Hackers claim to have unearthed a zero-day vulnerability giving attackers admin rights to any Windows machine from Windows 2000 to a fully patched version of Windows 10.
Monthly Archives: May 2016
Millions of Stolen MySpace, Tumblr Credentials Being Sold Online
Hackers are selling roughly 427 million passwords belonging to users of MySpace along with information on 65 million Tumblr users.
Hackers Find Bugs, Extort Ransom and Call it a Public Service
Crooks breaking into enterprise networks are holding data they steal for ransom under the guise they are doing the company a favor exposing a flaw.
ProcessMaker 3.0.1.7 Cross Site Request Forgery / Cross Site Scripting
ProcessMaker version 3.0.1.7 suffers from cross site request forgery and cross site scripting vulnerabilities.
Comment on Registered the wrong email with paypal? Say goodbye to your money… by benito1130
Very interesting subject, thank you for putting up.
Comment on Registered the wrong email with paypal? Say goodbye to your money… by younghatley62
This website was… how do I say it? Relevant!! Finally I’ve found something which helped me. Appreciate it!
Konica Minolta FTP Utility 1.0 SEH Buffer Overflow
Konica Minolta FTP Utility version 1.0 CWD command SEH buffer overflow exploit.
Performance matters: Avira tops AV Comparatives test of performance
Avira was the absolute chart-topper in AV Comparatives most recent test on security software and its impact on computer performance.
The post Performance matters: Avira tops AV Comparatives test of performance appeared first on Avira Blog.
Gentoo Linux Security Advisory 201605-06
Gentoo Linux Security Advisory 201605-6 – Multiple vulnerabilities have been found in Firefox, Thunderbird, Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with the worst of which may allow remote execution of arbitrary code. Versions less than 4.12 are affected.
Red Hat Security Advisory 2016-1137-01
Red Hat Security Advisory 2016-1137-01 – OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.