PHP
Lifting the lid on the Redkit exploit kit
In the first of a two part series, Fraser Howard takes a closer look at the Redkit exploit kit.
Learn more about how this kit works and the compromised web servers that are being used to host it.
DHS website falls victim to hacktivist intrusion
Hacktivist group NullCrew recently announced a succesful intrusion against a website in the DHS.GOV domain hierarchy.
It looks as though the site was vulnerable to what's known as a directory traversal vulnerability.
Monday review: the hot 26 stories of the week
Here's a list of all the stories we've written in the last week, in case you missed any (or if you just want to read them again).
SourceForge serves up malware-infected phpMyAdmin toolkit
Being careful where you download from isn't always enough.
SourceForge, the hosting service for phpMyAdmin, has disclosed that the official phpMyAdmin 3.5.2.2 distribution was Trojanised some time last weekend.
Large percentage of websites vulnerable to HashDoS denial of service attack
Researchers in Germany have disclosed a vulnerability in most web programming languages that allows for a denial of service attack to be successful with very little resource and against the vast majority of websites
Unpatched WordPress installations rife with malware
The latest WordPress release is requiring users to update their PHP and MySQL installations to newer releases. Are WordPress users doing enough to protect their blogs? Does it make a difference if you patch?
WordPress plugins Trojanised, spotted, fixed
WordPress just announced that the source code for three plugins for its popular blog-hosting platform had been Trojanised. Fortunately, the malicious changes have now been removed. Find out what happened and how to fix it.
PHP 5.3.6 released - Fixes 5 security flaws
The PHP Group has released a set of bug fixes and security udpates to their ubiquitous PHP software. Web administrators should read through the change logs and update as soon as possible. Read the article to find out about the security related fixes and enhancements in PHP 5.3.6.
Malicious Iframe infects PHP-Nuke site....again!
Last May, I blogged about PHP-Nuke's official site being hacked. Imagine my surprise when I saw the site come up again in my malware feed.
![Have your say - LulzSec: helpful, harmless or hideous? [VOTE NOW]](http://sophosnews.files.wordpress.com/2013/05/lulzsec-poll-thumb.jpg?w=75&h=75&crop=1)
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
![Hacked TV channels broadcast zombie apocalypse emergency alert [VIDEO]](http://sophosnews.files.wordpress.com/2013/02/zombie-thumb.jpg?w=75&h=75&crop=1)
