Posted by Jing Wang on May 24
*Gcon Tech Solutions v1.0 SQL Injection Web Security Vulnerabilities*
Exploit Title: Gcon Tech Solutions v1.0 content.php? &id Parameter SQL
Injection Security Vulnerabilities
Product: Gcon Tech Solutions
Vendor: Gcon Tech Solutions
Vulnerable Versions: v1.0
Tested Version: v1.0
Advisory Publication: May 24, 2015
Latest Update: May 24, 2015
Vulnerability Type: Improper Neutralization of Special Elements used in an
SQL Command (‘SQL…
Posted by Jing Wang on May 24
*SITEFACT CMS XSS (Cross-site Scripting) Web Security Vulnerabilities*
Exploit Title: SITEFACT CMS content.php? &id Parameter XSS Security
Vulnerabilities
Product: SITEFACT CMS (Content Management System)
Vendor: SITEFACT
Vulnerable Versions: version 2.01
Tested Version: version 2.01
Advisory Publication: May 24, 2015
Latest Update: May 24, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: *
Impact CVSS Severity (version…
Wouter Verhelst uploaded new packages for nbd which fixed the following security problems: CVE-2015-0847 Tuomas Räsänen discovered that nbd-server unsafe signal handling in nbd-server, the server for the Network Block Device protocol, could allow remote attackers to cause a deadlock in the server process and thus a denial of service. CVE-2013-7441 Tuomas Räsänen discovered that the modern-style negotiation was carried out in the main process before forking the actual client handler. This could allow a remote attacker to cause a denial of service (crash) by querying a non-existent export. For the squeeze-backports distribution,the problems have been fixed in version 1:3.2-4~deb7u5~bpo60+1. The wheezy-backports and jessie-backports suites do not contain nbd packages, and therefore are not vulnerable (but see DSA-3271-1).
For several days now we have been seeing many brands promoting their Instagram accounts with contests and giveaways. But sadly, once again, this is a scam! The Spanish National Police has warned about it through their Twitter account.
The alleged prize are gift brochures to spend on these clothes shops. To be able to win them you just have to follow that account and share it in your Instagram account.
Here you can see some examples:
Despite having seen this scam in Spain, we wanted you all to know, because we can find examples of these scams all over the world, so please be cautious, there is not such thing as a free lunch!
The post Scams have arrived on Instagram, watch out! appeared first on MediaCenter Panda Security.
23rd May, 2015
A security issue affects these releases of Ubuntu and its
derivatives:
The system could be made to crash under certain conditions.
A flaw was discovered in the Linux kernel’s IPv4 networking when using TCP
fast open to initiate a connection. An unprivileged local user could
exploit this flaw to cause a denial of service (system crash).
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
23rd May, 2015
A security issue affects these releases of Ubuntu and its
derivatives:
The system could be made to crash under certain conditions.
A flaw was discovered in the Linux kernel’s IPv4 networking when using TCP
fast open to initiate a connection. An unprivileged local user could
exploit this flaw to cause a denial of service (system crash).
The problem can be corrected by updating your system to the following
package version:
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
But the real reason we celebrate Memorial Day is to honor the memory of those who have served and fall in the U.S. Armed Forces.
As a product of the U.S. Army, it has always been a special observance in my family. I’m aware of the many opportunities the military gave me to learn, and the skills that I was able to develop. I’m also aware of the many sacrifices – sometimes the ultimate one – that come with the job. Some of the biggest sacrifices are made not only by those who serve but also by their spouses and children.
I think Memorial Day is a great opportunity to teach children the full meaning of the day. While children may not understand the full implications of Memorial Day, it’s good to instill the values of bravery and sacrifice.
We are keenly interested in children’s education at AVG, whether it’s online safety (via our Magda and Mo series) or online learning. I would encourage all parents, grandparents, and uncles and aunts to seize this day as a learning opportunity.
In that spirit, here are a few tech and non-tech ideas to help celebrate the holiday – and get the summer started for families, both military and civilian.
I’m sure your town or one near you has a Memorial Day parade. It’s a great way to get out and also get children to talk about the day in a natural way. You can see a parade listing, by state, on VetFriends here.
Blue Star Museums, a collaboration by the National Endowment for the Arts, Blue Star Families and the Department of Defense, offers free admission to more than 2,000 museums across the U.S. to the nation’s active-duty military personnel and their families (including National Guard and Reserve). Check out the Blue Star Museum site and click on a state to find the museums that are participating. The museums are free starting on Memorial Day, May 25 through Labor Day, September 7, 2015.
You can explore the history behind the War War II Memorial at the National Mall in Washington, D.C. and learn about the war via the World War II Memorial App. The app provides fun and educational interactive experiences, including a map and timeline, search for the names of service members who died during World War II, and photographs of the Memorial. The app was made possible in partnership with Altria, the Dr. Scholl Foundation, the Friends of the National WWII Memorial, and the National Park Service.
Or, try EveryTrail to take a walking tour of monuments, war memorials and national parks nearest you. EveryTrail offers sight seeing tours, road trip, hiking, cycling, flying and more with geo-tagged community generated travel content. There are trips collected from over 80 countries in the world, and you can create your own.
You can also visit a national cemetery. This isn’t as morbid as it may sound at first. The cemeteries are quiet and reverent; a great place to reflect on sacrifice and honor. Children – even young children –understand that people die, and if you put the event in context, I think this can be a very rewarding experience. You can find a listing of these cemeteries here .
Education World offers a number of activities online, including a crossword puzzle and ideas for a scavenger hunt to help children learn about the history of Memorial Day. Check it out here.
Want to learn more about your own family’s military history? From May 21-25 you can explore military records of your relatives for free on Ancestory.com.
Happy Memorial Day, everyone. And, thank you, to all of our military personnel and their families – past and present – for their service and sacrifice!
