Osama Bin Laden-Themed Phishing

Summary The intent of this advisory is to provide general guidance to public and private sector organizations and individuals on potential targeted phishing attacks often referred to as “spear phishing” with respect to the Osama Bin Laden related media reporting, and to offer some suggested metho...

[Nessus 5.2] Nessus Vulnerability Scanner

New release of the Nessus vulnerability scanner! This is a major release moving from 5.0.3 to 5.2.0 and includes several new features and enhancements, including: IPv6 is now supported on all platforms including Windows Nessus server support for Windows 8 and Windows 2012 Add attachments within...

CVE-2013-2415

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented o...

Design/Logic Flaw

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented o...

CVE-2013-2415

CVE-2013-2415 is an unspecified vulnerability in the Java Runtime Environment (JRE) component found in Oracle Java SE 7 Update 17 and earlier, and in OpenJDK 6 and 7, that allows local users to affect confidentiality via vectors related to JAX-WS. Connected advisories from MiracleLinux (AXSA-2013...

CVE-2013-1524

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Attachments...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Attachments...

CVE-2013-1524

CVE-2013-1524 : In Oracle E-Business Suite, the Oracle Application Object Library component (versions 12.0.6 and 12.1.3) contains an unspecified vulnerability that allows remote attackers to compromise integrity via unknown vectors related to Attachments. The available documents confirm the affec...

CVE-2013-1524

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Attachments...

CVE-2013-2415

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented o...

Cerb Multiple Vulnerabilities

The version of Cerb installed on the remote host is earlier than 6.2.5. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in that the application does not validate input passed via HTML email attachments, making it vulnerable to XSS. An attacker could exploit this issue to...

Phishing Campaign Using Military, Illicit Attachments

Look out for email attachments offering better sex tips and news about newly developed Chinese stealth frigates, because they are loaded with malware, according to a Securelist report written by Kaspersky Lab expert, Ben Godwood. The malware is fairly old and not particularly advanced, but a lot ...

Recent Reports of DHS-Themed Ransomware (UPDATE)

US-CERT has received reports of increased activity concerning an apparently DHS-themed ransomware malware infection occurring in the wild. Users who are being targeted by the ransomware receive a message claiming that use of their computer has been suspended and that the user must pay a fine to...

[Snort 2.9.4.1] Network Intrusion Detection System

Snort is a free and open source network intrusion prevention system NIPS and network intrusion detection system NIDS . Snort having the ability to perform real-time traffic analysis and packet logging on Internet Protocol IP networks. Snort performs protocol analysis, content searching, and conte...

Microsoft Windows Object Linking and Embedding (OLE) Automation Remote Code Execution Vulnerability

Description Microsoft Windows Object Linking and Embedding OLE Automation is prone to a remote code-execution vulnerability due to an integer overflow error. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage or a specially crafted file. Successful...

Malware Poses as Faux Adobe Flash Update

Cybercriminals are perpetrating a spam campaign by sending out emails with malicious attachments containing a Pony downloader that uploads a Zeus Trojan to victim machines while also leading users to a number of compromised domains housing fake Adobe Flash Player updates in order to dupe the...

Three Charged with Creating, Distributing Gozi Banking Malware

Charges will be brought today in the U.S. District Court for the Southern District of New York against three men allegedly involved with creating and distributing the Gozi banking Trojan. Gozi infected more than a million computers worldwide, including a handful at NASA, leading to tens of millio...

CentOS Update for squirrelmail CESA-2013:0126 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Operation Red October : Cyber Espionage campaign against many Governments

A new sensational discovered has been announced by Kaspersky Lab's Global Research & Analysis Team result of an investigation after several attacks hit computer networks of various international diplomatic service agencies. A new large scale cyber-espionage operation has been discovered, named Re...

RedHat Update for squirrelmail RHSA-2013:0126-01

Check for the Version of squirrelmail OpenVAS Vulnerability Test RedHat Update for squirrelmail RHSA-2013:0126-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...