CVE-2019-17013

Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 71...

py-matrix-synapse -- incomplete cleanup of 3rd-party-IDs on user deactivation

Matrix developers report: Clean up local threepids from user on account deactivation...

Facebook & Twitter suffer data breach via third-party developers

By Sudais Another day another breach involving Facebook, Twitter, and third-party developers. This is a post from HackRead.com Read the original post: Facebook & Twitter suffer data breach via third-party developers...

RE:TERNAL - Repo Containing Docker-Compose Files And Setup Scripts Without Having To Clone The Individual Reternal Components

RE:TERNAL is a centralised purple team simulation platform. Reternal uses agents installed on a simulation network to execute various known red-teaming techniques in order to test blue-teaming capabilities. The simulations are mapped to the MITRE ATT&CK framework. This repo contains the compose...

Ultimate Facebook Scraper - A Bot Which Scrapes Almost Everything About A Facebook User'S Profile Including All Public Posts/Statuses Available On The User'S Timeline, Uploaded Photos, Tagged Photos, Videos, Friends List And Their Profile Photos

Tooling that automates your social media interactions to collect posts, photos, videos, friends, followers and much more on Facebook. Features A bot which scrapes almost everything about a facebook user's profile including uploaded photos tagged photos videos friends list and their profile photos...

RIPS 3.3: Scaling Security Testing to Large Teams

Data Center Edition Automated security testing with RIPS is typically performed when a new code feature is merged into the development branch. But when security scanning is shifted left to the developers who scan every single code commit, the total amount of scans increases significantly. As a...

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-2160)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,and Phot...

[SECURITY] Fedora 31 Update: python35-3.5.8-2.fc31

Python 3.5 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.5, see other distributions that support it, such as CentOS or RHEL with Software...

Fedora Update for python35 FEDORA-2019-d202cda4f8

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for python35 FEDORA-2019-b06ec6159b

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: python35-3.5.8-2.fc30

Python 3.5 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.5, see other distributions that support it, such as CentOS or RHEL with Software...

Facebook Privacy Breach: 100 Developers Improperly Accessed Data

UPDATE Facebook said that 100 third-party app developers have improperly accessed the names and profile pictures of members in various Facebook groups – data that was restricted in 2018 by the platform after its Cambridge Analytica privacy snafu. Facebook said that the developers – including 11 i...

Facebook Reveals New Data Leak Incident Affecting Groups' Members

Facebook today revealed yet another security incident admitting that roughly 100 app developers may have improperly accessed its users' data in certain Facebook groups, including their names and profile pictures. In a blog post published Tuesday, Facebook said the app developers that unauthorized...

Facebook Reveals New Data Leak Incident Affecting Groups' Members

Facebook today revealed yet another security incident admitting that roughly 100 app developers may have improperly accessed its users' data in certain Facebook groups, including their names and profile pictures. In a blog post published Tuesday, Facebook said the app developers that unauthorized...

Phishing Detection via Analytic Networks

As mentioned in previous Akamai blogs, phishing is an ecosystem of mostly framework developers and buyers who purchase kits to harvest credentials and other sensitive information. Like many framework developers, those focusing on phishing kits want to create an efficient...

python-requests bug fix update

An update is available for python-requests. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-requests package contains a library designed to make HTTP...

py-matrix-synapse -- missing signature checks on some federation APIs

Matrix developers report: Make sure that ... events sent over /sendjoin, /sendleave, and /invite, are correctly signed and come from the expected servers...

Trend Micro Acquires Cloud Conformity

Developers who are responsible for managing their business’s IT infrastructure day-to-day often have to work with the technology providers they’re given. Our goal is to make sure our security solutions work for developers, providing seamless, automated security, rather than a roadblock to work...

McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service - The All-Stars | McAfee Blogs

McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – The All-Stars John Fokker · OCT 02, 2019 Episode 2: The All-Stars Analyzing Affiliate Structures in Ransomware-as-a-Service Campaigns This is the second installment of the McAfee Advanced Threat Research ATR analysis of Sodinokibi...

Tachyon - Fast HTTP Dead File Finder

Tachyon is a fast web application security reconnaissance tool. It is specifically meant to crawl web application and look for left over or non-indexed files with the addition of reporting pages or scripts leaking internal data. User Requirements Linux Python 3.5.2 User Installation Install: $...