What We Know About Microsoft Office Zero Day
MS13-051 Microsoft Office bulletin was release Tuesday 11th 2013 during the traditional Patch Tuesday. This bulletin fix one vulnerability, CVE-2013-1331, with a base CVSS score of 9.3 and targeting...
View Article[OSSA 2013-015] Authentication bypass when using LDAP backend (CVE-2013-2157)
OpenStack Security Advisory: 2013-015CVE: CVE-2013-2157Date: June 13, 2013Title: Authentication bypass when using LDAP backendReporter: Jose Castro Leon (CERN)Products: KeystoneAffects: Folsom,...
View Article[OSSA 2013-016] Unchecked user input in Swift XML responses (CVE-2013-2161)
OpenStack Security Advisory: 2013-016CVE: CVE-2013-2161Date: June 13, 2013Title: Unchecked user input in Swift XML responsesReporter: Alex Gaynor (Rackspace)Products: SwiftAffects: All...
View ArticleMicrosoft botnet smackdown 'caused collateral damage, failed to kill target'
Microsoft is attracting fresh criticism for its handling of the Citadel botnet takedown, with some security researchers pointing to signs that the zombie network is already rising from the grave...
View ArticleThe number of Tor users rises in certain countries after news about PRISM and...
Tor as you may know per its website https://www.torproject.org/ is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and...
View ArticlePart 1. -Speech Privacy Systems- Interception, Diagnosis, Decoding,...
For most of history, it was believed that the only way a message could be encrypted was if the sender and the receiver shared the secret of srambling and unscrambling the text. That view changed...
View ArticleSony CH / DH Cross Site Request Forgery Vulnerability
1.Advisory InformationTitle: Sony CH, DH Series VulnerabilityDate Published: 12/06/2013Date of last updated: 12/06/20132.Vulnerability DescriptionWe have found the next vulnerability in these...
View ArticleCloudFlare, PRISM, and Securing SSL Ciphers
Over the last week we've closely watched the disclosures about the alleged NSA PRISM program. At CloudFlare, we have never been approached to participate in PRISM or any other similar program. We do,...
View ArticleMtGox Phishing Campaign Hits Bing, Yahoo!
An active phishing campaign targeting account holders at popular Bitcoin exchange MtGox.com has hijacked the top search results at Bing and Yahoo.com, redirecting unwary clickers to mtpox.com, a...
View ArticleBrowse anonymously anywhere you go with the Onion Pi Tor proxy.
Feel like someone is snooping on you? Browse anonymously anywhere you go with the Onion Pi Tor proxy. This is fun weekend project that uses a Raspberry Pi, a USB WiFi adapter and Ethernet cable to...
View ArticleOpt out of PRISM, the NSA’s global data surveillance program.
Stop reporting your online activities to the American government with these free alternatives to proprietary software.click here....http://prism-break.org/
View ArticleFacebook, Microsoft release info on US government data requests
Facebook received between 9,000 and 10,000 requests for user data from various U.S. government entities in 2012's second half, involving 18,000 to 19,000 of its users' accounts, the world's largest...
View ArticleWriting Exploits For Exotic Bug Classes: unserialize()
IntroTired of all the same re-hashed articles on exploiting the SQL injections, XSS, XSRF, File Inclusion, basic overflows, and more? I am, so I started writing more interesting material. This started...
View ArticleAndroid ICS "adb restore" directory traversal vulnerability
adb (Android Debug Bridge) backup/restore allows you to backup and restoreapplications via adb, including system applications.The backed up files are stored in tar.zlib (named .ab by default)...
View ArticlePROJECT LOON- a network of balloons traveling on the edge of space, designed...
I thought many of you would like this. Click here for more information on Project Loon...http://www.google.com/loon/
View ArticleMicrosoft Outlook Vulnerability: S/MIME Loss of Integrity
Microsoft Outlook (all versions) suffers from an S/MIME loss of integrityissue.Outlook does not warn against a digitally signed MIME message whose X509EmailAddress attribute does not match the mail's...
View ArticleThe National Security Agency has acknowledged in a new classified briefing...
Rep. Jerrold Nadler, a New York Democrat, disclosed this week that during a secret briefing to members of Congress, he was told that the contents of a phone call could be accessed "simply based on an...
View ArticleSudden Death Entropy Failures
During the time that the RSA patent was in force, DSA was the signature algorithm of choice for any software that didn't want to deal with patent licenses. (Which is why lots of old PGP keys are still...
View ArticleCracking Linux and Windows Password Hashes with Hashcat
I decided to write up some Hashcat projects for my students:Cracking Linux Password Hashes with HashcatCracking Windows Password Hashes with HashcatThe results were impressive and easy to understand.By...
View ArticleDoS vulnerability in Mozilla Firefox and Microsoft Internet Explorer
I want to warn you about Denial of Service vulnerability in Mozilla Firefox and Microsoft Internet Explorer.Earlier Jean Pascal Pereira has found DoS vulnerability in browser Firefox 14.0.1...
View Article