Drupal | Pandora Labs

Drupal Vulnerability PSA-2014-003 – “Assumed that you’re hacked!”

Before the year ends, another big security scandal arises. From Drupal’s Public Security Announcement (PSA) page, “Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 – Drupal core – SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.”

fb_sharelinkphoto | Pandora Labs

Guide to Log Analysis

Introduction. This short article covers some tips in conducting log analysis (specially on getting the information about top talkers and coming up with a comprehensive report). This is not something formal or a standard procedure that we should strictly follow. This is a guide to help you approach a log analysis problem systematically, which can…

fb_sharelinkphoto | Pandora Labs

10 Commandments of Password Security

Have you ever experienced having your email account hacked by someone? Have you ever asked how such attacks can happen? Or you have asked, “why me”? Well here is the painful truth: it’s due to negligence in protecting your password properly. There’s really nothing magical about account hacks believe me. An account can be easily…