Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
Monthly Archives: July 2016
Vuln: uclibc-ng and uclibc 'memset.S' Remote Code Execution Vulnerability
uclibc-ng and uclibc ‘memset.S’ Remote Code Execution Vulnerability
TFTP Server 1.4 WRQ Buffer Overflow
TFTP server version 1.4 WRQ buffer overflow exploit with egghunter shellcode.
Ubuntu Security Notice USN-3040-1
Ubuntu Security Notice 3040-1 – Multiple security issues were discovered in MySQL and this update include s new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.50 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.10 has been updated to MySQL 5.6.31. Ubuntu 16.04 LTS has been updated to MySQL 5.7.13. Various other issues were also addressed.
Google Fixes 48 Bugs, Sandbox Escape, in Chrome
Google fixed a whopping 48 security flaws in version 52 of its Chrome web browser.
Firefox to Block Flash in August, Disable in 2017
Starting next year, Firefox users who navigate to pages that contain Flash will be asked their consent before activating the plugin. The move, long expected, comes as developers seek to curb usage of Flash in everyday web browsing.
Police Unlock Dead Man's Phone by 3D-Printing his Fingerprint
Now no more fight with Apple or any smartphone maker, as federal authorities have discovered a new tool for unlocking phones, as far as your phone is using any biometric sensor…
3D Printing!
Yes, Police in Michigan is considering 3D printing a dead man’s fingers so they could unlock smartphones in investigation crimes using their biometric sensors.
<!– adsense –>
A new report published
Google Releases Security Update for Chrome
Original release date: July 21, 2016
Google has released Chrome version 52.0.2743.82 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Blue Team Training Toolkit (BT3) 1.2
Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto’s Maligno and Pcapteller.
OpenDNSSEC 2.0.1
OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.