CUEH Blog

Academics poking things and seeing what happens

news

Comment on the goings-on of the industry. Or whatever news made Dan start ranting recently.

Students Discover Moodle Vulnerability

01 December 2016 - Posted in news by james with comments

The reporting (http://www.coventrytelegraph.net/news/coventry-news/coventry-university-students-left-vulnerable-12080500) on this suggests a big scary hack at the university, but actually it's more of a good-news story about how vigilent our students are.

Internally, this got quite complicated, but the essence of it is:

Students found a potential vulnerability in a Moodle plugin
This is a vulnerability that affects any Moodle instance with the plugin - at Coventry or anywhere else.
Students also provided a fix, which has since been incorporated into the plugin by the author.
Very little data was actually at risk - lecture notes, test scores, but nothing like passwords or personal details.
So, this was a potential risk of session hijacking under quite specific conditions.
No privilege escalation!

Progress of the conference

16 June 2016 - Posted in news by james with comments

Concentrating hard Christo ponders

Taking care of the important stuff: Lunch

More violent than I remember...: Angry James

The debrief: Battle of the trees at the Wellington

Start of the HEA Conference on Cybersecurity

Start of the HEA Conference on Cybersecurity

16 June 2016 - Posted in news by james with comments

Professionals, ready for the event.

Recent Posts

New Toy

So these arrived last week. Not had time to open them up until now. AU$99...

Read more

Students Discover Moodle Vulnerability

The reporting...

Read more

Progress of the conference

Concentrating hard Taking care of the important stuff: More violent than I...

Read more

Start of the HEA Conference on Cybersecurity

Professionals, ready for the event....

Read more

Ethical Slackers win MLH event

...

Read more