Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Monthly Archives: June 2016
Zed Attack Proxy 2.5.0 Windows Installer
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.
Zed Attack Proxy 2.5.0 Mac OS X Release
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.
Zed Attack Proxy 2.5.0 Linux Release
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.
ManageEngine SelfService Plus Cross Site Scripting
ManageEngine SelfService Plus build 5312 (Mar 2016) and newer suffer from a cross site scripting vulnerability.
CVE-2016-1211
Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List 0.31 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-1403
CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005.
Irongate — New Stuxnet-like Malware Targets Industrial Control Systems
Security researchers have discovered a sophisticated piece of malware that uses tricks from the Stuxnet sabotage malware and is specifically designed to target industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems.
Researchers at the security firm FireEye Labs Advanced Reverse Engineering said on Thursday that the malware, dubbed “IRONGATE,” affects
Has Your TeamViewer Account Been Hacked? Here's What to Do Immediately
Do you have remote login software TeamViewer installed on your desktop?
If Yes, then it could be possible that your system can be accessed by attackers to steal your personal details, including your bank and PayPal accounts, as several reports on Reddit and Twitter suggests.
According to recent reports, the popular TeamViewer software that is used to remotely control PCs appears to have been
