We’re looking for a very specific kind of UX designer to join our dynamic team in Singapore. A special role entails special requirements. So here we go! Have you worked on designing a responsive/adaptive web app? Do you believe in “form follows function“? Are you annoyingly picky about typography? Did you know that Foundation is something […]
Author: Ashwin Singh
Drupal 7 – SQL Injection Vulnerability (CVE-2014-3704)
We thought that we could rest for a while after taking care of the POODLE issue but then a team of security experts found out a critical Drupal issue (SA-CORE-2014-005) which is described here. We were able to fix this issue in time by applying the following recommended patch and clearing the cache: foreach (array_filter($args, ‘is_array’) […]
This POODLE Bites (CVE-2014-3566)
As you might be aware, the POODLE (Padding Oracle On Downgraded Legacy Encryption) issue has hit users, like us, who use SSLv3 (Secure Socket Layer Version 3). As always, we were prompt in addressing the issue and have disabled the SSLv3 protocol on the Elastic Load Balancers and will be supporting TLS (Transport Layer Security) […]
We are (not) Shellshock-ed! (CVE-2014-6271)
Shellshock, also known as Bashdoor, has hit the corridors of the security world today. Fortunately, we have the latest versions of the bash shell installed on most of our servers and hence, no further action is required from our end for these instances. The few vulnerable instances, which had the older version of bash, have […]
A Heart that Bleeds! (CVE-2014-0160)
Hi there, A major security bug in the OpenSSL cryptography library called Heartbleed has come to light. We have addressed this issue by updating the OpenSSL package on our Amazon Linux AMIs (Amazon Machine Images) and by rotating the SSL certificates. We also recommend that you should change your password to be on the […]