You are here:
  1. Home
  2. Blog
  3. security
 |  Interwebs

pipdig: Your Questions Answered

This blog post is a follow-up to yesterday’s post: Security alert: pipdig insecure, DDoSing competitors. Firstly, to re-iterate, my accusations are as follows… pipdig did knowingly and with malicious intent: used other bloggerโ€™s servers to perform a DDoS on a competitor manipulated bloggerโ€™s content to…

 |  Geek, PHP

SQL Injection Flaw in FanUpdate

A security issue has come to light in FanUpdate (2.2.1 specifically but likely affects previous versions). This only affects those who are still running with register_globals turned on (a very bad idea). The problem — for those interested — lies in show-cat.php relying on an…

 |  Geek, PHP

PHP Security Tips

Because you can never know too much, and it’s about time I wrote a follow-up to my PHP Script Checklist article. 1. Never include sensitive data in a .inc When I started my current job, one of the first things I did was move all…

 |  Geek

Passwords at Tesco Not The Issue

It seems almost ironic that just the other day I was ranting about Tesco’s seemingly mediocre approach to password security, and today we hear that Tesco online store ‘is infiltrated by insider card fraudster’. Customers shopping at Britain’s biggest Internet store — Tesco Direct —…

Follow on Instagram