I Survived Drupalgeddon...
...How Hackers Took Over My Site, What I Did About It, And How You Can Stay Safe
Speakers: MKorostoff
Track: Coding, DevOps, Other
Audience: Intermediate
This a comprehensive post-mortem of the Drupalgeddon SQL injection bug as experienced on one of my personal web sites. In this talk I'll explain in-depth how the SQL injection bug worked. I'll show the way real hackers used this vulnerability in the wild, and how you can defeat a similar attack on your website. I'll show how I recovered an infected site, and the new security measures I put in place as a result of this security breach. Finally, I'll argue that when all is said and done, this has been a good learning experience for our community, and things could have been a lot, lot worse.
Speakers: MKorostoff
Track: Coding, DevOps, Other
Audience: Intermediate
This a comprehensive post-mortem of the Drupalgeddon SQL injection bug as experienced on one of my personal web sites. In this talk I'll explain in-depth how the SQL injection bug worked. I'll show the way real hackers used this vulnerability in the wild, and how you can defeat a similar attack on your website. I'll show how I recovered an infected site, and the new security measures I put in place as a result of this security breach. Finally, I'll argue that when all is said and done, this has been a good learning experience for our community, and things could have been a lot, lot worse.