CVE-2013-5402

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management, Maximo Asset Management Essentials, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities 7.1.x through 7.1.1.12, 7.1.2, 7.5 befo...

U.S. District Court Judge Rules NSA Metadata Collection Likely Violates Fourth Amendment

A United States District Court judge has ruled that the bulk metadata collection program maintained by the National Security Agency for years now likely is unconstitutional. The judge, ruling on a pair of law suits that claimed the NSA’s methods violated users’ privacy and civil rights, said that...

China APT Hackers Target Diplomats in Ke3chang Campaign

European diplomats and ministries of foreign affairs have been targeted during recent G20 meetings by Chinese-speaking hackers conducting espionage campaigns using malware to siphon secrets from compromised computers. The latest incidents came in August when spear phishing messages spiked with...

Moxie Marlinspike on TextSecure CyanogenMod integration

Moxie Marlinspike Moxie Marlinspike has published landmark research on SSL vulnerabilities, taken on certificate authorities and even built an alternative to CAs as we know them today called Convergence. But now that government surveillance and online privacy have been elevated to mainstream...

France Government used Rogue Google SSL Digital Certificates to Spy on users

Google has found that the French government agency using unauthorized digital certificates for some of its own domains to perform man-in-the-middle attacks on a private network. Google security engineer Adam Langley described the incident as a "Serious Security breach", which was discovered in...

Mis-issued ANSSI/DCSSI certificate — Mozilla

Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla’s root store, was loaded into a man-in-the-middle MITM traffic management device. This certificate was issued by Agence nationale de la sécurité des systèmes d'information ANSSI, an agency of t...

Tech Companies Join Reform Government Surveillance Alliance

Eight massive technology companies including Facebook, Apple and Google make up a new coalition calling for a reform of surveillance practices, which the companies say are undermining trust in not only their respective services, but of the Internet as a medium for communication and commerce. The...

Han Edition through JCMS content management system arbitrary File Download vulnerability-vulnerability warning-the black bar safety net

With this system Government portal, mostly, on Google inurl:gov. cn/jcms way, the amount is not very large. Multiple arbitrary File Download, effects version unknown, probably all affect it. 1. http://target/jcms/m59/sendreport/downfile.jsp?filename=/etc/passwd&savename=passwd.txt To get to the...

Enorth Webpublisher CMS SQL Injection Vulnerability

Enorth Webpublisher CMS suffers from a remote SQL injection vulnerability. Title: ==== CVE-2013-6985SQL Injection Vulnerability In Enorth Webpublisher CMS Vendor: ====== http://products.enorth.com.cn/bfnrglxt/index.shtml Severity: ======= Important Versions Affected: ============== All versions...

European Commission Urges U.S to Reform Surveillance Methods

The European Commission is urging the United States government to make some changes to the way it handles surveillance to help restore the trust in the relationship between the EU and the U.S. The commission is asking for the U.S. to promote privacy rights internationally, adopt the EU’s data...

Privacy, Human Rights Groups Form New Anti-Surveillance Coalition

A large group of privacy and digital rights organizations has put together a new effort to urge politicians to curtail the mass surveillance operations that have been exposed in the last few months. The new coalition has developed a set of 13 principles for governments to follow in their...

Twitter Implements Perfect Forward Secrecy

Twitter took another step toward not only securing the privacy of its users’ communication over the social network, but in warding off the prying eyes of government surveillance with the implementation of Perfect Forward Secrecy. The technology thwarts the efforts of anyone who may be collecting...

Critical Infrastructure Beyond the Power Grid

The term "critical infrastructure" has earned its spot on the board of our ongoing game of cyber bingo--right next to "Digital Pearl Harbor," "Cyber 9/11," "SCADA" and "Stuxnet." With "critical infrastructure" thrown about in references to cyber threats nearly every week, we thought it was time f...

FBI warns that Anonymous Hackers has been hacking US Government for almost a year

The FBI is warning that members of the hacktivist group Anonymous hacking collective have secretly accessed US Government computers and stolen sensitive information in a campaign that began almost a year ago. The Hacktivists have exploited a flaw in Adobe applications to compromise the target...

FBI warns that Anonymous Hackers has been hacking US Government for almost a year

The FBI is warning that members of the hacktivist group Anonymous hacking collective have secretly accessed US Government computers and stolen sensitive information in a campaign that began almost a year ago. The Hacktivists have exploited a flaw in Adobe applications to compromise the target...

Passive Security Community Turned Activist

Security people like to call themselves a community, but until June some might say its greatest community achievement is turning Twitter into its own private and contentious echo chamber. But since the Snowden leaks, there’s been a palpable change and a marked swell in stand-taking. Tweeters have...

U.S. Government Requests for Google User Data Doubled Since 2010

In the first six months of this year, Google received seven wiretap orders from the United States government and complied with all of them. The company also received 207 pen register requests in the same period and complied with 89 percent of them, according to Google’s new transparency report. T...

General Michael Hayden Talks about the Future of Cybersecurity at MIRcon 2013

When you've got some of the cybersecurity industry's best and brightest practitioners in one room, just how do you top the conversations they're having across the breakfast table? By getting one of the foremost experts on cybersecurity to deliver a top notch speech on the future of the industry,...

Surveillance Transparency Act Would Limit NSA Spying

There have been countless hearings in both the House and Senate since the Snowden leaks began in June, and there seems to be no end in sight. The latest committee to get in on the action was the Senate Committee on the Judiciary’s Subcommittee on Privacy, Technology and the Law, which held a...

Singapore police arrested six men for allegedly hacking Prime Minister and President websites

A Singaporean hacker calling himself the "The Messiah" was arrested in Kuala Lumpur last Monday for hacking into a Singaporean government website over two weeks ago - from a Kuala Lumpur apartment. James Raj 35 charged with hacking of Ang Mo Kio town council website and posting a symbol associate...