Last updated:
Sat Dec 20 11:07:18 2014 GMT
  2014 FIRST Annual Conference in Boston - Register now


Recent bugs
via SecurityFocus,
uzbl 'uzbl-core' '@SELECTED_URI' Mouse Button Bindings Command Injection Vulnerability
LFTP 'Content-Disposition' HTTP Header Arbitrary File Overwrite Vulnerability
OProfile Multiple Security Vulnerabilities
JasPer 'jpc_dec.c' Multiple Remote Heap Buffer Overflow Vulnerabilities
IBM WebSphere Application Server CVE-2014-3021 Unspecified Information Disclosure Vulnerability
MantisBT CVE-2014-1609 Multiple Unspecified SQL Injection Vulnerabilities
MantisBT XmlImportExport Plugin 'ImportXml.php' Arbitrary PHP Code Execution Vulnerability
MantisBT XmlImportExport Plugin CVE-2014-8598 Multiple Security Bypass Vulnerabilities
ZNC 'CWebAdminMod::ChanPage()' Function Denial of Service Vulnerability
GNU glibc 'getanswer_r()' Function Infinite Loop Denial of Service Vulnerability
Recent advisories
via Secunia, US-CERT,
TA12-073A: Microsoft Updates for Multiple Vulnerabilities
TA12-045A: Microsoft Updates for Multiple Vulnerabilities
TA12-024A: "Anonymous" DDoS Activity
TA12-010A: Microsoft Updates for Multiple Vulnerabilities
TA12-006A: Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack
TA11-350A: Adobe Updates for Multiple Vulnerabilities
TA11-347A: Microsoft Updates for Multiple Vulnerabilities
TA11-312A: Microsoft Updates for Multiple Vulnerabilities
TA11-286A: Apple Updates for Multiple Vulnerabilities
TA11-284A: Microsoft Updates for Multiple Vulnerabilities
TA11-256A: Microsoft Updates for Multiple Vulnerabilities
TA11-222A: Adobe Updates for Multiple Vulnerabilities
TA11-221A: Microsoft Updates for Multiple Vulnerabilities
TA11-201A: Oracle Updates for Multiple Vulnerabilities
TA11-200A: Security Recommendations to Prevent Cyber Intrusions
TA11-193A: Microsoft Updates for Multiple Vulnerabilities
TA11-165A: Microsoft Updates for Multiple Vulnerabilities
TA11-166A: Adobe Updates for Multiple Vulnerabilities
TA11-130A: Microsoft Updates for Multiple Vulnerabilities
TA11-102A: Microsoft Updates for Multiple Vulnerabilities
Bugtraq Topics
via SecurityFocus,
Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability
Facebook BB #18 - IDOR Issue & Privacy Vulnerability
TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325
TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367
SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted
SEC Consult SA-20141218-2 :: Multiple high risk vulnerabilities in NetIQ Access Manager
[oCERT-2014-012] JasPer input sanitization errors
APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3
iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability
E-Journal CMS (ID) - Multiple Web Vulnerabilities
Top Worms and Viruses
via Sophos,
Troj/Invo-Zip
W32/Netsky
Mal/EncPk-EI
Troj/Pushdo-Gen
Troj/Agent-HFU
Mal/Iframe-E
Troj/Mdrop-BTV
Troj/Mdrop-BUF
Troj/Agent-HFZ
Troj/Agent-HGT
Latest MS bulletins
via Microsoft,
MS11-703 - Important: Test MNP bulletin #3 (test0703)
MS11-702 - Moderate: Test MNP bulletin #2 (test0702)
MS11-701 - Low: Test MNP bulletin #1 (test0701)
MS11-069 - Moderate: Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)
MS11-068 - Moderate: Vulnerability in Windows Kernel Could Allow Denial of Service (2556532)
MS11-067 - Important: Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)
MS11-066 - Important: Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943)
MS11-065 - Important: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222)
MS11-064 - Important: Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)
MS11-063 - Important: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680)
Stock Watch
via Yahoo! Finance
Updated 12/19/2014
NASDAQ 4765.38 +16.983
JNPR 22.48 +0.58
SYMC 25.825 +0.085
CSCO 27.77 +0.12
CKP 13.49 -0.01
MSFT 47.66 +0.14
IBM 158.51 +0.83
INTC 36.37 -0.65
AMD 2.57 +0.02
CIC.TO 10.98 +0.07
CA 30.915 +0.365
BCSI 0.00 N/A
VRSN 58.29 +0.99
INTC 36.37 -0.65
CUDA 37.38 +0.10
SPLK 61.605 +2.415
FEYE 33.06 +2.16
QLYS 39.31 +2.22
PANW 124.36 +0.92
HPQ 39.90 +0.08
IMPV 49.93 -0.35
PFPT 50.20 +2.03

 

Recent News

Vigil@nce - VMware vCenter Server Appliance: Cross Site Scripting, analyzed on 05/12/2014
Vigil@nce - public vulnerabilities
An attacker can trigger a Cross Site Scripting of VMware vCenter Server Appliance, in order to execute JavaScript code in the context of the web site.

Vigil@nce - VMware vCenter Server: invalid certificate check, analyzed on 05/12/2014
Vigil@nce - public vulnerabilities
An attacker can act as a Man-in-the-Middle of VMware vCenter Server, in order to obtain or alter information about the CIM service.

Vigil@nce - OpenBSD: denial of service via PIPEX, analyzed on 05/12/2014
Vigil@nce - public vulnerabilities
An attacker can send a malicious PIPEX packet to OpenBSD, in order to trigger a denial of service.

Vigil@nce - Fine Free file: denial of service via ELF Notes, analyzed on 17/12/2014
Vigil@nce - public vulnerabilities
An attacker can force Fine Free file to analyze a malicious ELF file, in order to trigger a denial of service.

Vigil@nce - Fine Free file: denial of service via ELF Strings, analyzed on 17/12/2014
Vigil@nce - public vulnerabilities
An attacker can force Fine Free file to analyze a malicious ELF file, in order to trigger a denial of service.

North Korea says to boost nuclear power to counter U.S. hostile policy
Yahoo! News: Security News

Japan, South Korea condemn Sony hack; Chinese paper says movie is senseless
Yahoo! News: Security News
TOKYO (Reuters) - Japan and South Korea condemned a hacking attack on Sony Pictures that the United States has blamed on North Korea and said they would cooperate in international efforts against cyber-crime as asked for by Washington.

Obama says North Korea hacked Sony, vows response
Yahoo! News: Security News

Sony Pictures CEO says had no choice but to pull 'The Interview'
Yahoo! News: Security News
LOS ANGELES (Reuters) - Describing the lonely work of leading a company through a devastating cyberattack, Sony Pictures Entertainment chief executive Michael Lynton on Friday said the Hollywood studio did not make a mistake in pulling satirical film "The

Top Asian News at 4:30 a.m. GMT
Yahoo! News: Security News
WASHINGTON (AP) President Barack Obama declared Friday that Sony "made a mistake" in shelving a satirical film about a plot to assassinate North Korea's leader, and he pledged the U.S. would respond "in a place and manner and time that we choose" to the

Staples comes clean: Hackers swiped 1.16 MILLION bank cards
The Register - Security: Anti-Virus

Run for the tills! Run for the tills!

Staples says malware that infected its registers in 115 stores swiped bank card numbers from 1.16 MILLION customers.


Heads up! If Tor VANISHES over the weekend, this is why
The Register - Security: Anti-Virus

Developers warn of swoop plot to cripple privacy network

The Tor Project is warning that its network used by netizens to mask their identities on the internet may be knocked offline in the coming days.


Obama vows U.S. response to North Korea over Sony cyber attack
Yahoo! News: Security News

Sony trying to find alternatives to release 'The Interview'
Yahoo! News: Security News
LOS ANGELES (Reuters) - Sony Pictures said on Friday it is looking for alternatives to release "The Interview" after it scrapped the Christmas Day theatrical opening of the screwball comedy at the center of a cyber attack on the studio blamed on North Kor

Obama mocks absurd plot twist of cyber attack on Sony
Yahoo! News: Security News
WASHINGTON/LOS ANGELES (Reuters) - Faced with the most destructive cyber attack of a company on U.S. soil, President Barack Obama resorted to humor to explain an absurd plot that even Hollywood did not see coming.

Re: "Your cell phone number: To give or not to give"
RISKS Digest

Re: Lenovo recalls more than 500,000 power cords due to spark, burn risk
RISKS Digest

Re: SmartDriver: a 16-year-old can see the risks
RISKS Digest

Emergency? DNS TTL < 6 months?
RISKS Digest

After Silk Road takedowns, Dark Web drug sites still thriving
RISKS Digest

FBI Agents Pose as Repairmen to Bypass Warrant Process
RISKS Digest

Public Reactions to Snowden
RISKS Digest

LU Wei editorial in the *HuffPost*
RISKS Digest

"Microsoft vs. DoJ: The battle for privacy in the cloud"
RISKS Digest

SS7 hackdoors allow ANYONE to listen to your calls
RISKS Digest

German Researchers Discover a Flaw That Could Let Anyone Listen to Your Cell Calls
RISKS Digest

"12 million home and business routers vulnerable to critical hijacking hack"
RISKS Digest

"Misfortune Cookie" CVE-2014-9222
RISKS Digest

Ars Technica public stmt and reaction to hack on 14 Dec ...
RISKS Digest

ICANN e-mail accounts, zone database breached in spearphishing attack
RISKS Digest

From thehill.com: FBI accuses North Korea of hack
RISKS Digest

Interesting slip from *The NYTimes* on Sony and North Korea?
RISKS Digest

Drone blimps over Washington DC
RISKS Digest

Sony Pictures hack is Hollywood's 'Snowden moment' say infosec bods
The Register - Security: Anti-Virus

Keys to sysadmin accounts nicked, abused, it appears

Hackers obtained system administrators' passwords to pull of the mega-hack against Sony Pictures' servers, ICANN: The TRUTH about that hacker attack on our DNS zone file database
The Register - Security: Anti-Virus

But vague details raise questions about org's security

The internet's critical IANA body which allocate IP addresses and manage global DNS was not compromised Obama says Sony 'made a mistake' in pulling 'The Interview'
Yahoo! News: Security News
WASHINGTON (Reuters) - U.S. President Barack Obama on Friday said Sony Pictures "made a mistake" in pulling the satirical film "The Interview" after suffering a devastating cyber attack blamed on North Korea. "I wish they (Sony) would have spoken to me fi

The Audacity of Scolding Sony
Yahoo! News: Security News

Celebrities react to latest Sony hack developments
Yahoo! News: Security News

Kim Jong Un game spoof 'Glorious Leader!' moving forward
Yahoo! News: Security News

5 ways to make your email safer in case of a hack attack
Yahoo! News: Security News
LOS ANGELES (AP) The Sony hack, the latest in a wave of company security breaches, exposed months of employee emails. Other hacks have given attackers access to sensitive information about a company and its customers, such as credit-card numbers and emai

Staples says security breach may have affected 1.16 million cards
Yahoo! News: Security News

Risk modelers look to clarify cyber risk costs
Yahoo! News: Security News

Staples: Customer data exposed in security breach
Yahoo! News: Security News
PORTLAND, Ore. (AP) Staples Inc. says nearly 1.2 million customer payment cards may have been exposed during a security breach earlier this year.

Sony faces 4th ex-employee lawsuit over hack
Yahoo! News: Security News

Theater shooter's parents plead for his life
Yahoo! News: Security News
DENVER (AP) The parents of Colorado theater shooter James Holmes begged Friday for his life to be spared through a plea bargain a move that rekindled the long-running, emotional debate about whether the horrific details of the mass killing should be pla

Older News

Sony Pictures CEO says had no choice but to pull 'The Interview'
Yahoo! News: Security News

North Korea denies connection with Sony hacking
Yahoo! News: Security News

Sony on shelving 'The Interview': 'We had no choice'
Yahoo! News: Security News

AP Interview: Coelho says Sony hack threatens all
Yahoo! News: Security News

FBI blames North Korea for Sony hack citing malware evidence
Techworld.com Security News

FBI fingers Norks in Sony hack, Obama says: HOW DO WE SOLVE A PROBLEM LIKE KOREA?
The Register - Security: Anti-Virus

Full text of U.S. FBI statement on Sony cyberattack
Yahoo! News: Security News

2012 movie massacre hung over 'Interview' decision
Yahoo! News: Security News

Security flaws allow global cellular eavesdropping
Yahoo! News: Security News

Hackers warn not to release 'The Interview' in any form
Yahoo! News: Security News

George Clooney criticizes Hollywood in Sony cyber attack
Yahoo! News: Security News

FBI blames North Korea for Sony hack
Yahoo! News: Security News

US officially accuses North Korea of Sony hacking
Yahoo! News: Security News

Hackers tell Sony wise to cancel film, don't make more trouble: CNN
Yahoo! News: Security News

U.S. expected to formally blame North Korea for Sony cyberattack
Yahoo! News: Security News

Report: U.S. planning "proportional response" to Sony hack, blamed on North Korea
LinuxSecurity.com - Latest News

Heartbleed, Shellshock, Tor and more: The 13 biggest security stories of 2014
LinuxSecurity.com - Latest News

Vigil@nce - WordPress Cart66 Lite: SQL injection, analyzed on 04/12/2014
Vigil@nce - public vulnerabilities

Vigil@nce - Qemu: memory corruption via cirrus, analyzed on 04/12/2014
Vigil@nce - public vulnerabilities

Linux 'GRINCH' vuln is AWFUL. Except, er, maybe it isn't
The Register - Security: Anti-Virus

Welsh council rapped for covert spying on sick leave worker
The Register - Security: Anti-Virus

Sony hack adds to security pressure on companies
Yahoo! News: Security News

Vigil@nce - Fine Free file: two vulnerabilities of ELF, analyzed on 16/12/2014
Vigil@nce - public vulnerabilities

Vigil@nce - Linux kernel: information disclosure via set_thread_area espfix, analyzed on 16/12/2014
Vigil@nce - public vulnerabilities

Vigil@nce - Drupal Hierarchical Select: Cross Site Scripting, analyzed on 04/12/2014
Vigil@nce - public vulnerabilities

Vigil@nce - Drupal Webform Invitation: Cross Site Scripting, analyzed on 04/12/2014
Vigil@nce - public vulnerabilities

Vigil@nce - procmail: buffer overflow of getlline, analyzed on 04/12/2014
Vigil@nce - public vulnerabilities

Think North Korea hacked Sony? Think about this
Techworld.com Security News

Git thee behind me, Git client bug!
The Register - Security: Anti-Virus

Armouring up online: Duncan Campbell's chief techie talks crypto with El Reg
The Register - Security: Anti-Virus

Webcam-snooping spawn of ZeuS hits 150 banks worldwide
The Register - Security: Anti-Virus

Hack attack spurs call for more NKorea sanctions
Yahoo! News: Security News

Hack hijacks electric skateboards, dumps hipsters in the gutter
The Register - Security: Anti-Virus

Movie industry's evil plan to destroy the internet is going precisely nowhere
The Register - Security: Anti-Virus

Companies' data security in question after Sony hack
Yahoo! News: Security News

Hack attack spurs call for more NKorea sanctions
Yahoo! News: Security News

For North Korea's cyber army, long-term target may be telecoms, utility grids
Yahoo! News: Security News

Kiwi hacker 'menace' pops home detention tracker cuffs
The Register - Security: Anti-Virus

10 Things to Know for Friday
Yahoo! News: Security News

Forget the politics, Sony executives say North Korea comedy 'desperately unfunny'
Yahoo! News: Security News

Top Asian News at 4:30 a.m. GMT
Yahoo! News: Security News

New fear: ISIS killers use 'digital AK-47' malware to hunt victims
The Register - Security: Anti-Virus

Security experts fear Sony attack to fuel more company extortion
Yahoo! News: Security News


all content is copyright its respective owner or owners. the tools and components behind this page are copyright © 2003-2010 jose nazario, all rights reserved. this page is available as RSS 2.0.