Articles from Heine Deelstra

Primary tabs

I've recently seen some recommendations to use hook_hook_info to provide "groups" to core-provided hooks so you can move you

I've recently seen some recommendations to use hook_hook_info to provide "groups" to core-provided hooks so you can move you

I recently evaluated the Bakery Single Sign-On System aka Bakery SSO aka Bakery on behalf of clients.

I recently evaluated the Bakery Single Sign-On System aka Bakery SSO aka Bakery on behalf of clients.

SA-CORE-2012-003 fixes an issue in the Drupal installer that enables an attacker to cause the site to use a different attacker-controlled database.

SA-CORE-2012-003 fixes an issue in the Drupal installer that enables an attacker to cause the site to use a different attacker-controlled database.

The security landscape is changing. There's been on and off talk about bounties for security vulnerabilities and some firms already buy vulnerabilities (SecuriTeam, ZDI). This also causes me to re-evaluate the value of a vulnerability.

The security landscape is changing. There's been on and off talk about bounties for security vulnerabilities and some firms already buy vulnerabilities (SecuriTeam, ZDI). This also causes me to re-evaluate the value of a vulnerability.

On March 2nd 2012, security researcher Ivano Binetti published an advisory on Drupal 7 anti-CSRF measures.

On March 2nd 2012, security researcher Ivano Binetti published an advisory on Drupal 7 anti-CSRF measures.

Pages

Articles from Heine Deelstra

I've recently seen some recommendations to use hook_hook_info to provide "groups" to core-provided hooks so you can move you

I've recently seen some recommendations to use hook_hook_info to provide "groups" to core-provided hooks so you can move you

I recently evaluated the Bakery Single Sign-On System aka Bakery SSO aka Bakery on behalf of clients.

I recently evaluated the Bakery Single Sign-On System aka Bakery SSO aka Bakery on behalf of clients.

SA-CORE-2012-003 fixes an issue in the Drupal installer that enables an attacker to cause the site to use a different attacker-controlled database.

SA-CORE-2012-003 fixes an issue in the Drupal installer that enables an attacker to cause the site to use a different attacker-controlled database.

The security landscape is changing. There's been on and off talk about bounties for security vulnerabilities and some firms already buy vulnerabilities (SecuriTeam, ZDI). This also causes me to re-evaluate the value of a vulnerability.

The security landscape is changing. There's been on and off talk about bounties for security vulnerabilities and some firms already buy vulnerabilities (SecuriTeam, ZDI). This also causes me to re-evaluate the value of a vulnerability.

On March 2nd 2012, security researcher Ivano Binetti published an advisory on Drupal 7 anti-CSRF measures.

On March 2nd 2012, security researcher Ivano Binetti published an advisory on Drupal 7 anti-CSRF measures.

Pages