Important: Red Hat Security Advisory: 389-ds-base security update

Updated 389-ds-base packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Google Chrome adds automatic malware blocking for suspicious downloads

Today Malware is a very real threat, and if you’re not careful about what you download and install, you could end up with a serious problem. But now Google will be trying their very best to block malware from installing itself on your computer on your behalf. Google has developed a security featu...

Google Chrome to Automatically Block Malicious Downloads

Google is planning to add a new feature to its Chrome browser that will block malicious downloads automatically, helping to prevent drive-by downloads and the kind of malware that rides along with supposedly legitimate software. The new addition to Chrome already is in the development queue,...

New home for the Security Group blog

News New home for the Security Group blog Share October 31st, 2013 Welcome to the new home of the Opera Security Group. We have changed our blogging platform. For more more information regarding the switch, please see this post. If you received this blog post in your feed reader, you do not need ...

WordPress Releases Update for WordPress 3.7

WordPress has released WordPress 3.7 “Basie” for all previous versions. This version has been devised to automatically update with the latest maintenance and security releases, making the process more reliable and secure, with dozens of new checks and safeguards. WordPress 3.7 also updates the...

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

IBM Db2 STMM Denial Of Service Vulnerability - Linux

IBM DB2 is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:db2"; ifdescription...

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

[iodine] Tunnel application to forward IPv4 traffic through DNS servers (IP over DNS)

iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed. It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a TUN/TAP device. The bandwidth is asymmetrical with limit...

phpThumb v. <= 1.7.9 Remote Command Injection Exploit

This code exploits a Remote Command Injection vulnerability in phpThumb that allows attackers to upload a shell automatically.. !/usr/bin/perl Exploit Title: phpThumb v. http://mobileworld24.pl/wp-content/themes/mobileworld24/inc/phpThumb/ use LWP::UserAgent; use HTTP::Request; $target = $ARGV0;...

Many Flash, Java Users Running Older, Vulnerable Versions

It’s long been known that Java and Flash are favored targets of attackers, thanks to their huge install bases and numerous security issues. And the users who are targeted by these attacks aren’t doing themselves any favors either, as new research shows that 19 percent of business users are runnin...

Prevent Veeam from locking tape drives

Challenge Veeam periodically rescans the tape drives. This locks the drives and prevents other tape software from writing to them. Cause The refresh rate on the automatic rescan is too frequent if using third party tape backup software. Solution The registry keys below prevent Veeam Backup &...

Threat Outbreak Alert: Fake Payment Notification Email Messages on August 29, 2013

Medium Alert ID: 30603 First Published: 2013 August 29 19:03 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment confirmation notification for the recipient. The text in the message body attempts to persuade the...

Kali Applications Automatic Installer Script: KAAIS

KAAIS Kali Applications Automatic Installer Script Let’s you easily install some applications which doesn’t come by default with the Kali Linux distribution. It’s user friendly and it incorporates some other things. It also gets updated regularly. Features Skype VideoChat Application TeamViewer...

Fedora Update for zeroinstall-injector FEDORA-2013-12414

Check for the Version of zeroinstall-injector OpenVAS Vulnerability Test Fedora Update for zeroinstall-injector FEDORA-2013-12414 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...