community. It contains a plethora of IT security tools thus making it a good [...]