threatpost.com Archives - 08 January 2013, Tuesday

• Critical Flaws Patched in Ruby on Rails

  threatpost.com 08 Jan '13, 9pm

  "There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application," the advisory says. "The parameter parsing c...

  Related:

  1. Critical Ruby on Rails flaws fixed, upgrade immediately net-security.org 09 Jan '13, 2pm
  2. Ruby on Rails patches more critical vulnerabilities news.hitb.org 09 Jan '13, 10am
  3. Unsafe Query Generation Risk in Ruby on Rails (CVE-2013-0155) groups.google.com 08 Jan '13, 8pm
  4. Ruby on Rails patches more critical vulnerabilities | Security - InfoWorld infoworld.com 09 Jan '13, 12pm
  5. Critical vulnerability in Ruby on Rails parameter parsing - The H Security: h-online.com 09 Jan '13, 11am
  6. Critical vulnerability in Ruby on Rails parameter parsing - The H Open: New... h-online.com 09 Jan '13, 11am
  7. Any Ruby on Rails app is, badly, utterly, pwned through multiple parameter ... groups.google.com 09 Jan '13, 3am
  8. Ruby on Rails pushing out 'extremely critical' fixes - Applications - SC Ma... scmagazine.com.au 09 Jan '13, 2am
• SQL Injection Flaw Haunts All Ruby on Rails Versions | threatpost

  threatpost.com 03 Jan '13, 3pm

  All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an attacker to inject code into Web applications. The vulnerability is a serious one given the widespread use of the popular framework for developing Web apps, and the ma...

  Related:

  1. SQL Injection Flaw Haunts All Ruby on Rails Versions | threatpost threatpost.com 03 Jan '13, 3pm
  2. All Ruby on Rails versions affected by SQL injection flaw net-security.org 03 Jan '13, 3pm
  3. All Ruby On Rails Versions Suffer SQL Injection Flaw - Slashdot it.slashdot.org 03 Jan '13, 4pm
  4. All Ruby On Rails Versions Suffer SQL Injection Flaw - Slashdot it.slashdot.org 03 Jan '13, 4pm
  5. Ruby on Rails security updates address SQL injection flaw - Techworld.com news.techworld.com 03 Jan '13, 3pm
  6. Ruby on Rails updates address SQL injection flaw - Computerworld computerworld.com 03 Jan '13, 3pm
  7. Ruby on Rails security updates address SQL injection flaw networkworld.com 03 Jan '13, 7pm
  8. Ruby on Rails security updates address SQL injection flaw | Security - Info... infoworld.com 03 Jan '13, 2pm
• SQL Injection Flaw Haunts All Ruby on Rails Versions | threatpost

  threatpost.com 03 Jan '13, 3pm

  All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an attacker to inject code into Web applications. The vulnerability is a serious one given the widespread use of the popular framework for developing Web apps, and the ma...

  Related:

  1. SQL Injection Flaw Haunts All Ruby on Rails Versions | threatpost threatpost.com 03 Jan '13, 3pm
  2. All Ruby on Rails versions affected by SQL injection flaw net-security.org 03 Jan '13, 3pm
  3. All Ruby On Rails Versions Suffer SQL Injection Flaw - Slashdot it.slashdot.org 03 Jan '13, 4pm
  4. All Ruby On Rails Versions Suffer SQL Injection Flaw - Slashdot it.slashdot.org 03 Jan '13, 4pm
  5. Ruby on Rails security updates address SQL injection flaw - Techworld.com news.techworld.com 03 Jan '13, 3pm
  6. Ruby on Rails updates address SQL injection flaw - Computerworld computerworld.com 03 Jan '13, 3pm
  7. Ruby on Rails security updates address SQL injection flaw networkworld.com 03 Jan '13, 7pm
  8. Ruby on Rails has SQL injection vuln theregister.co.uk 03 Jan '13, 10pm
• ZeroAccess Botnet Cashing in on Click Fraud and Bitcoin Mining | threatpost

  threatpost.com 30 Oct '12, 8pm

  A mid-year switch in communication protocol and distribution strategy is behind a spike in activity from the ZeroAccess botnet, a prolific and malicious ad click fraud network. Researchers at Kindsight Security Lab reported today that ZeroAccess accounts for 29 percent of home network...

• Bafruz Backdoor Disables Antivirus, Intercepts Communications With Social Media Sites | threatpost

  threatpost.com 16 Aug '12, 6pm

  There's a new family of malware that's using a complex set of capabilities to disable antimalware and listen in on sessions between users and some social networks. Bafruz is essentially a backdoor trojan that also is creating a peer-to-peer network of infected computers. This month's ...

• 21 January 2013, Monday
• 20 January 2013, Sunday
• 19 January 2013, Saturday
• 18 January 2013, Friday
• 17 January 2013, Thursday
• 16 January 2013, Wednesday
• 15 January 2013, Tuesday
• 14 January 2013, Monday
• 13 January 2013, Sunday
• 12 January 2013, Saturday
• 11 January 2013, Friday
• 10 January 2013, Thursday
• 09 January 2013, Wednesday
• 08 January 2013, Tuesday
• 07 January 2013, Monday
• 06 January 2013, Sunday
• 05 January 2013, Saturday
• 04 January 2013, Friday
• 03 January 2013, Thursday
• 02 January 2013, Wednesday
• 01 January 2013, Tuesday
• 31 December 2012, Monday
• 30 December 2012, Sunday
• 29 December 2012, Saturday
• 28 December 2012, Friday
• 27 December 2012, Thursday
• 26 December 2012, Wednesday
• 25 December 2012, Tuesday