Scientific Linux Security Update : openafs on SL5.x, SL6.x i386/x86_64 (20130724)

OpenAFS uses Kerberos tickets to secure network traffic. For historical reasons, it has only supported the DES encryption algorithm to encrypt these tickets. The weakness of DES's 56 bit key space has long been known, however it has recently become possible to use that weakness to cheaply around...

1337pwn Spy v1.0 (RCE / Keylogger / Download & Upload Files)

-------------------------FUNCTIONS-------------------------------- ! Currently, the program is not identified as a virus. ! Control via control panel. + RCE - You can send a command to a remote server, and it has successfully fulfilled. + Keylogger - The program has a keylogger. + Log changes in...

Cisco Small Business Switches SSH Packet Processing Denial of Service Vulnerability

Cisco Small Business Switches contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition to features that rely on SSH or SSL protocols. The vulnerability is due to the processing flaw in malformed packets in the code used by SSH and SSL...

Australian medical centre infected with Ransomware Malware demanding $4000 to Unlock

A Gold Coast, Australian medical centre computers are infected with some ransom malware by a group of Russian hackers. The hackers encrypted the practice's patient database, demanding payment of $4000 for the files to be decrypted. "Cyber criminals based mainly throughout Eastern Europe look for...

Design/Logic Flaw

McAfee Email and Web Security EWS 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway MEG 7.0 before Patch 1, does not properly encrypt system-backup data, which makes it easier for remote authenticated users to obtain sensitive information by reading a backup file, as...

Apple Remote Desktop < 3.5.3 / 3.6.1 Information Disclosure (Mac OS X)

According to its version, the Admin component in the Apple Remote Desktop install on the remote host reportedly fails to encrypt data and does not issue a warning when connecting to a third-party VNC server with 'Encrypt all network data' set. This could lead to information disclosure. C Tenable...

MatrixDAR - First Military Grade Encryption for Android

AuthenTec, a leading provider of mobile and network security, today introduced a new security offering that provides military-grade encryption to data stored on today's Android smartphones and tablets without sacrificing device performance. AuthenTec's MatrixDARTM for Android meets the stringent...

crypt(): DES encrypted password weakness

The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...

crypt(): DES encrypted password weakness

The cryptdes aka DES-based crypt function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an...

Survey Shows 85 Percent of Small Business Owners Convinced a Data Breach Unlikely

If a newly released survey is any indication, publicized data breaches aren’t enough to prompt small businesses to better protect their customer or employee data. A survey released this week by The Hartford found 85 percent of small business owners believe a data breach is unlikely and often lack...

UNC-Charlotte Data Breaches Expose 350,000 Social Security Numbers and Much More

Confidential data, including bank account and Social Security numbers for some 350,000 University of North Carolina-Charlotte students, staff and faculty, were accidentally exposed — some for almost 15 years — due to a system misconfiguration and incorrect access settings that made electronic dat...

Indian government get access to BlackBerry messages

Indian government get access to BlackBerry messages After a battle lasting almost two years, BlackBerry maker Research In Motion has knuckled under to the Indian government, giving security forces in that country access to private instant messages. RIM decided to set up Blackberry servers that we...

Use the Cloud

When it comes to search and seizure by customs agents, the cloud is your friend. A plethora of online services today make it easy to simply copy your sensitive data – or your entire drive’s contents – up to a hosted storage server. Once again, you’ll want to make sure that the connection to...

Ransomware Claims To Sniff Out Porn For The Police

Peddlers of ransomware are increasing their effectiveness by tailoring region-specific versions of a scam that impersonates local police. Microsoft has identified four variants of a ransomware scheme in which online criminals are using the good name of law enforcement agencies to trick victims in...

CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...

Data Encryption, 3.1/3GS

Apple’s decision to add data encryption with the iPhone 3GS was a nod to enterprise customers who wanted to offer iPhones to their employees, but were wary of the lack of security features compared with competing platforms like RIM’s Blackberry. Still, when they finally got around to it – with th...

4.9 Million Affected in Military Healthcare Breach

Military health service providers, TRICARE and Science Applications International Corporation SAIC report a data breach of involving the personal information of an estimated 4.9 million military clinic and hospital patients. The lost data was stored on back-up tapes that contained patient health...

Firm Claims To Break Blackberry Device Password

Research in Motion’s phones are considered the premiere maker of enterprise-grade mobile devices. But now a Russian firm says that a forensics tool it developed can reliably crack strong passwords used to secure the company’s BlackBerry phones. Elcomsoft, a computer forensics software maker, said...

HTTPS SSL encryption Vulnerable To Crypto Attack

HTTPS SSL encryption Vulnerable To Crypto Attack The secure sockets layer SSL and transport layer security TLS encryption protocol, used by millions of websites to secure Web communications via HTTPS, is vulnerable to being decrypted by attackers. Researchers have discovered a serious weakness in...

JonDo 00.15.004 IP changer with Bitcoin, connection manipulation protection and higher efficiency

JonDo 00.15.004 IP changer with Bitcoin, connection manipulation protection and higher efficiency JonDos publishes a new version of the JonDo-Software, an IP changer and IP anonymization program, that you can use for anonymous surfing in the Internet with high security anonymous proxy servers. Wh...