Proofpoint published research of never seen but heavily theorized Internet-of-Things cyber attack. They believe this is an industry first - standard household appliances such as smart TVs and Refrigerators used to send malicious and junk email accross the globe.
Wikileaks team and the World's most famous activist whistleblower are holding a talk in Saal 1 at Chaos Communication Congress in Hamburg, Germany.
According to documents released by Edward Snowden, NSA and GCHQ (UK version of NSA) use Google's cookies, primarily designed for interest-based ad-targeting, to identify their targets.
The official Website of U.S. Marines got hacked today by the hacktivist group Syrian Electronic Army following President Obama's announcement that he would seek congressional approvement for a military strike against Syria.
A new virus which is masquerading as a video message can hijack Facebook accounts and Google Chrome browsers.
News is spreading that google.ps was hacked by a Palestinian hacker group. The apparent google.ps hack actually consisted of posioning root DNS servers of the .ps TLD system. The DNS attack of course had political motives.
Department of Homeland Security issued an on Friday (02 Aug) following a vulnerability disclosure in all versions of the transport layer security (TLS) and secure sockets layer (SSL).
It seems more and more foreigners do their ATM hacking in Thailand. In the last 18 months over 10 groups of various nationalities have been arrested across Thailand for stealing.
Students from University of Texas at Austin were successful in spoofing GPS signals and steering $80m worth yacht off course. The experiment took place 30 miles off the coast of Italy while the yacht was sailing in international waters.
The famous German video game company Crytek recently took down 4 of it's websites. Apart from the usual "please change your password when you login", there's a chance the impact may be a bit further than just Crytek's websites.
Industry newsWe're reporting IT security news on a daily basis
- » APT 12 returns with new tools
- » New variant mobile worm
- » Google will help users surf safely
- » Microsoft employs hackers again
- » Xerox security vulnerability
- » FBI starts Operation Identity Shield
- » Black Hat reveals security issues again
- » A new Trojan hiding in e-mails
- » The fake Interpol site
- » Another Firefox exploit
- » 8000 websites defaced because of Lebanon war
- » New Microsoft update makes Windows incompatible
- » Firefox update fixes security issues
- » A Trojan in Firefox extension
AdvisoriesSecurity advisories by popular software Vendors
- Important rhevm-spice-client security update
Red Hat: RHSA-2014:0416-01
- Important libyaml security update
Red Hat: RHSA-2014:0415-01
- Important java-1.6.0-sun security update
Red Hat: RHSA-2014:0414-01
- Critical java-1.7.0-oracle security update
Red Hat: RHSA-2014:0413-02
- Critical java-1.7.0-oracle security update
Red Hat: RHSA-2014:0412-01
- json-c 0.11 updates
- openstack-keystone 2013.2.3 updates
- Important python-keystoneclient security update
Red Hat: RHSA-2014:0409-02
VulnerabilitiesWhat's cooking right now?
- » High: Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x befo
- » High: Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before
- » High: Cisco UCS Director (formerly Cloupia) before 220.127.116.11 has a hardcoded password for the root account,
- » High: The Cisco Unified SIP Phone 3905 with firmware before 9.4(1) allows remote attackers to obtain root
- » Med: Cisco Unified Computing System (UCS) Central Software 1.1 and earlier allows local users to gain pri
- » High: An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote att
- » Med: The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly
- » High: Cisco Prime Infrastructure 1.2 and 1.3 before 18.104.22.168-2, 1.4 before 22.214.171.124-2, and 2.0 before 2.0.
- » Med: The Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications M
- » Med: Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 thro
- » Med: Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS)
- » High: Unspecified vulnerability in Norman Security Suite 10.1 and earlier allows local users to gain privi
- » High: Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote attacke