Threat Outbreak Alert RuleID10325: Email Messages Distributing Malicious Software on June 15, 2014

Medium Alert ID: 34620 First Published: 2014 June 16 17:15 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID10325 may contain the following files: Name | Siz...

Windows Autologin Password Dumper & Manager v2.0

Windows Autologin Password is the free command-line tool to quickly dump and manage the Windows Automatic Logon Password. Automatic Logon is one of the useful feature in Windows which allows you to login to system automatically without entering the password everytime. This tool helps you to easil...

Google Play Store Update Allows Apps to Silently Gain Control of Your Device

Google just made a huge change to the way application permissions work on Android devices which has left a potential door open to malicious app developers and hackers. Google narrows down Android's 145 permissions into 13 broad categories and groups app permissions into 'groups of related...

Google Play App Permissions Privacy, Security Concerns

Google’s revamped app permissions for Google Play are not being well received by Android users. Reddit threads are rife with adjectives such as “stupid” and “dangerous,” primarily because Google’s attempt to simplify permissions granted to automatically updated applications may in fact expose use...

[SECURITY] Fedora 20 Update: check-mk-1.2.4p2-2.fc20

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

Moderate: Red Hat Security Advisory: mysql55-mysql security update

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

[SECURITY] Fedora 19 Update: python-lxml-3.3.5-1.fc19

lxml provides a Python binding to the libxslt and libxml2 libraries. It follows the ElementTree API as much as possible in order to provide a more Pythonic interface to libxml2 and libxslt than the default bindings. In particular, lxml deals with Python Unicode strings rather than encoded UTF-8 a...

Out-of-Band Release to Address Microsoft Security Advisory 2963983

At approximately 10 a.m. PDT, we will release an out-of-band security update to address the issue affecting Internet Explorer IE that was first discussed in Security Advisory 2963983. This update is fully tested and ready for release for all affected versions of the browser. The majority of...

Security Update Released to Address Recent Internet Explorer Vulnerability

Today, we released a security update to address the Internet Explorer IE vulnerability first described in Security Advisory 2963983. This security update addresses every version of Internet Explorer. While we’ve seen only a limited number of targeted attacks, customers are advised to install this...

CVE-2013-7221

The automatic screen lock functionality in GNOME Shell aka gnome-shell before 3.10 does not prevent access to the "Enter a Command" dialog, which allows physically proximate attackers to execute arbitrary commands by leveraging an unattended workstation...

Adobe warning Flash high-risk vulnerabilities: Mac and PC fast upgrade-vulnerability warning-the black bar safety net

Adobe on Tuesday for the Flash plug-in released a security update that solves allow an attacker to remotely control a user's computer vulnerabilities. According to Adobe, as long as the running version for 1 2. 0. 0. 4 3 or earlier versions of Flash Mac and a Windows machine can be vulnerable to...

[SECURITY] Fedora 20 Update: check-mk-1.2.4p2-1.fc20

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

[SECURITY] Fedora 19 Update: check-mk-1.2.4p2-1.fc19

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

Automount is Disabled on VMware Backup Proxy

Challenge The Windows OS of a VMware Backup Proxy reports that automatic mounting of new volumes is disabled. Solution The automatic mounting of new volumes being disabled is an expected outcome for VMware Backup Proxies. As documented in the Veeam Backup & Replication User Guide: For Microsoft...

Debian DSA-2908-1 : openssl - security update

Multiple vulnerabilities have been discovered in OpenSSL. The following Common Vulnerabilities and Exposures project ids identify them : - CVE-2010-5298 A read buffer can be freed even when it still contains data that is used later on, leading to a use-after-free. Given a race condition in a...

Xerox DocuShare - SQL Injection

Xerox DocuShare - SQL Injection The following request is vulnerable to a SQL injection in the last URI segment: GET /docushare/dsweb/ResultBackgroundJobMultiple/1 HTTP/1.1 Host: 172.31.16.194:8080 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:26.0 Gecko/20100101 Firefox/26.0 Accept:...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that 1 change the timezone for the user via the lat and lng parameters to...

Automatic access added to newly added bitbucket account without notificiation

Steps to replicate: Add a new bitbucket account to your JIRA OnDemand instance via the DVCS connector. Click on the cog to the right of your new account and view 'configure automatic access' Result: Automatic access will be set up and membership to the 'developers' group will be granted Expected...

Automatic access added to newly added bitbucket account without notificiation

Steps to replicate: Add a new bitbucket account to your JIRA OnDemand instance via the DVCS connector. Click on the cog to the right of your new account and view 'configure automatic access' Result: Automatic access will be set up and membership to the 'developers' group will be granted Expected...

Automatic access added to newly added bitbucket account without notificiation

Steps to replicate: Add a new bitbucket account to your JIRA OnDemand instance via the DVCS connector. Click on the cog to the right of your new account and view 'configure automatic access' Result: Automatic access will be set up and membership to the 'developers' group will be granted Expected...