Developers Raise Bounty of $17,600 for First to Root Samsung Galaxy S5

It has been months ago since the release of Samsung’s latest Smartphone, Galaxy S5 and we have seen a portion of International units receive root, but a couple of the carrier variants including the developer edition of Samsung Galaxy S5 for Verizon and At&T hasn’t been in the list, sadly. The...

Bug Bounties Expanding to Individual Developers

Bug bounties once were restricted mainly to large software companies such as Mozilla and Google. But the success of these programs has led many other infrastructure and product companies, including Yahoo, Facebook, Barracuda, PayPal and even Microsoft, to launch their own reward systems. Now, the...

Facebook Introduces Anonymous Login to Limit Third-party App Permissions

We're comfortable in sharing information with our Facebook friends, but it is quite sneaky for Facebook users to offer their Identities and credentials when logging in to third-party apps, they don’t trust. To deal with this issue, the social network giant has plans to improve the way users login...

Basecamp Back Online After DDoS, Extortion

The project management console Basecamp is back online and its developers are in the process of restoring customers’ network access Tuesday after the service was taken down by a distributed denial-of-service DDoS attack Monday. The attack started at 8:46 a.m. CST yesterday and flooded the site wi...

[SECURITY] Fedora 20 Update: ReviewBoard-1.7.22-2.fc20

Review Board is a powerful web-based code review tool that offers developers an easy way to handle code reviews. It scales well from small projects to large companies and offers a variety of tools to take much of the stress and time out of the code review process...

[SECURITY] Fedora 19 Update: ReviewBoard-1.7.22-1.fc19

Review Board is a powerful web-based code review tool that offers developers an easy way to handle code reviews. It scales well from small projects to large companies and offers a variety of tools to take much of the stress and time out of the code review process...

China's Keen Team Topples Safari, Flash at Pwn2Own

VANCOUVER – One is the bug hunter, the other the exploit specialist. Fang Jiahong and Liang Chen represented the Keen Team at Pwn2Own on Thursday, starting off the second day of the annual exploit festival with a quick takedown of Apple’s Safari browser. They then wrapped up the contest with a...

Automatic access added to newly added bitbucket account without notificiation

Steps to replicate: Add a new bitbucket account to your JIRA OnDemand instance via the DVCS connector. Click on the cog to the right of your new account and view 'configure automatic access' Result: Automatic access will be set up and membership to the 'developers' group will be granted Expected...

Automatic access added to newly added bitbucket account without notificiation

Steps to replicate: Add a new bitbucket account to your JIRA OnDemand instance via the DVCS connector. Click on the cog to the right of your new account and view 'configure automatic access' Result: Automatic access will be set up and membership to the 'developers' group will be granted Expected...

Automatic access added to newly added bitbucket account without notificiation

Steps to replicate: Add a new bitbucket account to your JIRA OnDemand instance via the DVCS connector. Click on the cog to the right of your new account and view 'configure automatic access' Result: Automatic access will be set up and membership to the 'developers' group will be granted Expected...

Uroburos Rootkit: Most sophisticated 3-year-old Russian Cyber Espionage Campaign

The Continuous Growth of spyware, their existence, and the criminals who produce & spread them are increasing tremendously. It’s difficult to recognize spyware as it is becoming more complex and sophisticated with time, so is spreading most rapidly as an Internet threat. Recently, The security...

[OWASP iGoat] Security learning tool for iOS developers

The OWASP iGoat project is a security learning tool for iOS developers to learn about security weaknesses in iOS -- by breaking things as well as fixing them. iGoat is available ONLY in source code format, and this is the official repository for that code. On the Downloads tab here, you will find...

Contao CMS 3.2.4 Code Execution Vulnerability

Contao CMS versions 3.2.4 and below suffer from a code execution vulnerability. Hi, I have discovered a vulnerability that might lead to code execution in Contao CMS Vulnerabilities in Contao 3.2.4 Discovered by Pedro Ribeiro email protected of Agile Information Security...

Microsoft's Process Explorer added VirusTotal Multi-Antivirus Scanner support

Process Explorer, a part of the Microsoft’s Sysinternals suite of applications is an alternate task manager for Windows, which offers far more features than 'on-board'. Microsoft’s Windows Sysinternal Suite has released the latest version of Process Explorer v16.0 that has an awesome feature whic...

PSF-2014-1 CVE-2013-0340 Billion Laughs fixed in Expat 2.4.0

expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XMLSetEntityDeclHandler function, which allows remote attackers to cause a denial of service resource consumption, send HTTP requests to intranet servers, or read arbitrary files via a...

Google Kills Privacy Feature

UPDATE: Google has removed a pivotal privacy feature from its Android operating system that gave users the ability to deny permissions in and regulate information collection attempts by installed applications. The feature, which users could control with a tool called AppOps Launcher, first appear...

Facebook Open Redirection

Exploit Title: Facebook URL open Redirection Date: 05/11/2013 - 01/01/1435 Exploit Author: The Black Devils " Asesino04" Vendor Homepage: http://www.facebook.com/ Tested on: Mozilla firefox ------------------------------------------------ First let's talk about redirection in facebook when you se...

[SECURITY] Fedora 19 Update: ReviewBoard-1.7.18-1.fc19

Review Board is a powerful web-based code review tool that offers developers an easy way to handle code reviews. It scales well from small projects to large companies and offers a variety of tools to take much of the stress and time out of the code review process...

[SECURITY] Fedora 20 Update: ReviewBoard-1.7.16-2.fc20

Review Board is a powerful web-based code review tool that offers developers an easy way to handle code reviews. It scales well from small projects to large companies and offers a variety of tools to take much of the stress and time out of the code review process...

[SECURITY] Fedora 18 Update: ReviewBoard-1.7.14-1.fc18

Review Board is a powerful web-based code review tool that offers developers an easy way to handle code reviews. It scales well from small projects to large companies and offers a variety of tools to take much of the stress and time out of the code review process...