Drupal Database Spam – SQL Injections Target Drupal 7 Sites

By Daniel Cid It has been over 19 months since Drupalgeddon, which refers to Drupal’s Security Advisory (SA) SA-CORE-2014-005. For those unfamiliar with it, it was a highly critical SQL Injection (SQLi) vulnerability that allowed an attacker to arbitrarily execute SQL commands remotely, leading to potential privilege escalation issues and execution of PHP code on the server.

visit Sucuri Blog

How to Implement Kinder, Gentler Marketing: 4 All-Natural Truths – Copyblogger –

I have a love/hate relationship with a soap company. About five years ago, I stumbled across their products online. They boasted rare and unique scents and naturally-sourced ingredients. They were irresistible (to me, anyway). And their prices seemed reasonable. So, I placed an order. And that’s when my troubles began.

visit Copyblogger

ICO’s 2015 cookie law report – WebDevLaw

Both of the longtime readers of this blog will recall how I used to write posts analysing ICO’s quarterly reports of how many cookie law complaints had been filed with them in that time. (Fill your boots with the Winter 2015 and 2014 aggregated, Autumn 2014, Summer 2014, Spring 2014, Winter 2014, Autumn 2013, Summer 2013, Spring 2013, and 2012 aggregate reports.)

visit WebDevLaw

Mr. Rogers Takes Breakdancing Lessons from a 12-Year-Old (1985)

February 13th, 1985 shall be remembered as a truly beautiful day in the neighborhood, for that is the date on which Fred Rogers learned to breakdance (sort of). In no time at all, 12-year-old instructor Jermaine Vaughn had Mr. Rogers waving, moonwalking and learning how to press play on a boom box so he could demonstrate some “very fancy things” regarding the first pillar of hip hop.

visit Open Culture

WordCamp Incubator Program to Launch in Indonesia, Zimbabwe, and Columbia

After receiving 182 applications from cities all over the world, the WordPress Community Team has selected three locations for the WordCamp Incubator program: Denpasar, Indonesia Harare, Zimbabwe Medellín, Columbia Representatives from the thirteen other short-listed locations are encouraged to organize a local WordPress meetup and will have the help of Community Team mentors as needed.

visit WordPress Tavern

Prevent comments_template() to load comments.php

WordPress Development Stack Exchange is a question and answer site for WordPress developers and administrators. It’s 100% free, no registration required. Sign up Here’s how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the top I’m developing a WordPress theme using a template engine.

visit Stackexchange

How to Fix the 500 Internal Server Error in WordPress

The 500 Internal Server Error is one of the most common panic-inducing “I’ve broken everything!” catch-all errors in WordPress that can literally mean anything. The most common reasons for WordPress throwing up this error include having a corrupted .htaccess file, exceeding your PHP memory limit, or having improper file permissions, but there could also be other potential causes, such as outgrowing your hosting plan or a known issue with your hosting provider.

visit WPMU DEV Blog

FaceTime, iMessages hang in the balance after Apple loss to patent troll

Patent troll VirnetX, fresh on the heels of a $626 million FaceTime and iMessages patent victory over Apple, now wants a federal judge to permanently turn off those popular features. VirnetX on Wednesday also asked the judge presiding over the litigation to increase the damages the East Texas jury awarded in February by another $190 million or more.

visit Ars Technica

UK Statistics Authority statement on the use of official statistics on contributions to the European Union

Sir Andrew Dilnot, Chair of the UK Statistics Authority has said today: Given the high level of public interest in the European Union referendum debate, it is vital that official statistics are used accurately, with important caveats and limitations explained.

visit UK Statistics Authority

FAQ about The Year Without Pants (with satisfying answers)

It has been a great few months for my 5th book, The Year Without Pants (about my year managing a team at WordPress.com). Thanks for spreading the word. The book was named an Amazon.com best book of the year, earning attention from Forbes, Publisher’s Weekly, CNN, The Wall Street Journal, Fast Company, ZDNet, and hundreds more.

visit Scott Berkun

Security Advisory: Stored XSS in Jetpack – Sucuri Blog

By Marc-Alexandre Montpas Security Risk: Medium Exploitation Level: Easy/Remote DREAD Score: 6/10 Vulnerability: Stored XSS Patched Version: 4.0.3 During regular research audits for our Sucuri Firewall ( Cloud-based WAF), we discovered a stored XSS vulnerability affecting the WordPress Jetpack plugin, currently installed on more than a million WordPress sites.

visit Sucuri Blog

Meet the European WordPress Communities – United Kingdom, Netherlands, Belgium, France

From the rainy United Kingdom to the tulips of Netherlands; from Belgium, the country of beer and chocolate, to romantic France, there is one constant: people loving WordPress and sharing their knowledge and ideas with each other. We started our European community series with presenting communities from Poland, Lithuania, and Estonia.

visit WordCamp Europe 2016

FBI won’t reveal hack, so child porn evidence tossed

Evidence in a child pornography trial has been thrown out because the US government refuses to detail how it hacked the website allegedly visited by the defendant. The FBI says the hacking method, referred to as a Network Investigation Technique, or NIT, allowed the bureau to track Jay Michaud after he visited a hidden website on the so-called Dark Web, leading to charges of possessing child pornography.

visit CNET

Jetpack 4.0.3: Critical Security Update

Jetpack 4.0.3 contains a critical security update, and you should update all the sites you manage as soon as possible. You can update through your dashboard, or download Jetpack manually here. We found a vulnerability in the way that some Jetpack shortcodes are processed. This bug has existed since Jetpack 2.0, released in November 2012.

visit Jetpack for WordPress

Jetpack 4.0.3 Patches a Critical XSS Vulnerability

Jetpack 4.0.3 is a security release that contains an important fix for a critical vulnerability that has been present in the plugin since version 2.0, released in 2012. According to Jetpack team member Sam Hotchkiss, a stored XSS vulnerability was found in the way that some Jetpack shortcodes are processed, which allows an attacker to insert JavaScript into comments to hijack a visitor’s browser.

visit WordPress Tavern

Jetpack 4.0.3: Critical Security Update

Jetpack 4.0.3 contains a critical security update, and you should update all the sites you manage as soon as possible. You can update through your dashboard, or download Jetpack manually here. We found a vulnerability in the way that some Jetpack shortcodes are processed. This bug has existed since Jetpack 2.0, released in November 2012.

visit Jetpack for WordPress

Google wins trial against Oracle as jury finds Android is “fair use”

SAN FRANCISCO-Following a two-week trial, a jury has found that Google’s Android operating system does not infringe Oracle-owned copyrights because its re-implementation of 37 Java APIs is protected by “fair use.” The verdict was reached after three days of deliberation. The verdict in Google’s favor ends the trial, which began earlier this month.

visit Ars Technica

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: