Skip to content

Violent Python is a book by TJ. O’Connor.

It is interesting how Python can use nmap and other opensource tools (metasploit) to probe and review computer systems.

When trying to login to WordPress

I got this message instead:

(output started at public_html/wp-content/plugins/twitter/widget_twitter_vjck.php:171) in public_html/wp-includes/pluggable.php on line 896)

Which is interesting to say the least.

So after searching the Internet for a similar problem I found this WordPress support page:

Which suggested to look at the error and look for missing ?> (in this case they wanted the person to delete all content and add the ending bookends for the php code.

So I went to public_html/wp-includes/pluggable.php  and found out that it did not have ?> for some reason.  So I added the bookend at end of file "?>" and now I can login again.

I remember a couple of days ago I was trying to install a plugin and had some trouble. I eventually did get it installed, but I tried with several logins and different browsers. These actions may have caused WordPress to perform a file edit.

Anyway it is always good to have a backup, but if you need some WordPress help let us know.

It is a good idea to get in the habit of patching your systems consistently.

Not wanting to reboot is sometimes a wish of all of us, as we do not want to close all of our windows down, and restart fresh.

But we have to get in the habit, at least once a week to reboot and patch if needed.

this week teh patch Tuesday fixes as Threatpost mentions the 17 vulnerabilities fixed in Internet Explorer, as well as  a Zero-Day vulnerability.

Zero-day vulnerabilities are a problem since there is no fix for a while, so a malicious attack cannot be thwarted.

As an ethical hacker it is much harder to attack a system successfully with all the current patches on the system.

On patch Tuesday Microsoft has decided to roll up all the vulnerabilities found in the last month on one day, otherwise as each vulnerability gets created and fixed there would be many of them spaced out in a month and it thus becomes unmanageable in an enterprise environment(at more than 1000's of computers).  On March 2014 nakedsecurity says there are 5 bulletins, with 2 critical, and even  Mac)


So with patch Tuesday at Microsoft the other vendors with vulnerabilities have also instituted a release time in the month of their patches, causing the date of the month: "2nd Tuesday" a prominence in the calendar.  IT departments everywhere are working around the new vulnerability patch releases and their resulting fixes.

We at are frequently tasked to ensure patches have been installed and do provide security capabilities by using our

Alpha(A), Sigma(Σ), and Omega(Ω) scans.

Assessing Website structures, network infrastructure, and overall reviews of technology (wifi and anything computer related).

The key with staying secure on the Internet is:  Update your software, keep systems up-to-date, close software and ports that are not needed.

Be vigilant perform unique tests on your forms and SQL command structures, you will only know that your data will not be compromised when you test. Having an independent person try things to break and gt by your security is the only way to be more secure.

In the last 25 years the most common vulnerabilities are?

From VRT-Blog at

Total vulnerabilities and highly critical vulnerabilities were up in 2012 after a significant downswing over the previous few years; 2012 was a record-breaking year for the number of most critical vulnerabilities, those with a CVSS score of 10.

Buffer overflows continue to be the most important type of vulnerability, with 35% of the total share of critical vulnerabilities over the last 25 years.

Interesting to note that Microsoft also has been bumped as the top vendor (highest number of vulnerabilities)

Oracle (with Java) has replaced Microsoft.

Has a discussion of a warning about an analysis about a new toolkit that makes it easier to create malware or other attacks on the Windows platform, Java, and Adobe.

This is the actual link

AVG ThreatLabs has also discussed the Cool Exploit Kit.


What does this mean? - Be extra careful of links and attachments, as new malware is being developed.

Just fixed a computer with the Harbinger 'rootkit' virus.

Typical tools used to clean the computer, plus the Kaspersky bootkit removal tool called TDSSKiller Kaspersky webpage link.

If you do decide to download from other sources (when doing a Google search on TDSSKiller sometimes one get 3rd party mirrors, then download from CNET webpage

I tried downloading from some other sources, like It was interesting how it operated, it created audio soundtracks when a browser opened. The audio was from various sound files on the computer and from ads on the Internet. The virus ran in the background (not obvious it was running, but you could hear it). The rootkit likely ran and was doing its masters bidding.

The sound was odd advertisements, shows local to the area and other random noises. It was very odd, and of course annoying. After the Kaspersky tool ran (in safemode) then the system was clean.

Also remember to patch your machines, there are a lot of Microsoft vulnerabilities coming out soon.

Here is the Microsoft Techcenter Security Bulletin list: Microsoft webpage

Not just the shield, but we will help you Oversite your IT department.

We are helping simplify security, helping you oversee your security exposure, security profile.

There are a lot of options to discuss, we can help you oversee ( firewall configuration, network security, anti-virus setup.

This is a dangerous time as a business - trying to provide services for your customers while controlling security exposures to a risk level that is not dangerous.

Check our new website: