[SECURITY] Fedora 34 Update: almanah-0.12.3-1.fc34

Almanah Diary is a small application to ease the management of an encrypted personal diary. It's got good editing abilities, including text formatting and printing. Evolution tasks and appointments will be listed to ease the creation of diary entries related to them. At the same time, you can...

Security update for connman (moderate)

openSUSE Security Update: Security update for connman Announcement ID: openSUSE-SU-2021:0452-1 Rating: moderate References: 1181751 Cross-References: CVE-2021-26675 CVE-2021-26676 CVSS scores: CVE-2021-26675 NVD : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-26676 NVD : 6.5...

AnonX - An Encrypted File Transfer Via AES-256-CBC

An Encrypted File transfer via AES-256-CBC AnonX is an encrypted file uploader and downloader. The uploaded archive lasts for one week and shall remove from the server. AnonX encrypts the directory before uploading it to the server. The download function requires the download id and AES password ...

CEO of Encrypted Chat Platform Indicted for Aiding Organised Criminals

The U.S. Department of Justice DoJ on Friday announced an indictment against Jean-Francois Eap, the CEO of encrypted messaging company Sky Global, and an associate for wilfully participating in a criminal enterprise to help international drug traffickers avoid law enforcement. Eap also known as...

CEO of Encrypted Chat Platform Indicted for Aiding Organised Criminals

The U.S. Department of Justice DoJ on Friday announced an indictment against Jean-Francois Eap, the CEO of encrypted messaging company Sky Global, and an associate for wilfully participating in a criminal enterprise to help international drug traffickers avoid law enforcement. Eap also known as...

CVE-2021-3425

A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shipped in Red Hat AMQ 7 are vulnerable...

Important: Red Hat Security Advisory: Red Hat Ansible Tower 3.7.5-1 - Container security and bug fix update

Red Hat Ansible Tower 3.7.5-1 - RHEL7 Container Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

packetStrider - A Network Packet Forensics Tool For SSH

packetStrider for SSH is a packet forensics tool that aims to provide valuable insight into the nature of SSH traffic, shining a light into the corners of SSH network traffic where golden nuggets of information previously lay in the dark. The problem that packet strider aims to help with AKA Why?...

[ASA-202102-36] python-cryptography: incorrect calculation

Arch Linux Security Advisory ASA-202102-36 ========================================== Severity: Medium Date : 2021-02-27 CVE-ID : CVE-2020-36242 Package : python-cryptography Type : incorrect calculation Remote : No Link : https://security.archlinux.org/AVG-1541 Summary ======= The package...

BlackMamba - C2/post-exploitation Framework

BlackMamba is a multi client C2/post exploitation framework with some spyware features. Powered by Python 3.8.6 and QT Framework. Some of BlackMamba features are: Multi Client - Supports multiple client connections at the same time. Real Time Communication Updates - Real time communication and...

The vulnerability of the OpenSSL library lies in its insufficient encryption strength, which allows attackers to intercept all encrypted messages sent over a TLS connection.

The vulnerability of the OpenSSL library is related to insufficient encryption strength. Exploiting this vulnerability allows a malicious actor, operating remotely, to intercept all encrypted messages sent through the TLS connection...

Important: Red Hat Security Advisory: stunnel security update

An update for stunnel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: stunnel security update

An update for stunnel is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: stunnel security update

An update for stunnel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

ALSA-2021:0618 Important: stunnel security update

Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection encrypted using SSL or TLS or to provide an encrypted means of connecting to services that do not natively support encryption. Security Fixes: stunnel: client...

RLSA-2021:0618 Important: stunnel security update

Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection encrypted using SSL or TLS or to provide an encrypted means of connecting to services that do not natively support encryption. Security Fixes: stunnel: client...

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules, which stems from the use of rigidly encrypted credentials, allows attackers to gain unauthorized access to protected information.

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules is related to the use of rigidly encrypted credentials. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

CVE-2020-25493

Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is possible to eavesdrop the network traffic. The content of HTTP payload is encrypted using XOR with a hardcoded key, which allows for the possibility to decode the traffic...

Military, Nuclear Entities Under Target By Novel Android Malware

Researchers have uncovered two novel Android surveillanceware families being used by an advanced persistent threat APT group to target military, nuclear and election entities in Pakistan and Kashmir. The two malware families, which researchers call “Hornbill” and “SunBird,” have sophisticated...

Android devices caught in Matryosh botnet

Researchers at Netlab have discovered a new botnet that re-uses the Mirai framework to pull vulnerable Android devices into DDoS attacks. The new botnet, which is called Matryosh, is named after the Russian nesting dolls because the encryption algorithm it uses, and the process of obtaining comma...