Monthly Archives: November 2016
Google Pixel Pwned In 60 Seconds
A new era for politics and information security
Tuesday’s election defied virtually all expert opinion confidently put forth on traditional media channels. As many pundits have since accurately, albeit belatedly, noted, the outcome was a complete rejection of the country’s political establishment. More than that, it was a repudiation of the centralized, elite-driven information network that wrongly believed it still held a monopoly on public opinion. The result of this year’s presidential election is a stark indicator that the dominance of newspapers and cable television has passed, and that the new barometer of the public mood is social media—which Donald Trump understood better than any of the analysts and commentators who predicted his defeat.
MikroTik RouterOS 6.36.2 Cross Site Scripting
MikroTik RouterOS version 6.36.2 suffers from a cross site scripting vulnerability.
Intel Identity Protection Technology Host Interface Service 1.2.22.0 Privilege Escalation
Intel Identity Protection Technology Host Interface Service jhi_service.exe version 1.2.22.0 suffers from a privilege escalation vulnerability.
Intel Management And Security LMS.exe 7.1.13.1088 Privilege Escalation
Intel Management and Security Application Local Management Service LMS.exe version 7.1.13.1088 suffers from a privilege escalation vulnerability.
WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting
WordPress W3 Total Cache plugin version 0.9.4.1 suffers from a cross site scripting vulnerability.
WordPress W3 Total Cache 0.9.4.1 Race Condition
An information disclosure vulnerability was found in the W3 Total Cache plugin. This issue allows an attacker to hijack sensitive information, such as the administrator’s session cookie. Exploiting the vulnerability is possible during a short period of time when an administrator submits the support form. Version 0.9.4.1 is affected.
WordPress Google Maps 6.3.14 Cross Site Request Forgery
WordPress Google Maps plugin version 6.3.14 suffers from a cross site request forgery vulnerability.
Teradata Virtual Machine Community Edition 15.10 Insecure File Permission
Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure file permission vulnerability.