WordPress 0Day Exploit…
WordPress 0Day Exploit… avatar

Joyness… It seems that WordPress has had yet another exploit published that they (WordPress) has known about since “November 20, 2014”. Due to the ease of use of this exploits Proof-of-Concept (PoC), comments will go through a scrub, review, approve style process. So, quips, puns, porn, and one-liner comment visibility … Continue reading

Minecraft Vulnerability Advisory
Minecraft Vulnerability Advisory avatar

[UPDATE: 2015.04.17] Well spank my ass and call me Sally! An update thang has occurred. Not only from Mojang but also from Spigot/Bukkit! I took this down-time as an opportunity to update my MC/Spigot/Bukkit launch scripts to automate the update process, since it’s a bit tedious… sooo…. yea, that was … Continue reading

From the “Who the %&$* thought this was a good idea?!?” files..
From the “Who the %&$* thought this was a good idea?!?” files.. avatar

Hope nobody you know has bought a Lenovo laptop in the last 3 months…  as if having pre-installed adware on new laptops wasn’t terrible enough, it also did this: [a] user on Lenovo’s forums discovered that Superfish was installing its own self-signed root certificate authority Well shit. The list of … Continue reading

BASH remote code execution…
BASH remote code execution… avatar

http://seclists.org/oss-sec/2014/q3/649 CVE-2014-6271: remote code execution through bash From: Florian Weimer Date: Wed, 24 Sep 2014 16:05:51 +0200 Stephane Chazelas discovered a vulnerability in bash, related to how environment variables are processed: trailing code in function definitions was executed, independent of the variable name. In many common configurations, this vulnerability is … Continue reading