I’m not sure what the real intentions are but doesn’t it sound a bit odd that the Telegraph media group CIO will thank the guys at Hackersblog for exposing their SQL injection vulnerabilities?
Looks like F-Secure made it to the “sql-injected” and “xsscripted” list.
It’s been reported that WordPress, a popular blogging application is vulnerable to cross-site scripting (XSS). The vulnerability, discovered in the RSS feed generator and complete with a PoC, affects all versions prior to and including version 2.6.3. A week after the vendor (WordPress) was notified, it released a new version (2.6.5).
For about one hour today I have noticed that securityfocus.com is unavailable.
The Damn Vulnerable Linux (DVL) is a Linux-based security environment for IT security education. DVL distribution has been deliberately weakened to facilitate ethical hacking education. It is regularly updated with exploitable exercises with the solutions and corresponding exploits submitted by the community. It contains a plethora of IT security tools thus making it a good [...]
Google acted quickly to fix a cross site scripting vulnerability reported in the vulnerability archive xssed.com. It took just hours between showing up in the archive and being reported fixed. This comes after being heavily criticsed for not acting quickly to fix other reported vulnerabilities in the past. Read more here
