All Stories

CVE-2012-2661: SqlInjection on Rails

A SQL Injection was discovered in ActiveRecord Rails' default ORM framework. Let's talk about the vulnerability, the patch and other mitigation stuff.

Am I the sandman?

The work as application security specialit is to tell people how to improve their app o their overall system configuration from the security point of view.

Ghost in the shell: an exploiting attempt examinated

Yesterday I traced on my VPS running this blog an attack attempt against a wordpress plugin.

H@W #2 - Matteo Parmi: ruby hacker and opensource enthusiast

Hi guys, the second Hackers @ Work interview is with Matteo Parmi.

Is Design by contract the solution for safe coding?

A long time ago, in a University far away…