CenoCipher - Easy-To-Use, End-To-End Encrypted Communications Tool

CenoCipher is a free, open-source, easy-to-use tool for exchanging secure encrypted communications over the internet. It uses strong cryptography to convert messages and files into encrypted cipher-data, which can then be sent to the recipient via regular email or any other channel available, suc...

CloudForms: insecure password storage in PostgreSQL database

A privilege escalation flaw was discovered in CloudForms, where in certain situations, CloudForms could read encrypted data from the database and then write decrypted data back into the database. If the database was then exported or log files generated, a local attacker might be able to gain acce...

UBUNTU-CVE-2015-5296

Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c,...

France will not Ban Public Wi-Fi Or Tor Network, Prime Minister Valls Confirms

Despite the French Ministry of Interior's demands, France will not ban the TOR anonymity network or Free public Wi-Fi as a way to help the law enforcement fight terrorism. French Prime Minister Manual Valls has gone on record saying that a ban on Free public Wi-Fi is "not a course of action...

Tor Messenger - Chat over Tor, Easily

Tor Messenger is a cross-platform chat program that aims to be secure by default and sends all of its traffic over Tor. It supports a wide variety of transport networks, including Jabber XMPP , IRC , Google Talk , Facebook Chat , Twitter , Yahoo , and others; enables Off-the-Record OTR Messaging...

Moderate: Red Hat Security Advisory: CFME 5.5.0 bug fixes and enhancement update

Updated cfme packages that fix a security issue, several bugs, and add various enhancements are now available for Red Hat CloudForms 4.0. Red Hat Product Security has rated this update as having Moderate Security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Kazakhstan makes it Mandatory for its Citizens to Install Internet Backdoor

Next in the queue, Kazakhstan is also planning to Spy on encrypted Internet Traffic of its citizens, but in the most shameless way. Unlike other spying nations that are themselves capable of spying on their citizens, Kazakhstan will force every internet user in the country to install bogus securi...

Signal Desktop Released by Moxie Marlinspike

In March when Moxie Marlinspike and Open Whisper Systems released the iOS version of the Signal encrypted messaging app, the noted security researcher promised to expand its reach and among other things, eventually release a desktop version of Signal. That vision was realized on Wednesday with th...

China APT Gang Targets Hong Kong Media via Dropbox

An APT gang linked to China and alleged to be responsible for targeted attacks against foreign governments and ministries, has now pointed its focus inward at China’s autonomous territory Hong Kong. An August attack against several media companies in Hong Kong was carried out shortly after a...

Dell Computers Contain CA Root Certificate Vulnerability

Dell personal computers using the preinstalled certificate authority CA root certificate eDellRoot contain a critical vulnerability. Exploitation of the vulnerability could allow a remote attacker to read encrypted web browser traffic HTTPS, impersonate spoof any website, or perform other attacks...

iBackDoor: the suspected back door, the impact of the iOS app a high risk of code-bug warning-the black bar safety net

! Recently, FireEye Mobile Security researchers discovered embedded into the iOS app in the suspected“back door”behavior mobiSage advertising in the library, and these applications are from the App Store. The researchers will be the potential of the back door called iBackDoor, allowing hackers...

ICMP IP Tunnel: ICMPTunnel

icmptunnel works by encapsulating your IP traffic in ICMP echo packets and sending them to your own proxy server. The proxy server decapsulates the packet and forwards the IP traffic. The incoming IP packets which are destined for the client are again encapsulated in ICMP reply packets and sent...

IBM OpenAFS Information Disclosure Vulnerability (CNVD-2015-07372)

IBM OpenAFS is a distributed file system that allows sharing of archives and resources between systems over LANs and WANs. An information disclosure vulnerability exists in IBM OpenAFS, which allows a remote attacker to perform a replay attack on the original recipient and view the ACK response...

IBM OpenAFS Information Disclosure Vulnerability (CNVD-2015-07373)

IBM OpenAFS is a distributed file system that allows sharing of archives and resources between systems over LANs and WANs. An information disclosure vulnerability exists in IBM OpenAFS, which allows a remote attacker to obtain the plaintext portion of an encrypted packet by performing a replay...

iBackDoor: High-Risk Code Hits iOS Apps

Introduction FireEye mobile researchers recently discovered potentially “backdoored” versions of an ad library embedded in thousands of iOS apps originally published in the Apple App Store. The affected versions of this library embedded functionality in iOS apps that used the library to display...

Tor Releases Anonymous Instant Messenger. Here's How to Use It

The Tor Project has officially launched the first beta version of Tor Messenger, an open source and Encrypted instant messaging client that works on top of the Tor network. Tor Messenger is designed by keeping both simplicity and privacy in mind. The team claimed that their app encrypts the conte...

Apple iTunes < 12.3 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes running on the remote host is prior to 12.3. It is, therefore, affected by multiple vulnerabilities in the WebKit, CoreText, and ICU components, and in the bundled version of the Microsoft Visual Studio C++ Redistributable Package. An attacker can exploit these...

CSRF vulnerabilities in Callisto 821+R3 ADSL Router

Hello 3APA3A! After all my advisories about vulnerabilities in Callisto 821+ http://seclists.org/fulldisclosure/2011/Aug/1 and recent advisory about Callisto 821+R3, here is new one. Because vendor ignored in 2011 all my letters and subsequent my public disclosure of vulnerabilities and new devic...

[USN-2769-1] Apache Commons HttpClient

========================================================================== Ubuntu Security Notice USN-2769-1 October 14, 2015 commons-httpclient vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

MobSF (Mobile Security Framework) - Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework MobSF is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We've been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test...