ISC StormCast for Friday, November 21st 2014

By Johannes Ullrich Critical WordPress Update fixes XSS
https://isc.sans.edu/forums/diary/Critical+WordPress+XSS+Update/18977
Google Releases Web Application Scanner “Firing Range”
https://isc.sans.edu/forums/diary/Google+Web+Firing+Range+Available/18975
Detekt Scanner Focusing on State Surveillance Malware
https://www.eff.org/deeplinks/2014/11/detekt-new-malware-detection-tool-can-expose-illegitimate-state-surveillance
PHP Backdoor Included in Templates/Themese for various Content Management Systems
https://foxitsecurity.files.wordpress.com/2014/11/cryptophp-whitepaper-foxsrt-v4.pdf
jQuery CAPTCHA XSS Flaw PAtched
http://sijmen.ruwhof.net/weblog/256-cross-site-scripting-in-millions-of-web-sites#more-256 More Here