Research

Pandora Labs is a Security-as-a-Service company that provides businesses with on-demand IT security resources through our cloud computing platform and augment security teams which enables them to establish and utilize effective and holistic IT security.

Drupal | Pandora Labs

Drupal Vulnerability PSA-2014-003 – “Assumed that you’re hacked!”

Before the year ends, another big security scandal arises. From Drupal’s Public Security Announcement (PSA) page, “Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 – Drupal core – SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.”

Details
fb_sharelinkphoto | Pandora Labs

Guide to Log Analysis

Introduction. This short article covers some tips in conducting log analysis (specially on getting the information about top talkers and coming up with a comprehensive report). This is not something formal or a standard procedure that we should strictly follow. This is a guide to help you approach a log analysis problem systematically, which can…

Details