Tor Releases Anonymous Instant Messenger. Here's How to Use It

The Tor Project has officially launched the first beta version of Tor Messenger, an open source and Encrypted instant messaging client that works on top of the Tor network. Tor Messenger is designed by keeping both simplicity and privacy in mind. The team claimed that their app encrypts the conte...

TrustedSec Attack Platform: TAP

TAP is a remote penetration testing platform builder. For folks in the security industry, traveling often times becomes a burden and adds a ton of cost to the customer. TAP was designed to make the deployment of these boxes super simple and create a self-healing and stable platform to deploy remo...

Threat Outbreak Alert RuleID18738: Email Messages Distributing Malicious Software on October 15, 2015

Medium Alert ID: 41547 First Published: 2015 October 15 21:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID18738 may contain the following files: Name |...

WordPress Fixes Stored XSS Vulnerability in Akismet

Developers at Automattic, the parent company behind the blogging platform WordPress, fixed a nasty stored cross-site scripting error this week in Akismet, an anti-spam plugin that figures into millions of websites. The bug was fixed Tuesday in an update, 3.1.5, according to Christopher Finke, an...

emlog 自动备份并发送到邮箱插件泄露整站数据库备份漏洞

No description provided by source...

How to Auto-BackUp Your WhatsApp Data to Google Drive with Encryption

What if your phone suddenly slips into a bathtub? Maybe you'll end up losing all your important data, more specifically, your WhatsApp photos, videos, Voice Notes and Chat Data that flows through your chats. Sounds scary, isn't it? But, now you need not worry if your phone suddenly died or broke ...

Microsoft Revokes Leaked D-Link Certificates

Microsoft today revoked trust for the four digital certificates inadvertently leaked last week by networking gear manufacturer D-Link. Microsoft said it has modified its Certificate Trust List removing trust for the four certs, which could have been used to sign malicious code used in attacks. Th...

Adobe Releases 23 Security Updates for Flash Player

Adobe has released an important security bulletin that addresses a total of 23 Critical vulnerabilities in Adobe Flash Player. The security fixes for Windows, Linux and Mac users address "critical flaws that could potentially allow attackers to take control of the affected system," the company...

ManageEngine OpManager - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ManageEngine OpManager Remote Code Execution', 'Description' = %q This module exploits a default credential vulnerability in...

ManageEngine OpManager Remote Code Execution

This module exploits a default credential vulnerability in ManageEngine OpManager, where a default hidden account "IntegrationUser" with administrator privileges exists. The account has a default password of "plugin" which cannot be reset through the user interface. By log-in and abusing the...

Let's Encrypt Project issues its First Free SSL/TLS Certificate

Last fall the non-profit foundation EFF Electronic Frontier Foundation launched an initiative called Let's Encrypt that aimed at providing Free Digital Cryptographic Certificates TLS to any website that needs them. Today, Let's Encrypt – a free automated Open-source Certificate Authority CA – has...

MediaWiki Special:Contributions Page Information Disclosure Vulnerability

MediaWiki is a free and free web-based Wiki engine developed and maintained by the Wikimedia Foundation and MediaWiki volunteers, which can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in the Special:Contributions page of MediaWik...

Google to Pause Flash Ads in Chrome Starting Next Week

Google on Tuesday will begin pausing Flash ads by default in Chrome, a move that is designed mainly to help improve browser speed, but that will also be a security upgrade for users. The company announced the plan back in June and said this week that it will make the behavior the default setting...

Scientific Linux Security Update : mariadb on SL7.x x86_64 (20150824) (BACKRONYM)

It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the '--ssl' option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client an...

Hack Codegen - Facebook Open-Sources Code That Writes Code

Good news for Open Source Lovers! Facebook has open-sourced Hack Codegen – its library for automatically generating Hack code, allowing outside developers to automate some of their routine work while developing large programs. HACK is the Facebook's own programming language designed to build...

Technology uncovered“QQ space”to automatically forward adverse information-vulnerability warning-the black bar safety net

We often see the QQ space to automatically forward some of the included links to bad information, even if we QQ password has not been stolen. The recent adoption of a QQ space automatically forwarding the link for analysis, found that the automatic forwarding mechanism through the use of the...

Tag Miner <= 1.1.2 - Cross-Site Request Forgery (CSRF) & XSS

The Tag Miner Automatic Tag Extraction WordPress plugin was affected by a Cross-Site Request Forgery CSRF & XSS security vulnerability...

WordPress 4.2.3 Security Update Released, Patches Critical Vulnerability

WordPress has just released the new version of its content management system CMS, WordPress version 4.2.3, to fix a critical security vulnerability that could have been exploited by hackers to take over websites, affecting the security of its Millions of sites. WordPress version 4.2.3 resolves a...

Microsoft Issues Critical, Out-of-Band Patch for All Versions of Windows

Microsoft released an out-of-band patch Monday that addresses a critical remotely exploitable flaw in all versions of Windows. The vulnerability stems from how Windows’ Adobe Type Manager Library handles OpenType fonts. If a user was tricked into either opening a rigged document or visiting an...

MS15-0 6 8-Windows Hyper-V remote code execution vulnerability-vulnerability warning-the black bar safety net

! /Article/UploadPic/2015-7/2 0 1 5 7 1 9 1 6 1 4 3 8 1 2 3. png Overview Microsoft THE the release of the security update patches related to Windows operating system vulnerabilities, if in a station by Hyper－V technology to create the virtual machine, there is a proven and there are special...