PHP 5.3.29 is available, PHP 5.3 reaching end of life

Published: 2014-08-14
Last Updated: 2014-08-14 16:15:15 UTC
by Basil Alawi S.Taher (Version: 1)
0 comment(s)

The PHP development team announces the immediate availability of PHP 5.3.29. This release marks the end of life of the PHP 5.3 series. Future releases of this series are not planned. All PHP 5.3 users are encouraged to upgrade to the current stable version of PHP 5.5 or previous stable version of PHP 5.4, which are supported till at least 2016 and 2015 respectively.

PHP 5.3.29 contains about 25 potentially security related fixes backported from PHP 5.4 and 5.5.

For source downloads of PHP 5.3.29, please visit our downloads page. Windows binaries can be found on windows.php.net/download/. The list of changes is recorded in the ChangeLog.

For helping your migration to newer versions please refer to our migration guides for updates from PHP 5.3 to 5.4 and from PHP 5.4 to 5.5.

http://php.net/

Keywords:
0 comment(s)

Threats to virtual environments

Published: 2014-08-14
Last Updated: 2014-08-14 12:10:46 UTC
by Basil Alawi S.Taher (Version: 1)
0 comment(s)

In the past few years the virtualization concept becomes very popular. A new study by Symantec [1] discussed the threats to the virtual environment and suggests the best practice to minimize the risk.

The study show the new security challenges with the virtual environment, threats such as that the network traffic may not be monitored by services such as IDS or DLP.    

The paper covers how malware behave in virtual environment . One example of malware that target virtual machines is W32.Crisis .This malware doesnâ??t exploit any specific vulnerability , basically it take the advantage of how the virtual machines are stored in the host system. Virtual machine is stored as a set of files on the storage and it can be manipulated or mounted by free tools.

The study address using VMs as a system for malicious code analysis, for example in some cases when a malicious code detects thatâ??s its running in a virtual machine it will send a false data such as trying to connect to C&C with wrong IP.  The study show that the number of malware that detect Vmware has been increased in the past couple years. For more reliable results the study suggests that security researcher should use physical hardware in controlled network instead of virtual machines.  

In the last section of the paper it suggest the best practice to secure the virtual environment.

1 http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/threats_to_virtual_environments.pdf

Keywords: virtual vmware
0 comment(s)
ISC StormCast for Thursday, August 14th 2014 http://isc.sans.edu/podcastdetail.html?id=4105

Comments

cwqwqwq
eweew<a href="https://www.seocheckin.com/edu-sites-list/">mashood</a>
WQwqwqwq[url=https://www.seocheckin.com/edu-sites-list/]mashood[/url]
dwqqqwqwq mashood
[https://isc.sans.edu/diary.html](https://isc.sans.edu/diary.html)
[https://isc.sans.edu/diary.html | https://isc.sans.edu/diary.html]
What's this all about ..?
password reveal .
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
https://thehomestore.com.pk/

Diary Archives