Proofpoint published research of never seen but heavily theorized Internet-of-Things cyber attack. They believe this is an industry first - standard household appliances such as smart TVs and Refrigerators used to send malicious and junk email accross the globe.
Wikileaks team and the World's most famous activist whistleblower are holding a talk in Saal 1 at Chaos Communication Congress in Hamburg, Germany.
According to documents released by Edward Snowden, NSA and GCHQ (UK version of NSA) use Google's cookies, primarily designed for interest-based ad-targeting, to identify their targets.
The official Website of U.S. Marines got hacked today by the hacktivist group Syrian Electronic Army following President Obama's announcement that he would seek congressional approvement for a military strike against Syria.
A new virus which is masquerading as a video message can hijack Facebook accounts and Google Chrome browsers.
News is spreading that google.ps was hacked by a Palestinian hacker group. The apparent google.ps hack actually consisted of posioning root DNS servers of the .ps TLD system. The DNS attack of course had political motives.
Department of Homeland Security issued an on Friday (02 Aug) following a vulnerability disclosure in all versions of the transport layer security (TLS) and secure sockets layer (SSL).
It seems more and more foreigners do their ATM hacking in Thailand. In the last 18 months over 10 groups of various nationalities have been arrested across Thailand for stealing.
Students from University of Texas at Austin were successful in spoofing GPS signals and steering $80m worth yacht off course. The experiment took place 30 miles off the coast of Italy while the yacht was sailing in international waters.
The famous German video game company Crytek recently took down 4 of it's websites. Apart from the usual "please change your password when you login", there's a chance the impact may be a bit further than just Crytek's websites.
Industry newsWe're reporting IT security news on a daily basis
- » APT 12 returns with new tools
- » New variant mobile worm
- » Google will help users surf safely
- » Microsoft employs hackers again
- » Xerox security vulnerability
- » FBI starts Operation Identity Shield
- » Black Hat reveals security issues again
- » A new Trojan hiding in e-mails
- » The fake Interpol site
- » Another Firefox exploit
- » 8000 websites defaced because of Lebanon war
- » New Microsoft update makes Windows incompatible
- » Firefox update fixes security issues
- » A Trojan in Firefox extension
AdvisoriesSecurity advisories by popular software Vendors
- Moderate Red Hat JBoss Portal 6.2.0 security upd
Red Hat: RHSA-2015:1226-01
- rubygem-moped 1.5.3 updates
- openvas-scanner 5.0.3 updates
- Moderate kernel security, bug fix, and enhanceme
Red Hat: RHSA-2015:1221-01
- openssl 1.0.1k updates
- wesnoth 1.12.4 updates
- wesnoth 1.12.4 updates
- polkit 0.113 updates
VulnerabilitiesWhat's cooking right now?
- » Med: The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secu
- » High: The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via a
- » Med: client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows l
- » High: The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up th
- » High: Directory traversal vulnerability in saveFile.jsp in the development installation in Visual Mining N
- » High: projectContents.jsp in the Developer tools in Visual Mining NetCharts Server allows remote attackers
- » High: Heap-based buffer overflow in the License Server (LicenseServer.exe) in Wavelink Terminal Emulation
- » High: Heap-based buffer overflow in the TermProxy (WLTermProxyService.exe) service in Wavelink ConnectPro
- » High: Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers
- » High: Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x before 4.0(2052) on Linux does not
- » High: Cisco Edge 300 software 1.0 and 1.1 on Edge 340 devices allows local users to obtain root privileges
- » High: Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM)
- » Med: Unspecified vulnerability in Easy Setup Wizard in HP ThinPro Linux 4.1 through 5.1 and Smart Zero Co