The security team from Drupal announced on Wednesday that versions of the framework earlier than 7.29 and 6.32 are exposed to risks that would allow an attacker to conduct denial-of-service (DoS) and cross-site scripting attacks and gain access to private files.According to Drupal Security Team, the DoS attack can be deployed by using a malicious […]
Drupals David Rothstein has announced the availability of Drupal 7.27 and Drupal 6.31. The latest versions fix a moderately critical information disclosure vulnerability. A CVE identifier is being requested for the security hole. In the meantime, Drupal refers to it as SA-CORE-2014-002. When pages are cached for anonymous users, form state may leak between anonymous […]
For a few months now, we have been actively monitoring a spambot named Stealrat, which primarily uses compromised websites and systems in its operations. We have continuously monitored its operations and identified about 195,000 thousand domains and IPs that have been compromised. The common denominator among these compromised sites is that they are running vulnerable […]
Latest Comments