It's pretty difficult to make information security predictions, and even more difficult to verify them afterwards: we can only judge the effectiveness of information security by the number of public security incidents that were uncovered, while the majority of data breaches remain undetected.
A programming flaw in the code of popular online marketplace AliExpress, which connects small Chinese businesses with international buyers and has over 7.7 million registered users, has endangered each and every one of them as it could reveal their names, shipping addresses and phone numbers to anyone who knew where to look.
Google has open source another security tool: it's called Firing Range, and it's an effective testing ground for a variety of automated web application security scanners.
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL injection vulnerability (CVE-2014-3704) on October 15, are advised to consider their site as potentially compromised and proceed to fix the issue.
Admins of sites that run Drupal 7 are advised to update to the latest version of the platform - version 7.32 - because it fixes a critical SQL injection vulnerability that can ultimately lead to site hijacking and data theft.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.