UN Adopts Resolution Protecting Privacy Online

On the same day that a panel of experts delivered a report to the United States president recommending sweeping changes to the way that the National Security Agency collects, handles and stores intelligence, the United Nations unanimously adopted a resolution calling for the protection of users’...

U.S. District Court Judge Rules NSA Metadata Collection Likely Violates Fourth Amendment

A United States District Court judge has ruled that the bulk metadata collection program maintained by the National Security Agency for years now likely is unconstitutional. The judge, ruling on a pair of law suits that claimed the NSA’s methods violated users’ privacy and civil rights, said that...

CVE-2013-6359

Munin::Master::Node in Munin before 2.0.18 allows remote attackers to cause a denial of service abort data collection for node via a plugin that uses "multigraph" as a multigraph service name...

Flashlight App Settles with FTC

The makers of a popular Android flashlight application have settled with the Federal Trade Commission over allegations that they covertly tracked the locations of the “Brightest Flashlight Free” users and sold that information to advertising firms. The FTC’s charges stem primarily from the fact...

Mozilla: Use-after-free during Table Editing (MFSA 2013-109)

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by...

CVE-2013-5618

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by...

Design/Logic Flaw

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by...

CVE-2013-5618

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by...

Mozilla: Use-after-free during Table Editing (MFSA 2013-109)

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by...

CVE-2013-5618

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by...

Thunderbird < 24.2 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 24.2 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2013-5609, CVE-2013-5610 - Two use-after-free...

Debian DSA-2815-1 : munin - denial of service

Christoph Biedl discovered two denial of service vulnerabilities in munin, a network-wide graphing framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-6048 The Munin::Master::Node module of munin does not properly validate certain data a node...

Use-after-free during Table Editing — Mozilla

Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a use-after-free problem in the table editing user interface of the editor during garbage collection. This leads to a potentially exploitable crash...

DSA-2815-1 munin - denial of service

Bulletin has no description...

Your TV now watching you too! LG Smart TV caught collecting owners' Habits and USB file names

Now your TV is also watching you, and is smart enough to spy on you. A UK blogger, developer and Linux enthusiast, known only as DoctorBeet has discovered that LG's smart TVs are sending personal information back to the company's servers about what channels you watch and viewing habits. Actually,...

Your TV now watching you too! LG Smart TV caught collecting owners' Habits and USB file names

Now your TV is also watching you, and is smart enough to spy on you. A UK blogger, developer and Linux enthusiast, known only as DoctorBeet has discovered that LG's smart TVs are sending personal information back to the company's servers about what channels you watch and viewing habits. Actually,...

How to Collect Logs for Veeam Backup & Replication

Purpose This article documents how to collect logs from Veeam Backup & Replication and additional information to include when submitting a Veeam Support case for technical assistance. Additional Logging Veeam Backup & Replication interoperates with other Veeam products. Please refer to the...

OSX Screen Capture

This module takes screenshots of target desktop and automatically downloads them. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OSX Screen Capture', 'Description' = %q This module takes...

Stanford Metaphone Project Aims to Show Dangers of Metadata Collection

When the first NSA surveillance story broke in June, about the agency’s collection of phone metadata from Verizon, most people likely had never heard the word metadata before. Even some security and privacy experts weren’t sure what the term encompassed, and now a group of security researchers at...

Firefox < 25.0 Multiple Vulnerabilities

The installed version of Firefox is earlier than 25.0 and is, therefore, potentially affected by the following vulnerabilities : - The implementation of Network Security Services NSS does not ensure that data structures are initialized, which could result in a denial of service or disclosure of...