IRCCloud: Unsecure cookies, cookie flag secure not set

Since you are running on a secure connection, https, you should be ensuring that everything runs securely on your client's / visitors case. I have check the cookie session of IRCCloud and found out that it is not flag as secure. Whenever a cookie contains sensitive information or is a session...

OpenSSL TLS Heartbeat Extension - Heartbleed Information Leak (1)

OpenSSL TLS Heartbeat Extension - Heartbleed Information Leak 1 / CVE-2014-0160 heartbleed OpenSSL information leak exploit ========================================================= This exploit uses OpenSSL to create an encrypted connection and trigger the heartbleed leak. The leaked information...

Mylar - Platform for building secure web applications

Web applications rely on servers to store and process confidential information. However, anyone who gains access to the server e.g., an attacker, a curious administrator, or a government can obtain all of the data stored there. Mylar protects data confidentiality even when an attacker gets full...

CVE-2013-5444

The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors...

CVE-2013-5444

The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors...

Twitter enables StartTLS for Secure Emails to prevent Snooping

TWITTER is taking users' privacy and security very seriously and in an effort to prevent Government snooping, the company has secured your Twitter emails with with TLS Transport Layer Security. Twitter emails were previously using a plain text communication protocol, that now has been upgraded to...

HTTPS can leak your Personal details to Attackers

Explosive revelations of massive surveillance programs conducted by government agencies by the former contractor Edward Snowden triggered new debate about the security and privacy of each individual who is connected somehow to the Internet and after the Snowden’s disclosures they think that by...

[VNC Password Recovery v2.0] All-in-one VNC Password Decoder Tool

VNC Password Recovery is the FREE software to instantly recover VNC password stored by popular VNC Servers. It automatically detects the encrypted VNC password stored in the file system or registry by various VNC server applications. Then it quickly decrypts it and display the original VNC...

Silent Circle's Blackphone - Privacy and Security Focused Smartphone for $629

Earlier this year encrypted communications firm Silent Circle and Spanish Smartphone maker Geeksphone announced a privacy-focused encrypted Smartphone called 'Blackphone' and today the company has revealed it as 'Mobile World Congress' in Barcelona. The Blackphone titled as, “world’s first...

Crowd-Funding site Kickstarter Hacked! It's time to change your Password

If you have an account at the popular crowd funding site Kickstarter, it's time to change your account's password. Kickstarter's CEO Yancey Strickler says that the company has been hacked by an unknown hacker earlier this week. Kickstarter said in a blog post that no credit card information was...

CVE-2011-1835

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...

DEBIAN-CVE-2011-1835

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...

Design/Logic Flaw

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...

CVE-2011-1835

The CVE-2011-1835 issue lies in ecryptfs-utils, specifically the encrypted private-directory setup path (utils/ecryptfs-setup-private) where the passphrase file may not be created correctly. This opens a local-privilige escalation risk by bypassing access restrictions during new-user creation ste...

CVE-2011-1835

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...

CVE-2011-1835

The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps...

Threat Outbreak Alert: Fake Encrypted Message Notification Email Messages on February 10, 2014

Medium Alert ID: 32788 First Published: 2014 February 10 18:41 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a secure message for the recipient. The text in the email message attempts to convince the recipient to open...

[SECURITY] Fedora 20 Update: mupdf-1.1-5.fc20

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

Small Number of Malicious Tor Exit Relays Snooping Traffic

A small number of Tor exit relays are misbehaving, conducting man-in-the-middle attacks and monitoring encrypted traffic from users of the anonymity network. Researchers from Karlstad University in Sweden published a paper this week examining the malicious behavior of some Tor exit relays and fou...

[CIAT] Crypto Implementations Analysis Toolkit

.png The Cryptographic Implementations Analysis Toolkit CIAT is compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files executable and non-executable. Download CIAT...