Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Critical Wordpress Update fixes XSS https://isc.sans.edu/forums/diary/Critical+WordPress+XSS+Update - SANS Internet Storm Center Critical Wordpress Update fixes XSS https://isc.sans.edu/forums/diary/Critical+WordPress+XSS+Update


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
podcast logo

ISC StormCast for Friday, November 21st 2014

Episode 1422 A daily summary of events from the SANS Internet Storm Center
Author:Johannes Ullrich
See below for a schedule of classes I teach.
Created: Friday, November 21st 2014
Length: 6:23 minutes
Today's Headline: Critical Wordpress Update fixes XSS https://isc.sans.edu/forums/diary/Critical+WordPress+XSS+Update

If you like this podcast, then please consider telling others about it. Use this button to Tweet about this episode: click here. Errors? Corrections? Complaints? Player Problems? Please let us know here: https://isc.sans.edu/contact.html

Plain HTML5 Player
Fancy Player (with skip back/forward)

Show Notes

Critical Wordpress Update fixes XSS
https://isc.sans.edu/forums/diary/Critical+WordPress+XSS+Update/18977

Google Releases Web Application Scanner "Firing Range"
https://isc.sans.edu/forums/diary/Google+Web+Firing+Range+Available/18975

Detekt Scanner Focusing on State Surveillance Malware
https://www.eff.org/deeplinks/2014/11/detekt-new-malware-detection-tool-can-expose-illegitimate-state-surveillance

PHP Backdoor Included in Templates/Themese for various Content Management Systems
https://foxitsecurity.files.wordpress.com/2014/11/cryptophp-whitepaper-foxsrt-v4.pdf

jQuery CAPTCHA XSS Flaw PAtched
http://sijmen.ruwhof.net/weblog/256-cross-site-scripting-in-millions-of-web-sites#more-256

Discussion

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form

Interested in attending one of my classes? See below for my current schedule.

Intrusion Detection In-DepthBerlinOct 23rd - Oct 28th 2017
IPv6 EssentialsWashingtonDec 12th - Dec 13th 2017
Defending Web Applications Security EssentialsWashingtonDec 14th - Dec 19th 2017