Debian: Security Advisory (DSA-2599-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Facebook Camera App Vulnerable to Man in The Middle Attack

Egypt-based security researcher reported that Facebook Camera App for mobiles are Vulnerable to Man in The Middle Attack, that allow an attacker to tap the network and hijack Camera users accounts and information like email addresses and passwords can be stolen. Mohamed Ramadan trainer with...

Facebook Camera App Vulnerable to Man in The Middle Attack

Egypt-based security researcher reported that Facebook Camera App for mobiles are Vulnerable to Man in The Middle Attack, that allow an attacker to tap the network and hijack Camera users accounts and information like email addresses and passwords can be stolen. Mohamed Ramadan trainer with...

Default configuration

The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the...

CVE-2012-4948

The default configuration of Fortinet Fortigate UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the...

CVE-2012-4948

CVE-2012-4948 describes a default-configuration issue in Fortinet Fortigate UTM appliances: the same Fortigate CA certificate and private key are reused across devices, enabling an attacker with a man-in-the-middle vantage point to spoof SSL servers or sign malware on trusted chains. The CERT/CSA...

Coalfire Client FireHost Achieves HITRUST CSF Certification

Yesterday, we were delighted to see our long-time client Firehost announce that they achieved Common Security Framework CSF "Certified" status from the HITRUST Alliance. Headquartered in Richardson, Texas, FireHost has made compliance a top priority, and weve enjoyed working with them to achieve...

CVE-2012-3037

The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web server by using this key to create a forged certificate...

MatrixDAR - First Military Grade Encryption for Android

AuthenTec, a leading provider of mobile and network security, today introduced a new security offering that provides military-grade encryption to data stored on today's Android smartphones and tablets without sacrificing device performance. AuthenTec's MatrixDARTM for Android meets the stringent...

Format string

IBM Global Security Kit aka GSKit before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS 12 file format for certificate objects without enforcing file integrity, which makes it easier for remote attackers to spoof SSL servers via...

Hack a Server - The man behind the idea

"Choose a job you love, and you will never have to work a day in your life" said Confucius. These would be the words that describe Marius Corîci the most. In 2003 he started doing business in the plumbing industry and co-founded ITS Group, a franchise for Romstal Company, the biggest plumbing...

CVE-2012-3372

The default configuration of Cyberoam UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the CyberoamSSLCA...

CVE-2012-3372

The default configuration of Cyberoam UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the CyberoamSSLCA...

CVE-2012-3372

CVE-2012-3372 affects Cyberoam UTM/DPI devices. The default configuration uses the same Certification Authority certificate and private key across different customers, enabling a MITM attacker to spoof SSL servers by leveraging the Cyberoam_SSL_CA trusted root. Several sources note the vendor dis...

Code injection

QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority...

CVE-2010-5076

QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority...

CVE-2010-5076

QSslSocket in Qt before 4.7.0-rc1 recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority...

OpenVPN Defaced by Hackers

OpenVPN Defaced by Hackers OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features Got Hacked Yesterday by Hacker called "HcJ". Hacked deface the page as shown in above picture. Words form Page: OPENVPN Hacked No Ne...

Advance Ethical Hacking and Cyber Security Boot Camp at Delhi, India

Have you ever wondered how Hackers or Black Hats hack into a computer system ? Our Hacker Boot Camp training session will teach you how this can be done. You will be shown the techniques, tools and methods that the hacker uses. This insight will help you understand how to better protect your IT...

CertificationMagazine Blind SQL Injection

Title: ====== CertificationMagazine - Blind SQL Injection Vulnerability Date: ===== 2011-12-19 VL-ID: ===== 269 Reference: ========== http://www.vulnerability-lab.com/getcontent.php?id=269 Introduction: ============= Certification Magazine is a technical training and certification publication...