perhj - Slashdot User

Submission + - Critical Magento SQL Injection Flaw Could Soon Be Targeted by Hackers (csoonline.com)

Submitted by itwbennett on Friday March 29, 2019 @03:45PM

itwbennett writes: The popular e-commerce platform Magento has released 37 security issues affecting both the commercial and open-source versions, four of which are critical. 'Of those, one SQL injection flaw is of particular concern for researchers because it can be exploited without authentication,' writes Lucian Constantine for CSO. Researchers from Web security firm Sucuri 'have already reverse-engineered the patch [for that flaw] and created a working proof-of-concept exploit for internal testing' says Constantin. 'The SQL vulnerability is very easy to exploit, and we encourage every Magento site owner to update to these recently patched versions to protect their ecommerce websites,' the researchers warn in a blog post.

Comment The terrorist threat is overrated (Score 2, Interesting) 502

by perhj on Monday July 19, 2010 @09:41AM (#32950174) Attached to: Top Secret America

Reminds me of the following scene from The Simpson's:
Homer: Not a bear in sight. The Bear Patrol is working like a charm!
Lisa: That’s specious reasoning, dad. By your logic, I could claim that this rock keeps tigers away.
Homer: Hmm. How does it work?
Lisa: It doesn’t work, it’s just a stupid rock!
Homer: Uh-huh.
Homer (after a moment's thought): Lisa, I want to buy your rock

It could well be that the ridiculous sums of money spent on "Homeland Security" (a phrase that creeps the fuck out of me) is indeed money well spent. But please allow me to posit that the terrorist threat is actually McCarthy-esque bogeyman. Nevertheless, if the people of the US truly want to be (as opposed to feel) more safe, the best policy just might be to refrain from meddling in other countries' affairs quite so much...

Slashdot Top Deals