The National Institute of Standards and Technology (NIST) today has re-released their Special Publication 800-53. The document I just saw says it is Revision 1, with a June 2010 stamp on the cover. This is confusing because the current version made available to the general public is listed as Revision 3. Here is the official … Continue reading Updates to NIST SP 800-53 →

This attack has been around a while, but an IP range in Belarus with a user-agent of Mozilla/4.0 appears to be trying it again. WordPress servers should be prepared for the old SQL attack. Here are just two of the many attempt types: ?cat=999+UNION+SELECT+null,CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58)),null,null,null+FROM+wp_users+where+id=1/* ?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58))+FROM+wp_users+where+id=1/* This attack tries to expose the blog software’s admin (id=1) … Continue reading WordPress SQL Attacks →

Computer world has an interesting review of a British company’s outsource strategy for IT. It has the provocative title of How the Cloud Changed World’s Oldest Newspaper. It shifts IT from keeping the lights on to delivering customer-facing value. Wright presented a chart showing the changing makeup of IT headcount and how cloud computing supports … Continue reading Cloud Economics and the Telegraph →

The Associated Press says thieves have robbed a police station in Carletonville, west of Johannesburg, South Africa, leaving nothing behind “It’s a very bizarre situation,” [Democratic Alliance] police spokeswoman Dianne Kohler Barnard told AFP. “We have a police station being robbed of everything. Stripped. It’s more than robbed. It’s absolutely gutted.” She said the thieves … Continue reading Police Station Robbed →