VMWare Fusion Advisory VMSA-2016-0020:...
Richard Porter --- ISC Handler on Duty (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Stormcast For Thursday, November 17th 2016...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleExample of Getting Analysts & Researchers Away, (Wed, Nov 16th)
It is well-known that bad guys implement pieces of code to defeat security analysts and researchers. Modern malwareshave VM evasiontechniques to detect as soon as possible if they are executed in a...
View ArticleBugtraq: [ERPSCAN-16-031] SAP NetWeaver AS ABAP â?? directory traversal using...
[ERPSCAN-16-031] SAP NetWeaver AS ABAP â?? directory traversal using READ DATASET
View ArticleBugtraq: [ERPSCAN-16-032] SAP Telnet Console â?? Directory traversal...
[ERPSCAN-16-032] SAP Telnet Console â?? Directory traversal vulnerability
View ArticleBugtraq: Reason Core Security v1.2.0.1 - Unqoted Path Privilege Escalation...
Reason Core Security v1.2.0.1 - Unqoted Path Privilege Escalation Vulnerability
View ArticleBugtraq: CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read...
CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details
View ArticleVuln: curl/libcURL CVE-2016-7167 Multiple Integer Overflow Vulnerabilities
curl/libcURL CVE-2016-7167 Multiple Integer Overflow Vulnerabilities
View ArticleVuln: IBM Spectrum Scale and IBM GPFS CVE-2016-2984 Local Command Execution...
IBM Spectrum Scale and IBM GPFS CVE-2016-2984 Local Command Execution Vulnerability
View ArticleClik here to view.
Meet PoisonTap, the $5 tool that ransacks password-protected computers
Enlarge (credit: Samy Kamkar) The perils of leaving computers unattended just got worse, thanks to a newly released exploit tool that takes only 30 seconds to install a privacy-invading backdoor, even...
View ArticleClik here to view.
New attack reportedly lets 1 modest laptop knock big servers offline
(credit: Bonnie Natko) Researchers said they have discovered a simple way lone attackers with limited resources can knock large servers offline when they're protected by certain firewalls made by...
View ArticleClik here to view.
AdultFriendFinder hacked: 400 million accounts exposed
Enlarge AdultFriendFinder has been hacked, revealing the account details of more than 400 million people who would undoubtedly prefer to keep their identities private on the "world's largest sex and...
View ArticleClik here to view.
Lauri Love faces hacking trial in US after UK signs extradition order
Enlarge (credit: Justin Tallis/AFP/Getty Images) The UK's home secretary Amber Rudd has signed an extradition order agreeing that hacking suspect Lauri Love should face trial in the US. Love's family...
View ArticleClik here to view.
Chinese company installed secret backdoor on hundreds of thousands of phones
Enlarge / The BLU R1 HD is one of the devices that was backdoored by a Chinese software provider. (credit: Blue Products) Security firm Kryptowire has uncovered a backdoor in the firmware installed on...
View Article2016-11-18 example of KaiXin EK activity, (Fri, Nov 18th)
Introduction KaiXin exploit kit (EK) was first identified in August 2012 by Kahu Security [1], and it received some press from security-related blogs later that year [2, 3, 4]. Within the past year or...
View ArticleClik here to view.
Powerful backdoor/rootkit found preinstalled on 3 million Android phones
Enlarge Almost three million Android phones, many of them used by people in the US, are vulnerable to code-execution attacks that remotely seize full control of the devices, researchers said Thursday....
View ArticleVuln: HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
HDF5 CVE-2016-4333 Local Heap Buffer Overflow Vulnerability
View ArticleVuln: HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
HDF5 CVE-2016-4332 Local Heap Overflow Vulnerability
View ArticleVuln: IBM Connections CVE-2016-2953 Man in the Middle Information Disclosure...
IBM Connections CVE-2016-2953 Man in the Middle Information Disclosure Vulnerability
View ArticleVuln: HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
HDF5 CVE-2016-4330 Local Heap Overflow Vulnerability
View Article