NSA Director Alexander Grilled by Senate Committee

National Security Agency director Gen. Keith Alexander was asked some pointed questions by the Senate Appropriations Committee this afternoon regarding the spy agency’s surveillance of Americans’ phone calls and electronic communication in the name of fighting terrorism. Alexander provided little...

[SECURITY] Fedora 18 Update: juk-4.10.4-1.fc18

Juk is a jukebox, tagger and music collection manager...

Suit Filed Against NSA, Obama Over Surveillance Program

A group of people, including a former federal prosecutor and the parents of a Navy SEAL sniper killed in action, have filed a class-action law suit against the National Security Agency, Verizon and President Obama over the NSA’s collection of cell phone data. The suit says the order that enabled...

Clappers Says NSA Programs Fully Authorized and Necessary

The top U.S. intelligence official addressed the recent revelations about the National Security Agency’s covert cell-phone and email data collection surveillance programs on Thursday, saying that the programs have been ongoing for years, are fully authorized under U.S. law and that the leaks...

NSA's PRISM spy program, mining data from nine biggest Internet companies

The National Security Agency, part of the U.S. military reportedly has a direct line into the systems of some of the world’s biggest Web and tech companies, i.e Microsoft, Google, Facebook, Skype. The NSA access is part of a previously undisclosed program called PRISM, 6-year-old program which...

[SECURITY] Fedora 19 Update: pairs-4.10.4-1.fc19

Pairs is a collection of games aimed to help the development of preschool children. With these games the child can improve memory, logic, hearing and even reading skills. Each game can have different themes so the child is stimulated with different and new challenges...

[SECURITY] Fedora 19 Update: juk-4.10.4-1.fc19

Juk is a jukebox, tagger and music collection manager...

CVE-2013-0464

Multiple cross-site scripting XSS vulnerabilities in IBM Eclipse Help System IEHS 3.4.3 and 3.6.2, as used in IBM SPSS Data Collection 6.0, 6.0.1, and 7.0, allow remote attackers to inject arbitrary web script or HTML via a crafted URL...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in IBM Eclipse Help System IEHS 3.4.3 and 3.6.2, as used in IBM SPSS Data Collection 6.0, 6.0.1, and 7.0, allow remote attackers to inject arbitrary web script or HTML via a crafted URL...

UBUNTU-CVE-2013-0464

Multiple cross-site scripting XSS vulnerabilities in IBM Eclipse Help System IEHS 3.4.3 and 3.6.2, as used in IBM SPSS Data Collection 6.0, 6.0.1, and 7.0, allow remote attackers to inject arbitrary web script or HTML via a crafted URL...

CVE-2013-0464

Multiple cross-site scripting XSS vulnerabilities in IBM Eclipse Help System IEHS 3.4.3 and 3.6.2, as used in IBM SPSS Data Collection 6.0, 6.0.1, and 7.0, allow remote attackers to inject arbitrary web script or HTML via a crafted URL...

IBM SPSS Data Collection CVE-2013-0464跨站脚本漏洞

Bugtraq ID:60246 CVE ID:CVE-2013-0464 IBM SPSS Data Collection是全球业界领先的问卷调查、市场研究以及客户行为分析的专业解决方案。 IBM SPSS Data Collection存在一个输入验证漏洞，允许远程攻击者利用漏洞注入恶意脚本或HTML代码，当恶意数据被用户查看时可获取敏感信息或劫持用户会话。 0 IBM SPSS Data Collection 6.0.1 IBM SPSS Data Collection 6.0 IBM SPSS Data Collection 7.0 用户可参考如下厂商提供的安全公告获得补丁程序：...

Scientific Linux Security Update : selinux-policy enhancement update on SL6.x i386/x86_64 (20130603)

This update adds the following enhancements : Previously, the mysqldsafe script was unable to execute a shell /bin/sh with the shellexect SELinux security context. Consequently, the mysql55 and mariadb55 Software Collection packages were not working correctly. With this update, SELinux policy rul...

Mozilla Delays Third-Party Cookie Patch in Firefox

Mozilla has tapped the brakes on its plans to block third-party cookies by default in the Firefox browser. Test versions of Firefox 22, scheduled for a June release, were supposed to include a patch that blocked third-party cookie drops by default. However, Mozilla CTO Brendan Eich said yesterday...

[Cuckoo Sandbox v0.6] Software for Automating Analysis of Suspicious Files

Cuckoo Sandbox is an Open Source software for automating analysis of suspicious files. To do so it makes use of custom components that monitor the behavior of the malicious processes while running in an isolated environment. Cuckoo generates a handful of different raw data which include: Native...

[ExploitSearch.net] Exploit / Vulnerability Search Engine

Exploitsearch.net , is an attempt at cross referencing/correlating exploits and vulnerability data from various sources and making the resulting database available to everyone. Unlike other exploit search engines which are simply custom google searches, this site actually crawls the source...

Fedora Update for mongodb FEDORA-2013-4531

Check for the Version of mongodb OpenVAS Vulnerability Test Fedora Update for mongodb FEDORA-2013-4531 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for mongodb FEDORA-2013-4539

Check for the Version of mongodb OpenVAS Vulnerability Test Fedora Update for mongodb FEDORA-2013-4539 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

rubygem-activerecord: attribute_dos Symbol DoS vulnerability

A flaw was found in the way Ruby on Rails handled hashes in certain queries. A remote attacker could use this flaw to perform a denial of service resource consumption attack by sending specially crafted queries that would result in the creation of Ruby symbols, which were never garbage collected...

Google Privacy Director Alma Whitten Leaving

Alma Whitten, the director of privacy at Google, is stepping down from that role and leaves behind her a complicated legacy in regards to user privacy. Whitten has been the company’s top product and engineering privacy official since 2010 and was at the helm as the company navigated a number of...