Clik here to view.
Frank Goossens: No REST for the wicked
After the PR-beating WordPress took with the massive defacements of non-upgraded WordPress installations, it is time to revisit the point-of-view of the core-team that the REST API should be active for...
View ArticleClik here to view.
Xavier Mertens: [SANS ISC Diary] Analysis of a Suspicious Piece of JavaScript
I published the following diary on isc.sans.org: “Analysis of a Suspicious Piece of JavaScript“.What to do on a cloudy lazy Sunday? You go hunting and review some alerts generated by your robots....
View ArticleClik here to view.
Xavier Mertens: Think Twice before Posting Data on Pastebin!
Pastebin.com is one of my favourite playground. I’m monitoring the content of all pasties posted on this website. My goal is to find juicy data like configurations, database dumps, leaks of...
View ArticleClik here to view.
Mattias Geniar: PHP 7.2 to get modern cryptography into its standard library
The post PHP 7.2 to get modern cryptography into its standard library appeared first on ma.ttias.be.This actually makes PHP the first language, over Erlang and Go, to get a secure crypto library in its...
View ArticleLuc Verhaegen: The beginning of the end of the RadeonHD driver.
Soon it will be a decade since we started the RadeonHD driver, where we pushed ATI to a point of no return, got a proper C coded graphics driver and freely accessible documentation out. We all know...
View ArticleClik here to view.
Dries Buytaert: How Nasdaq offers a Drupal distribution as-a-service
Nasdaq CIO and vice president Brad Peterson at the Acquia Engage conference showing the Drupal logo on Nasdaq's MarketSite billboard at Times Square NYCLast October, I shared the news that Nasdaq...
View ArticleClik here to view.
Wim Leers: A career thanks to open source
Hasselt University Professor Frank Neven asked me to come and talk a bit about my experience in open source, and how it helped me. It helped me during my studies, in my career and even in life...
View ArticleClik here to view.
Julien Pivotto: Augeas resource for mgmt
Last week, I joined the mgmt hackathon, just after Config Management Camp Ghent. It helped me understanding how mgmt actually works and that helped me to introduce two improvements in the codebase:...
View ArticleClik here to view.
Dries Buytaert: Distributions remain a growing opportunity for Drupal
Yesterday, after publishing a blog post about Nasdaq's Drupal 8 distribution for investor relations websites, I realized I don't talk enough about "Drupal distributions" on my blog. The ability for...
View ArticleClik here to view.
Xavier Mertens: [SANS ISC Diary] How was your stay at the Hotel La Playa?
I published the following diary on isc.sans.org: “How was your stay at the Hotel La Playa?“.I made the following demo for a customer in the scope of a security awareness event. When speaking to...
View ArticleClik here to view.
Xavier Mertens: Integrating OpenCanary & DShield
Being a volunteer for the SANS Internet Storm Center, I’m a big fan of the DShield service. I think that I’m feeding DShield with logs for eight or nine years now. In 2011, I wrote a Perl script to...
View ArticleClik here to view.
Jeroen De Dauw: Why Every Single Argument of Dan North is Wrong
Alternative title: Dan North, the Straw Man That Put His Head in His Ass.This blog post is a reply to Dans presentation Why Every Element of SOLID is Wrong. It is crammed full with straw man...
View ArticleClik here to view.
Frank Goossens: Music from our Tube (& Nova); Sampha
Sampha, live on Radio Nova, keyboards only;Watch this video on YouTube.Possibly related twitterless twaddle:Music from our Tube: Kellylee Evans covers “Alors on Danse” Music from Our Tube; The Cure’s...
View ArticleClik here to view.
Wim Leers: OpenTracker
This is an ode to Dirk Engling’s OpenTracker.It’s a BitTorrent tracker.It’s what powered The Pirate Bay in 2007–2009.I’ve been using it to power the downloads on http://driverpacks.net since the end of...
View ArticleClik here to view.
Bjorn Monnens: Information overload
It’s been a while since my last post (18/01/2014) … This year I made a new year’s resolution to blog more (like I did in the good old days).My first post since the silent years will be a bit of...
View ArticleClik here to view.
Lionel Dricot: Les 3 piliers de la sécurité
La sécurité est un terme sur toutes les lèvres mais bien peu sont en mesure de la définir et de la concevoir rationnellement.Je vous propose la définition suivante :« La sécurité est l’ensemble des...
View ArticleClik here to view.
Mattias Geniar: Linux kernel: CVE-2017-6074 – local privilege escalation in DCCP
The post Linux kernel: CVE-2017-6074 – local privilege escalation in DCCP appeared first on ma.ttias.be.Patching time, again.This is an announcement about CVE-2017-6074 [1] which is a double-free...
View ArticleClik here to view.
Mattias Geniar: Kernel patching with kexec: updating a CentOS 7 kernel...
The post Kernel patching with kexec: updating a CentOS 7 kernel without a full reboot appeared first on ma.ttias.be.tl;dr: you can use kexec to stage a kernel upgrade in-memory without the need for a...
View ArticleClik here to view.
Xavier Mertens: Am I Affected by Cloudbleed?
Yesterday, Cloudflare posted an incident report on their blog about an issue discovered in their HTML parser. A very nice report which is worth a read! As usual, in our cyber world, this vulnerability...
View ArticleClik here to view.
Frank Goossens: Autoptimize CSS defer switching to loadCSS (soon)
Historically Autoptimize used its own JS-implementation to defer the loading of the main CSS, hooking into the domContentLoaded event and this has worked fine. I knew about Filament Group’s loadCSS,...
View Article