Lucene search
K

848 matches found

ThreatPost
ThreatPost
added 2014/11/13 4:38 p.m.9 views

Lame Duck Senate to Vote on NSA Reforming USA FREEDOM Act

The United States Senate will move to vote on the USA FREEDOM Act before the current congressional session closes at the end of the year, a move that pleases digital rights groups. In its current form, the bill would ban the bulk collection of Americans’ private records while granting the...

6.9AI score
Exploits0References5
ThreatPost
ThreatPost
added 2014/10/30 12:9 p.m.10 views

AOL Releases Transparency Report Lobbies for USA FREEDOM Act

Noting that Saturday was the 13th anniversary of the passage of the USA PATRIOT Act, the Web giant AOL this week released its latest transparency report, detailing estimations of how many Foreign Intelligence Surveillance Act FISA orders and National Security Letters NSLs it’s received in the las...

0.1AI score
Exploits0References3
NVD
NVD
added 2014/10/21 10:55 a.m.16 views

CVE-2014-7650

The JJA- Juvenile Justice Act 1986 aka com.felix.jja application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00266EPSS
Exploits0References3
Prion
Prion
added 2014/10/21 10:55 a.m.13 views

Design/Logic Flaw

The JJA- Juvenile Justice Act 1986 aka com.felix.jja application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/10/21 10:0 a.m.18 views

CVE-2014-7650

The JJA- Juvenile Justice Act 1986 aka com.felix.jja application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9AI score0.00266EPSS
Exploits0References3
CVE
CVE
added 2014/10/21 10:0 a.m.33 views

CVE-2014-7650

The CVE-2014-7650 entry concerns the Android 1.0 JJA app (com.felix.jja), which does not verify X.509 certificates from SSL servers. Root cause: lack of certificate validation enabling MITM-style spoofing of servers and potential exposure of sensitive data. Affected component is the app’s SSL/TLS...

5.4CVSS6AI score0.00266EPSS
Exploits0References3Affected Software1
ThreatPost
ThreatPost
added 2014/09/24 12:18 p.m.8 views

Obamacare Marketplaces Could Improve Information Security

The health insurance marketplaces instituted by the Affordable Care Act and through which tens of millions of Americans have signed up for medical coverage, aren’t doing a bad job of securing sensitive personal information but they could certainly be doing a better job, according a new analysis. ...

7.3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2014/09/12 10:41 a.m.17 views

Documents in Long-Running Yahoo FISC Challenge Case Published

During a long-running secret dispute between Yahoo and government officials over the constitutionality of orders from the federal government to turn over data belonging to Yahoo users, the company was facing fines of $250,000 for refusing to comply with the order. The revelation is contained in a...

0.1AI score
Exploits0References2
The Hacker News
The Hacker News
added 2014/08/21 9:15 p.m.18 views

Samsung To Pay $2.3 Million Fine for Deceiving the U.S. Government

The United States division of Samsung has been charged with deceiving the US government into believing that several of its products met the necessary US government policies, resulting in the US government buying unauthorised Chinese-made electronics. The South Korean electronics giant has agreed ...

6.5AI score
Exploits0
ThreatPost
ThreatPost
added 2014/08/07 7:0 a.m.14 views

Legal Line Between Security Research, Cybercrime Murky

LAS VEGAS — In his keynote address at Black Hat Wednesday, Dan Geer, the CISO of In-Q-Tel and a respected security luminary noted that the industry has never been closer to the forefront of corporate and government policy decision making. Despite this, security research remains a dangerous busine...

6.9AI score
Exploits0References1
The Hacker News
The Hacker News
added 2014/08/01 10:47 p.m.9 views

Hurray! Unlocking Your Cell Phone is Officially Legal Again

President Barack Obama signed a bill into law Friday that aims to make it legal for consumers to “unlock” their cell phones in order to change their cell phone service providers without paying for a new phone. The bill is known as the Unlocking Consumer Choice and Wireless Competition Act, which...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2014/07/29 2:51 p.m.33 views

Leahy Introduces Bill to End Bulk Call Record Collection

Sen. Patrick Leahy has introduced an updated, tougher version of the USA FREEDOM Act that would end the bulk collection of data under Section 215 of FISA and also would require the appointment of a panel of special legal advocates who would represent the interests of individual privacy and civil...

6.9AI score
Exploits0References3
ThreatPost
ThreatPost
added 2014/07/09 2:26 p.m.13 views

DHS Releases Hundreds of Documents on Wrong Project Aurora

In response to a Freedom of Information Act request for information about the Operation Aurora attack on Google and other organizations in 2009 the Department of Homeland Security released hundreds of pages of documents related not to that attack campaign, but to the Aurora project run at Idaho...

0.6AI score
Exploits0References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

UploadImage/UploadScript 1.0 - Remote Change Admin Password Exploit

No description provided by source. ?php / \|/// \ - - // Y! Underground Group @ @ ----oOOo---oOOo--------------------------------------------------- ! Portal : UploadImage v1.0 & UploadScript v1.0 ! Download : http://www.uploadscript.net ! Type : Remote Change Admin Password Exploit ! Home :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow

No description provided by source. $Id: hpnnmsnmpvieweractapp.rb 12098 2011-03-23 15:47:20Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2014/06/27 2:6 p.m.19 views

New Data Shows FBI Issued More Than 19k National Security Letters in 2013

The United States federal government issued more than 19,000 National Security Letters–perhaps its most powerful tool for domestic intelligence collection–in 2013, and those NSLs contained more than 38,000 individual requests for information. The new data was released by the Office of the Directo...

7AI score
Exploits0References5
The Coalfire Blog
The Coalfire Blog
added 2014/06/26 10:23 a.m.14 views

What you need to know from the OCR’s Report to Congress on Breaches and HIPAA Rules Compliance

Last week the HHS Office for Civil Rights OCR issued their Annual Report to Congress on Breaches of Unsecured Protected Health Information PHI for calendar years 2011 and 2012. This is their second annual report required by the Health Information Technology for Economic and Clinical Health HITECH...

1.2AI score
Exploits0
ThreatPost
ThreatPost
added 2014/06/20 1:27 p.m.11 views

House Amendment Limits Funding for NSA Surveillance

The House of Representatives last night overwhelmingly passed an amendment to the Department of Defense Appropriations Act that would cut funding for two programs that grant intelligence agencies access to the private data and communications of U.S. citizens. The amendment shows that Congress is...

6.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/06/05 2:25 p.m.12 views

Microsoft Calls for NSA Surveillance Reforms

On the anniversary of the first news reports on NSA surveillance, Microsoft general counsel Brad Smith seized the opportunity to draw a line in the sand with the U.S. government. Smith challenged the government curtail surveillance because it’s hurting business and impaling privacy and civil...

6.6AI score
Exploits0References7
The Hacker News
The Hacker News
added 2014/05/14 4:28 a.m.10 views

Ex-NSA Director Admits 'We Kill People Based On Metadata' with Drone Strike

We All now know about the existence of the extensive metadata collection program by U.S National Security Agency NSA, which creates an intimate repository of our lives -- whom we love, whom we’re friends with, where we work, whom we call, when we you, how long we talk over the calls, and how ofte...

6.6AI score
Exploits0
Rows per page
Query Builder