A survey of more than a million apps on the Google Play and iOS App Store has found that more than 40 percent of ‘risky mobile’ apps originate from the United States
The post America is the leading developer of “risky mobile apps”, claims report appeared first on We Live Security.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2015:032 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : php Date : February 5, 2015 Affected: Business Server 1.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been discovered and corrected in php: sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability t
CentOS Errata and Security Advisory 2015:0118 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0118.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: bad3e25be040d04b3465b004f1bf5e6bb59ed199002d6d30518c1b37ff9a599c mariadb-5.5.41-2.el7_0.x86_64.rpm 9f358d65718915fb9fa1a3f8cd5503c0c57d3898dab104168b7ed268927afc2c mariadb-bench-5.5.41-2.el7_0.x86_64.rpm 66841b0dfafe27b0441abdbfcc0c3cf0162ed232e0b7fb866cae2e1b89fd0c73 mariadb-devel-5.5.41-2.el7_0.i686.rpm d48dfe12ff12f83b67a41aca0df648b9f1fa19fd854476c0693bac25cc6f8181 mariadb-devel-5.5.41-2.el7_0.x86_64.rpm 650af06e10952a904d7f049eebbcff503baf1a872dce7b95158a9240ceba9f93 mariadb-embedded-5.5.41-2.el7_0.i686.rpm 762eb26cad7b854c356edd88fc9b28ca2fa61dbd1848eb9e8e75d5d7ea184455 mariadb-embedded-5.5.41-2.el7_0.x86_64.rpm 5cb480c0a99d9c5711f524d9172560f1d6cdf38c6b299381fe5f5b1d11ac2109 mariadb-embedded-devel-5.5.41-2.el7_0.i686.rpm 8874ac0173ead6080d28be02101f893e358f07524f54f14a2f970f8eecb7522c mariadb-embedded-devel-5.5.41-2.el7_0.x86_64.rpm 55797074c08ac8857232db2cc91336cbac1323404a902ce7d990a5835558043e mariadb-libs-5.5.41-2.el7_0.i686.rpm d67c7aebd7066e1f896d10e3c366535c03a423ed07151890849a828edecb10dc mariadb-libs-5.5.41-2.el7_0.x86_64.rpm 9b85fe1caf5a8688cd84f41de6ffb4c10a4dc1c29b5eb58bed4ba0346a0256ee mariadb-server-5.5.41-2.el7_0.x86_64.rpm 29a9b071e5eaf820f6a8cfd8ec1442ffb395daa5a1480b8416694b9c58a0cff8 mariadb-test-5.5.41-2.el7_0.x86_64.rpm Source: bed5735782a8cd30854f7158d6c96b775d62d89c9b14cdcdba80b6fb7715addc mariadb-5.5.41-2.el7_0.src.rpm
CentOS Errata and Enhancement Advisory 2015:0122 Upstream details at : https://rhn.redhat.com/errata/RHEA-2015-0122.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 124869a5c14448855093765e68cf8193023be1b33d7180342926f15d78cae95f resource-agents-3.9.5-26.el7_0.7.x86_64.rpm Source: ea73e94698ddd5bfbd0c2bd5d46116d7b08bbdaa733ed09598d3be9ef59cb9eb resource-agents-3.9.5-26.el7_0.7.src.rpm
CentOS Errata and Bugfix Advisory 2015:0131 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0131.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 3770a731974751dc27346b9ed4f7c494588dde884fd79969a61a8eeb84c79680 libvirt-1.1.1-29.el7_0.7.x86_64.rpm 7ae2765d426b30af80ada68da0df2c780cc0c4113b20845f0a37dbfef195be3d libvirt-client-1.1.1-29.el7_0.7.i686.rpm 4ddeb8022ccbef07a27c75ca3f688280e773a39473f42ce425629801ef1fd554 libvirt-client-1.1.1-29.el7_0.7.x86_64.rpm 288afae70fb572284bbbc88911ff2c79b3cdce0b869b5052afe0cd380313de7d libvirt-daemon-1.1.1-29.el7_0.7.x86_64.rpm 1e4e40d6d4095c9204cd17c195c35e558d5c6342bbf9fcb925e424f8bde849ea libvirt-daemon-config-network-1.1.1-29.el7_0.7.x86_64.rpm 49d44b254a0e7d97c8e5f41ce066f31c8516a9d62837f7d1b37d43ddd72419b4 libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.7.x86_64.rpm 1f39b5292ef41daec4a31655a379049548e78a52f2ce4102bd90cccc504f4ef8 libvirt-daemon-driver-interface-1.1.1-29.el7_0.7.x86_64.rpm 4ac04029552b385e7f1c37e3b3a24eabf69aa67782ef5d5231180263f749786c libvirt-daemon-driver-lxc-1.1.1-29.el7_0.7.x86_64.rpm 872e6fc763daad41f532dcdeec794a63bded4a8abbf81d15993420a2c32bb46b libvirt-daemon-driver-network-1.1.1-29.el7_0.7.x86_64.rpm e3a409c3146ad32187075bdcf18effabef4533ddf65452c6e531a2ab5efec302 libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.7.x86_64.rpm 61c5d1d9ff716f528780fe2bf627c8f94298bc6cc25d25af49020e2738f9bb1f libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.7.x86_64.rpm 05a3ee1682742b9da5973c4528455efd995799ba612cddb7c5750adbaaefe27d libvirt-daemon-driver-qemu-1.1.1-29.el7_0.7.x86_64.rpm 64e9577205411042eb603ac73c2217153e7023cea0e643322e6738ce31460aaa libvirt-daemon-driver-secret-1.1.1-29.el7_0.7.x86_64.rpm 9e24e5619ae8da15e66a946b3a66033258aa3a26213a8ec1379d9a2e2dfe0f95 libvirt-daemon-driver-storage-1.1.1-29.el7_0.7.x86_64.rpm 3ed24427f2e1931f9c83925063b8a969d36d8a71f705f578d41c399cd544fe9c libvirt-daemon-kvm-1.1.1-29.el7_0.7.x86_64.rpm fd3c6750e0c7440c8de31a99ddaa26ed2582ddd9263a3b60718dd428280c61ba libvirt-daemon-lxc-1.1.1-29.el7_0.7.x86_64.rpm 0a75eeabdd9f3383905b1b31f26b4f299fbf3ddc625ef065f0ff981599ecef0f libvirt-devel-1.1.1-29.el7_0.7.i686.rpm 8137bec6ba39de42836cac97799818fda7cfc6b532e17d65f892ce0e09a2f09b libvirt-devel-1.1.1-29.el7_0.7.x86_64.rpm 3b483a537b07e90ebfa32a257ebc71c04361f17ca2377a09c01db897eae00d38 libvirt-docs-1.1.1-29.el7_0.7.x86_64.rpm 0c24b88d75a072b5d9b19e8a08873ff8754dbe5c14f6942800c91726b989b471 libvirt-lock-sanlock-1.1.1-29.el7_0.7.x86_64.rpm 17e1f0bab66a3e43c7381d08de98ddbf9629ee1275e9458dd1fad6342d86bc4c libvirt-login-shell-1.1.1-29.el7_0.7.x86_64.rpm 6e730906804572cd2c08ed08b5f89b5c1f4a49209e5324317c3405059c8f76ab libvirt-python-1.1.1-29.el7_0.7.x86_64.rpm Source: 0bdc1c1589d71ee5cc681cac25646f219f8d6baa52bd5a8872117004c6feb168 libvirt-1.1.1-29.el7_0.7.src.rpm
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2015:031 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : busybox Date : February 5, 2015 Affected: Business Server 1.0 _______________________________________________________________________ Problem Description: Updated busybox packages fix security vulnerability: The modprobe command in busybox before 1.23.0 uses the basename of the module argument as the module to load, allowing arbitrary modules, even when some kernel subsystems try to prevent this (CVE-2014-9645). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9645 http://advisories.mageia.org/MGASA-2015-0041.html __________________________________________________________________
A war hero in a mathematician’s skin. That was Alan Turing. The man considered the father of computer science played a key role during World War II: Historians believe that Turing’s work shortened the war by two years. How? By breaking the Nazi’s Enigma Code, considered an impossible feat until then.
Forced to undergo chemical castration for his sexual orientation and branded a criminal for the same reason, Alan Turing and his role in World War II were almost forgotten until Great Britain, through a letter written by Prime Minster Gordon Brown, apologized in 2009 for how this computing genius was treated.
Now Hollywood is paying homage to Turing with ‘The Imitation Game‘, the movie that premiered in the United States and the United Kingdom in November in which Benedict Cumberbatch, known for his starring role in the series ‘Sherlock’, plays Alan Turing.
The movie, with some inaccuracies, focuses on the fight against Enigma, the machine that the Germans used during World War II to send messages without the allies being able to understand their content in time.
It all happened in Bletchley Park. This estate located an hour from London was the headquarters of the United Kingdom’s Government Code and Cypher School (GC&CS), training an army of cryptographers whose goal was to intercept and decipher the messages that the Nazis were sending at the height of World War II.
One of the leaders of the cryptographers who worked at Bletchley Park was Alan Turing, who joined the GC&CS aged just 26. It was there that Turing developed his own machine, the one that helped break the powerful Enigma Code: it was called ‘the bombe’.
Enigma worked with a system of five rotors that resulted in millions of combinations of coded text. And that is not all, the machine’s settings changed every day and the volume of messages was so large that Bletchley Park had up to 10,000 cryptographers trying to decipher them at the necessary speed.
That was until the bombe arrived. Based on the work done by the Polish intelligence service, in just three months Turing developed a machine capable of deciphering the Germans’ messages using mathematical analysis techniques that determined the most probable position of Enigma’s rotors.
Created in 1940, three years later the bombe was deciphering more than 84,000 Enigma messages a month. The system created by Turing, and Gordon Welchman, thereby accelerated the discovery of the Germans’ movements communicated under the guise of Enigma.
Turing’s work not only shortened the war by two years but it is estimated that no less than fourteen million lives were saved by the discovery made at Bletchley Park.
After this milestone, which made him a war hero, Turing continued striving to become known today as the father of computer science: after World War II came the Turing test, or the first computer chess game. Unfortunately, a tragic and final end and five decades of obscurity also came. Now it is starting to be repaired.
The post ‘The Imitation Game’: The greatest milestone in the history of cryptography hits the big screen appeared first on MediaCenter Panda Security.
WatchGuard’s Firebox M440 impresses editors with superb value, top performance, extensive security measures, high port density and integral wireless gateway controller
Three HP ZDI researchers won a $125,000 bounty from Microsoft for successful attacks against memory protections introduced last summer into Internet Explorer.
Anthem Inc. has suffered an attack on its database which is likely to be the biggest data breach ever disclosed by a health insurance company.
The post Anthem hack could affect 80 million health insurance customers appeared first on We Live Security.
