Hackin9

PHP 5.6.11, 5.5.27 and 5.4.43 were updated fixing numerous bugs in the various components of PHP including CVE-2015-3152. PHP recommend testing and upgrading to the current release. The binaries and packages are available here and the release notes here.

[1] http://www.php.net/ChangeLog-5.php
[2] http://windows.php.net/download/

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

My data was hacked, and I'm mad as hell.

As anyone who reads Ars no doubt knows by now, the federal Office of Personnel Management (OPM) has been hacked hard—losing data on some 21.5 million people. The agency's director just resigned over the situation. But exactly why does the hack matter? What was exposed, and how sensitive was that information?

OPM is sort of (but not quite) like the government's human resources department. Most federal workers probably know OPM as the agency that tells them whether or not they've got a snow day. But OPM also handles background checks for sensitive positions, and this motherlode of data is now in the hands of whichever adversary broke in and stole it.

Read 14 remaining paragraphs | Comments

 
Internet Storm Center Infocon Status