Last updated:
Sat Nov 29 05:07:26 2014 GMT
  2014 FIRST Annual Conference in Boston - Register now


Recent bugs
via SecurityFocus,
Mojolicious Command Line Parameter Injection Vulnerability
CBN CH6640E and CG6640E Wireless Gateway Series Multiple Security Vulnerabilities
WordPress Wordfence Firewall Plugin 'wp-admin/admin.php' Cross Site Scripting Vulnerability
Aircrack-ng 'network.c' Denial of Service Vulnerability
Arris VAP2500 CVE-2014-8423 Remote Code Execution Vulnerability
libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
Libksba 'ksba_oid_to_str() Function Buffer Overflow Vulnerability
WordPress Multiple Unspecified Cross Site Scripting Vulnerabilities
WordPress Password Check Denial of Service Vulnerability
Raritan PowerIQ Multiple SQL Injection Vulnerabilities
Recent advisories
via Secunia, US-CERT,
TA12-073A: Microsoft Updates for Multiple Vulnerabilities
TA12-045A: Microsoft Updates for Multiple Vulnerabilities
TA12-024A: "Anonymous" DDoS Activity
TA12-010A: Microsoft Updates for Multiple Vulnerabilities
TA12-006A: Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack
TA11-350A: Adobe Updates for Multiple Vulnerabilities
TA11-347A: Microsoft Updates for Multiple Vulnerabilities
TA11-312A: Microsoft Updates for Multiple Vulnerabilities
TA11-286A: Apple Updates for Multiple Vulnerabilities
TA11-284A: Microsoft Updates for Multiple Vulnerabilities
TA11-256A: Microsoft Updates for Multiple Vulnerabilities
TA11-222A: Adobe Updates for Multiple Vulnerabilities
TA11-221A: Microsoft Updates for Multiple Vulnerabilities
TA11-201A: Oracle Updates for Multiple Vulnerabilities
TA11-200A: Security Recommendations to Prevent Cyber Intrusions
TA11-193A: Microsoft Updates for Multiple Vulnerabilities
TA11-165A: Microsoft Updates for Multiple Vulnerabilities
TA11-166A: Adobe Updates for Multiple Vulnerabilities
TA11-130A: Microsoft Updates for Multiple Vulnerabilities
TA11-102A: Microsoft Updates for Multiple Vulnerabilities
Bugtraq Topics
via SecurityFocus,
[ MDVSA-2014:234 ] libksba
[ MDVSA-2014:235 ] perl-Plack
[ MDVSA-2014:236 ] file
[ MDVSA-2014:237 ] perl-Mojolicious
[security bulletin] HPSBGN03209 rev.1 - HP Application Lifecycle Management running SSLv3, Remote Disclosure of Information
Defense in depth -- the Microsoft way (part 22): no DEP in Windows' filesystem (and ASLR barely used)
[SECURITY] [DSA 3078-1] libksba security update
[ MDVSA-2014:233 ] wordpress
[KIS-2014-13] Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability
[ MDVSA-2014:231 ] icecast
Top Worms and Viruses
via Sophos,
Troj/Invo-Zip
W32/Netsky
Mal/EncPk-EI
Troj/Pushdo-Gen
Troj/Agent-HFU
Mal/Iframe-E
Troj/Mdrop-BTV
Troj/Mdrop-BUF
Troj/Agent-HFZ
Troj/Agent-HGT
Latest MS bulletins
via Microsoft,
MS11-703 - Important: Test MNP bulletin #3 (test0703)
MS11-702 - Moderate: Test MNP bulletin #2 (test0702)
MS11-701 - Low: Test MNP bulletin #1 (test0701)
MS11-069 - Moderate: Vulnerability in .NET Framework Could Allow Information Disclosure (2567951)
MS11-068 - Moderate: Vulnerability in Windows Kernel Could Allow Denial of Service (2556532)
MS11-067 - Important: Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578230)
MS11-066 - Important: Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2567943)
MS11-065 - Important: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (2570222)
MS11-064 - Important: Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894)
MS11-063 - Important: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680)
Stock Watch
via Yahoo! Finance
Updated 11/28/2014
NASDAQ 4791.63 +4.312
JNPR 22.16 +0.06
SYMC 26.09 +0.155
CSCO 27.64 +0.215
CKP 12.76 -0.15
MSFT 47.81 +0.06
IBM 162.17 +0.22
INTC 37.25 +0.35
AMD 2.79 -0.05
CIC.TO 11.69 +0.08
CA 31.15 +0.29
BCSI 0.00 N/A
VRSN 60.10 +0.03
INTC 37.25 +0.35
CUDA 35.93 +0.08
SPLK 67.10 -0.91
FEYE 30.29 -1.37
QLYS 35.49 +0.52
PANW 123.00 +2.40
HPQ 39.06 -0.10
IMPV 42.54 -1.29
PFPT 43.42 -0.88

 

Recent News

Sony staff face 'weeks of pen and paper' after crippling network hack
The Register - Security: Anti-Virus

And compromising details for megastars may have been pinched report

Sony Pictures still hasn't recovered from a comprehensive attack on its computer networks and staff have been reduced to doing their work by hand according to insiders.


That sub-$100 Android slab you got on Black Friday? RIDDLED with holes, say infosec bods
The Register - Security: Anti-Virus

You get what you pay for

Those fighting through hordes of fellow crazed bargain junkies this Black Friday should avoid some of the cheapo Android tablets on offer.


Re: safest computers
RISKS Digest

Recent RISKS Problematic Posts
RISKS Digest

Uber's Underhanded App reporting data back w/o permission
RISKS Digest

Happy Tracksgiving!
RISKS Digest

FBI Phone Hacks Could Hurt Intelligence Gathering
RISKS Digest

The branded bug: Meet the people who name vulnerabilities
RISKS Digest

USPS Played Cat And Mouse With Cyber Attacker
RISKS Digest

Now, Anyone Can Buy a Drone. Heaven Help Us.
RISKS Digest

Vigil@nce - Apache httpd: buffer overflow of mod_proxy_fcgi, analyzed on 13/11/2014
Vigil@nce - public vulnerabilities
An attacker can generate a buffer overflow in mod_proxy_fcgi of Apache httpd, in order to trigger a denial of service, and possibly to execute code.

Vigil@nce - Linux kernel: denial of service via SCTP INIT, analyzed on 13/11/2014
Vigil@nce - public vulnerabilities
An attacker can send a malicious SCTP INIT packet to the Linux kernel, in order to trigger a denial of service.

Hacker Lexicon: What Is the Computer Fraud and Abuse Act?
LinuxSecurity.com - Latest News
LinuxSecurity.com: In 1984, the world was just emerging from its digital Dark Age. CompuServe, the world's first commercial email provider, was still trying to interest users in its fledgling service, and computer viruses and worms were still large

World's best threat detection pwned by HOBBIT
LinuxSecurity.com - Latest News
LinuxSecurity.com: Some of the world's best threat detection platforms have been bypassed by custom malware in a demonstration of the fallibility of single defence security. Five un-named top advanced threat detection products were tested against

Vigil@nce - F5 BIG-IP: directory traversal, analyzed on 13/11/2014
Vigil@nce - public vulnerabilities
An attacker can traverse directories of F5 BIG-IP, in order to detect a file outside the service root path, and then to delete it.

Vigil@nce - WordPress SupportEzzy Ticket System: Cross Site Scripting, analyzed on 13/11/2014
Vigil@nce - public vulnerabilities
An attacker can trigger a Cross Site Scripting of WordPress SupportEzzy Ticket System, in order to execute JavaScript code in the context of the web site.

Vigil@nce - Joomla MijoShop: SQL injection, analyzed on 13/11/2014
Vigil@nce - public vulnerabilities
An attacker can use a SQL injection of Joomla MijoShop, in order to read or alter data.

Vigil@nce - Joomla AceShop: SQL injection, analyzed on 13/11/2014
Vigil@nce - public vulnerabilities
An attacker can use a SQL injection of Joomla AceShop, in order to read or alter data.

Vigil@nce - Wireshark: multiple vulnerabilities, analyzed on 13/11/2014
Vigil@nce - public vulnerabilities
An attacker can use several vulnerabilities of Wireshark.

Vigil@nce - Drupal Scheduler: Cross Site Scripting, analyzed on 13/11/2014
Vigil@nce - public vulnerabilities
An attacker can trigger a Cross Site Scripting of Drupal Scheduler, in order to execute JavaScript code in the context of the web site.

Vigil@nce - Drupal Webform Component Roles: read-write access, analyzed on 13/11/2014
Vigil@nce - public vulnerabilities
An attacker can bypass access restrictions of Drupal Webform Component Roles, in order to alter data.

Vigil@nce - Drupal Freelinking: Cross Site Scripting, analyzed on 13/11/2014
Vigil@nce - public vulnerabilities
An attacker can trigger a Cross Site Scripting of Drupal Freelinking, in order to execute JavaScript code in the context of the web site.

Over 23,000 Web servers infected with CryptoPHP backdoor
Techworld.com Security News
Over 23,000 Web servers were infected with a backdoor called CryptoPHP that's bundled with pirated themes and plug-ins for popular content management systems.

Early version of new POS malware family spotted
Techworld.com Security News
A security researcher came across what appears to be a new family of point-of-sale malware that few antivirus programs were detecting.

World's best threat detection pwned by HOBBIT
The Register - Security: Anti-Virus

Forget nation-states, BAB0 is the stuff of savvy crims

Some of the world's best threat detection platforms have been bypassed by custom malware in a demonstration of the fallibility of single defence security.


Hackers force message on websites via US firm
Yahoo! News: Security News
LOS ANGELES (AP) A U.S. firm that helps connect more than 700 companies with customers through social media says a Syrian group hacked the company's web address to upload a message to other websites.

Cryptocurrency cruncher cranks prime number constellation
The Register - Security: Anti-Virus

Riecoin distributed miner claims world record for prime sextuplet generation

Bitcoin mining, our own Simon Rockman wrote last Januar

Edward Snowden: best ... security ... educator ... EVER!
The Register - Security: Anti-Virus

Study finds those aware of leaker-at-large harden start to surf smart

A good deal of folk aware of NSA leaker Edward Snowden have improved the security of their online activity after learning of his exploits, a large survey has found.


Leaked Syrian log files reveal attempts to starve rebels of information
The Register - Security: Anti-Virus

Users self-censor to avoid arrest

Syria's Bashar al Assad-led regime blocked scores of legitimate services and entire network regions in its bid to scrub out access to sites such as Reddit, Google and Skype, the first analysis of the nation's

Hackers force message on websites via US firm
Yahoo! News: Security News
LOS ANGELES (AP) A U.S. firm that helps connect more than 700 companies with customers through social media says a Syrian group hacked the company's web address to upload a message to other websites.

Syrian Electronic Army hits numerous media sites with DNS redirection attack
Techworld.com Security News
Pro-Assad nuisance-makers The Syrian Electronic Army (SEA) have returned from their slumber to pull of another DNS-level hack on numerous websites including UK newspapers The London Evening Standard, The Independent, The Chicago Tribune, CNBC, The Daily T

Vigil@nce - GnuTLS: memory corruption via ECC, analyzed on 12/11/2014
Vigil@nce - public vulnerabilities
An attacker can generate a memory corruption via ECC of GnuTLS, in order to trigger a denial of service, and possibly to execute code.

Vigil@nce - Cisco Unified Communications Manager: bypassing authentication of Remote Mobile Access, analyzed on 12/11/2014
Vigil@nce - public vulnerabilities
An attacker can use an X.509 certificate with a SAN field on Cisco Unified Communications Manager, in order to access to Remote Mobile Access.

Vigil@nce - WordPress Another WordPress Classifieds: SQL injection, analyzed on 12/11/2014
Vigil@nce - public vulnerabilities
An attacker can use a SQL injection of WordPress Another WordPress Classifieds, in order to read or alter data.

Home Office: Fancy flogging us some SECRET SPY GEAR?
The Register - Security: Anti-Virus

If you do, tell NOBODY what it's for or how it works

The Home Office is seeking suppliers for a 20m contract for a "bespoke tracking and surveillance system" for all law enforcement agencies.


Home Depot hacker hosing cost a wallet-draining $43m (so far)
The Register - Security: Anti-Virus

Card firms might make claims against hardware giant, it warns

Hacked hardware mart Home Depot has forked out $43m to quash spot fires emanating from the data breach inferno this year, SEC filing documents show.


Syrian Electronic Army in news site 'hack' POP-UP MAYHEM
The Register - Security: Anti-Virus

Ad network code exploit blamed for pop-rageous ploy

The Syrian Electronic Army has hacked a number of news websites after apparently compromising a third party content delivery network, possibly an advertising network.