The 8th day of the Month of PHP bugs brings an arbitrary code execution vulnerability raising the bug count to 16

I bet you never took a Security Quizz in a luxury SUV such as Porsche Cayenne or Infinity FX . Well … now you can @sec released IT Security Rally , a Flash based game that brings together IT Security and fast cars .

It’s been one week now since the Month of PHP Bugs project started. The bug count for the first week is 15.

I’m glad to read that SPI Dynamics will be joining the Open Web Application Security Project (OWASP) as a Vendor Organization member. Additionally, SPI Dynamics is lending support to the OWASP Site Generator (OSG) project by allocating its membership fees to the ongoing success of this initiative.

Another day , another PHP bug discovered by the Hardened-PHP team .

BackTrack is the most Top rated linux live distribution focused on penetration testing. The long-awaited (~5 months) tool has reached it’s Version 2.0 final stage. There are a lot of changes since the last Version as mentioned on the Changelog.

Today seems to be a bugs / vulnerability day .Two more PHP vulnerabilities exposed in Day 5 of the Month of PHP Bugs project raising the bug count to 13

The release of QuickTime 7.1.5 brings excelent news : 7 critical vulnerabilities have been patched. The impact of most of them are described as may lead to an application crash or arbitrary code execution

Two more PHP vulnerabilities exposed in Day 4 of the Month of PHP Bugs project raising the bug count to 11

Cursor Injection - A New Method for Exploiting PL/SQL Injection and Potential Defences David Litchfield, NGSSoftware , released this paper which describes a new method whereby an attacker, seeking to exploit a SQL injection flaw in an Oracle database server, may do so without the need to create an auxiliary inject function in order to execute arbitrary SQL.