Untrusted search path vulnerability in Flexera InstallShield through 2015 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file.
Monthly Archives: February 2016
Kaspersky Lab Releases New Kaspersky Internet Security for Mac with More Privacy Features
Kaspersky Lab Releases New Kaspersky Internet Security for Mac with More Privacy Features
Kaspersky Lab helps to disrupt the activity of the Lazarus Group responsible for multiple devastating cyber-attacks
Kaspersky Lab helps to disrupt the activity of the Lazarus Group responsible for multiple devastating cyber-attacks
The hackers that took down Sony Pictures are still on the attack, researchers say – The Washington Post
The hackers that took down Sony Pictures are still on the attack, researchers say – The Washington Post
The Sony Hackers Were Causing Mayhem Years Before They Hit the Company – Wired
The Sony Hackers Were Causing Mayhem Years Before They Hit the Company – Wired
FTC Shares Security Tips for ASUS Wireless Routers
Original release date: February 23, 2016 | Last revised: February 24, 2016
The Federal Trade Commission (FTC) has provided network security tips for vulnerable ASUS-branded wireless routers. Major security flaws in these routers may have exposed customers’ sensitive information to malicious actors.
FTC urges consumers to download the latest security updates for their routers and be cautious when setting up any personal cloud storage. Users and administrators are encouraged to visit FTC’s blog for more information and review US-CERT’s Tip on Securing Your Home Network ST15-002.
This product is provided subject to this Notification and this Privacy & Use policy.
[KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability
Posted by Egidio Romano on Feb 23
——————————————————————
Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability
——————————————————————
[-] Software Link:
[-] Affected Versions:
Version 1.9.2.2 and prior versions.
[-] Vulnerability Description:
The vulnerability is located in the /app/code/core/Mage/Rss/Helper/Order.php script,
specifically into the…
Vuln: Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
Vuln: GNU glibc 'getaddrinfo()' Function Multiple Stack Buffer Overflow Vulnerabilities
GNU glibc ‘getaddrinfo()’ Function Multiple Stack Buffer Overflow Vulnerabilities
DSA-3491 icedove – security update
Multiple security issues have been found in Icedove, Debian’s version of
the Mozilla Thunderbird mail client: Multiple memory safety errors,
integer overflows, buffer overflows and other implementation errors may
lead to the execution of arbitrary code or denial of service.