"Details of issues fixed by Java SE 7 Update 21" follow up comments from...
We wanted to add the following information to our yesterday post.We've learned that RedHat's Bugzilla associates CVE-2013-1537 [1]with the RMI issue allowing for a remote loading and execution...
View ArticleNew Ponemon Study Shows That Reliance on Usernames and Passwords Inhibits...
Customer impact results in inconvenience and insecurity as current authentication drives frustration and subsequent lost revenue and trustPALO ALTO, Calif., April 17, 2013 /PRNewswire/ -- The Ponemon...
View ArticleManageEngine Fortifies EventLog Analyzer with File Integrity Monitoring
SIEM Solution Monitors All Changes to Critical System Folders, Files in Real TimeMitigate security threats and meet compliance requirements with agent-based file integrity monitoringKnow when files and...
View ArticleFacebook server data leaked by alpha zone
English translation AlpHa zONE data leak by cybxr :D and LEgit Hacker [0x00] [Introduction] [0x01] [First impressions] [0x02] [Search for...
View ArticleAverage Attack Bandwidth up 718 percent; Average Packet-Per-Second Rate...
Giant attacks overwhelming appliances, ISPs, carriers, content delivery networksHOLLYWOOD, Fla., April 17, 2013 /PRNewswire-iReach/ -- Prolexic Technologies, the global leader in Distributed Denial of...
View ArticleMultiple vulnerabilities in Sosci Survey
SEC Consult Vulnerability Lab Security Advisory < 20130417-0 >======================================================================= title: Multiple vulnerabilities in Sosci Survey product:...
View ArticleJava ActiveX Control Memory Corruption
SEC Consult Vulnerability Lab Security Advisory < 20130417-1 >======================================================================= title: Java ActiveX Control Memory Corruption product:...
View ArticleHTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server
SEC Consult Vulnerability Lab Security Advisory < 20130417-2 >======================================================================= title: HTTP header injection/Cache poisoning in Oracle...
View ArticleMultiple security issues for Open-Xchange Server 6 and OX AppSuite
Open-Xchange Security Advisory (multiple vulnerabilities)Multiple security issues for Open-Xchange Server 6 and OX AppSuite have been discovered and fixed. The vendor has chosen a responsible full...
View ArticleSitecom WLM-3500 backdoor accounts
Sitecom WLM-3500 backdoor accounts==================================[ADVISORY INFORMATION]Title: Sitecom WLM-3500 backdoor accountsDiscovery date: 24/03/2013Release date: 16/04/2013Credits: Roberto...
View Article[RHSA-2013:0752-01] Important: java-1.7.0-openjdk security update
===================================================================== Red Hat Security AdvisorySynopsis: Important: java-1.7.0-openjdk security updateAdvisory ID:...
View Article[RHSA-2013:0751-01] Critical: java-1.7.0-openjdk security update
===================================================================== Red Hat Security AdvisorySynopsis: Critical: java-1.7.0-openjdk security updateAdvisory ID:...
View Article[RHSA-2013:0753-01] Moderate: icedtea-web security update
===================================================================== Red Hat Security AdvisorySynopsis: Moderate: icedtea-web security updateAdvisory ID:...
View Article[SECURITY] [DSA 2661-1] xorg-server security update
- -------------------------------------------------------------------------Debian Security Advisory DSA-2661-1 security@debian.orghttp://www.debian.org/security/...
View ArticleMP3 Player - Cross Site Scripting (XSS)
View online: http://drupal.org/node/1972804 * Advisory ID: DRUPAL-SA-CONTRIB-2013-043 * Project: MP3 Player [1] (third-party module) * Version: 6.x * Date: 2013-April-17 * Security risk: Moderately...
View ArticleelFinder file manager - Cross Site Request Forgery (CSRF)
View online: http://drupal.org/node/1972942 * Advisory ID: DRUPAL-SA-CONTRIB-2013-044 * Project: elFinder file manager [1] (third-party module) * Version: 6.x, 7.x * Date: 2013-April-17 * Security...
View ArticleAutocomplete Widgets for Text and Number Fields (autocomplete_widgets) -...
View online: http://drupal.org/node/1972976 * Advisory ID: DRUPAL-SA-CONTRIB-2013-045 * Project: Autocomplete Widgets for Text and Number Fields [1] (third-party module) * Version: 6.x, 7.x * Date:...
View ArticleBlackhole Exploit Kit Spam Campaigns Disguised as Top Service Brands
Spam campaigns based on the Blackhole Exploit Kit send messages that contain links to compromised legitimate websites, which serve hidden iframes and redirections that exploit vulnerabilities across...
View ArticleOrangfuzz – an experimental user interaction fuzzer for Firefox OS
One of the goals of the fuzzing team is to identify security vulnerabilities within our products using various techniques. As we continue working with Firefox OS, we need to build and adapt the proper...
View ArticleThe beginners guide to breaking website security with nothing more than a...
You know how security people get all uppity about SSL this and SSL that? Stuff like posting creds over HTTPS isn’t enough, you have to load login forms over HTTPS as well and then you can’t send auth...
View Article