Treasure Map — Five Eyes Surveillance Program to Map the Entire Internet

The National Security Agency and its British counterpart, GCHQ, gained secret access to the German telecom companies’ internal networks, including Deutsche Telekom and Netcologne, in an effort to “map the entire Internet — any device, anywhere, all the time.” As reported by German news publicatio...

Users in Dark about Permissions Granted to Mobile Apps

It’s no secret that mobile applications are a greedy bunch, often grasping for many more permissions than necessary. The UK’s Information Commissioner’s Office ICO this week released the results of a study conducted by the Global Privacy Enforcement Network GPEN that quantified just how bad the...

DEBIAN-CVE-2014-5256

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service memory corruption and application crash via deep JSON...

CVE-2014-5256

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service memory corruption and application crash via deep JSON...

CVE-2014-5256

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service memory corruption and application crash via deep JSON...

UBUNTU-CVE-2014-5256

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service memory corruption and application crash via deep JSON...

CVE-2014-5256

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service memory corruption and application crash via deep JSON...

Verizon to Pay Largest Ever Consumer Privacy Settlement

Verizon will pay the Federal Communications Commission $7.4 million as part of a settlement over the company’s failure to adequately inform and obtain consent from customers before using their personal information to develop thousands of tailored marketing campaigns. Officials say this fine...

CVE-2014-1563

Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via an SVG animation...

Firefox < 32.0 Multiple Vulnerabilities

The version of Firefox installed on the remote host is a version prior to 32.0. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitrary code...

Mozilla Thunderbird < 31.1 Multiple Vulnerabilities (Mac OS X)

The version of Thunderbird installed on the remote Mac OS X host is a version prior to 31.1. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitra...

CVE-2014-1563

Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via an SVG animation...

Cisco 1800 Series ISR ISDN Basic Rate Interface Denial of Service Vulnerability

Cisco 1800 Series Integrated Services Routers ISR contain a vulnerability in the hardware entropy collection module when the Integrated Services Digital Network ISDN Basic Rate Interface BRI is configured and connected to a public switched network. This could allow an attacker with knowledge of t...

Worldview-3 — Satellite That Could Allow Google and U.S Government to See Your Face from Space

Majority of my articles are related to government spying, privacy and security issues of your online stuffs and also measures that you can adopt in protecting yourself from being spied on. But, your all efforts will soon be of no use - someone is about to secretly track your every footstep. Googl...

DLA-20-1 munin - security update

Bulletin has no description...

Leahy Introduces Bill to End Bulk Call Record Collection

Sen. Patrick Leahy has introduced an updated, tougher version of the USA FREEDOM Act that would end the bulk collection of data under Section 215 of FISA and also would require the appointment of a panel of special legal advocates who would represent the interests of individual privacy and civil...

EFF Files Motion Asking Judge to Rule NSA Data Collection Unconsitutional

The EFF has asked a federal judge to rule that the NSA’s collection of massive amounts of upstream user data is unconstitutional, violating the Fourth Amendment. The motion for partial summary judgment in the case of Jewel v. NSA, a six-year-old lawsuit related to NSA data collection on AT&T’s...

Viper - A binary management and analysis framework dedicated to malware and exploit researchers

Viper is a binary analysis and management framework. Its fundamental objective is to provide a solution to easily organize your collection of malware and exploit samples as well as your collection of scripts you created or found over the time to facilitate your daily research. Think of it as a...

AirWatch Data Collection

Binary data airwatchcollect.nbin...

Phishers Use Luis Suarez Bite as Bait

The World Cup is the most popular sporting event on the planet, and not just among sports fans; attackers and scammers of all stripes love it as well, as it presents a unique opportunity to separate victims from their money. Phishing and malware scams tied to the World Cup in Brazil have been...