Cross-site scripting (XSS) vulnerability in VMware vRealize Business Advanced and Enterprise 8.x before 8.2.5 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Monthly Archives: March 2016
CVE-2016-2846
Siemens SIMATIC S7-1200 CPU devices before 4.0 allow remote attackers to bypass a “user program block” protection mechanism via unspecified vectors.
Kaspersky Lab and WISeKey launch an encrypted vault for all that is precious on your mobile: the WISeID Kaspersky Lab Security app
Kaspersky Lab and WISeKey today announced the release of a special edition of the cyber-resilience app, WISeID Kaspersky Lab Security.
FreeBSD-SA-16:14.openssh
FreeBSD-SA-16:15.sysarch
No longer fun and games: Steam account hijacking becomes booming business
Meet Steam Stealer, a malware that has turned Steam gaming account hijacks into a lucrative business for cybercriminals and script aficionados alike.
Google Traffic Is 77% Encrypted
Google reports that 77% of traffic to its servers uses encrypted connections
Netwrix Auditor 7.1.322.0 ActiveX (sourceFile) Stack Buffer Overflow
Netwrix Auditor version 7.1.322.0 suffers from a stack-based buffer overflow vulnerability when parsing large amount of bytes to the ‘sourceFile’ string parameter in PackFile() and UnpackFile() functions in ‘Netwrix.Common.CollectEngine.dll’ library, resulting in stack overrun overwriting several registers including the SEH chain. An attacker can gain access to the system of the affected node and execute arbitrary code.
Security BSides Las Vegas 2016 Call For Papers
BSides Las Vegas 2016 has announced its Call For Papers. It will take place August 2nd and 3rd, 2016, in Las Vegas, Nevada.