537 matches found
FTC Discusses Regulating User-Generated Health Information
The proliferation of wearable devices coupled with smartphone apps that monitor heart rates and other health metrics raises an important question: How exactly should the information generated by these devices be regulated? If there’s a fist fight in a bar can a person’s Fitbit accelerator be...
Snoopy Drone Can Hack Your Smartphones
The use of unmanned aerial vehicles UAVS called Drones is rapidly transforming the way we go to war. Drones were once used for land surveillance, Delivering Pizza's, then equipped with bombs that changed the way nations conduct war and now these hovering drones are ready to hack your Smartphones...
Security advisory, LedgerSMB 1.3.0-1.3.36
Security Advisory: LedgerSMB 1.3.36, Improper Logout on Some Browsers Severity: Low cvssv2 base score: 3.6, total 0.5 Remotely Exploitable: No Complexity of Attack: High Impact: Relatively low. Prerequisite for Attack: Physical Access to Previously Logged In Browser, so high complexity in most...
MGASA-2014-0036 Updated Firefox & Thunderbird packages fix multiple security vulnerabilities
Updated firefox and thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox or Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user...
Oversight Board Calls NSA Metadata Collection Illegal
Another independent review board investigating the National Security Agency’s collection of phone records metadata has come down hard on the program, calling it illegal, recommending the government end the program, and questioning its effectiveness in ferreting out terrorists. The Privacy and Civ...
Some Versions of Ruby on Rails Could Expose Cookies
Versions 2.0 to 4.0 of the popular open source Web framework Ruby on Rails are vulnerable to a Web security issue involving cookies that could make it much easier for someone to log in to an app as another user. According to security researcher G.S. McNamara, Ruby on Rails’ defacto session storin...
Experts Worry About Long-Term Implications of NSA Revelations
With all of the disturbing revelations that have come to light in the last few weeks regarding the NSA’s collection methods and its efforts to weaken cryptographic protocols and security products, experts say that perhaps the most worrisome result of all of this is that no one knows who or what...
Having fun with
Did you know that this works in every browser? Look, here's one: An image You might think it's leaking from SVG, but SVG images don't use src, they use xlink:href. Let's all take a moment to laugh at xlink. Done? Ok… In the first age of the web, some people accidentally typed instead of . Browser...
[Topera] The IPv6 port scanner invisible to Snort (IDS)
Topera is a brand new TCP port scanner under IPv6 , with the particularity that these scans are not detected by Snort. Snort is the most known IDS/IPS and is widely used in many different critical environments. Some commercial tools Juniper or Checkpoint ones use it as detection engine also...
Google to Pay $7M Settlement Over Street View Data Collection
Google has agreed to pay a $7 million settlement to several dozen U.S. states as part of an agreement of charges that the company was collecting private user data from WiFi hotspots while its Street View cars were driving around taking photos in various locations. The controversy over Google’s...
SuSE Update for update openSUSE-SU-2012:1620-1 (update)
Check for the Version of update OpenVAS Vulnerability Test $Id: gbsuse201216201.nasl 8456 2018-01-18 06:58:40Z teissa $ SuSE Update for update openSUSE-SU-2012:1620-1 update Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program ...
Hackers abusing online Nmap Port Scanning service
Most of you knows the power of Nmap, When used properly, Nmap helps protect your network from invaders. One of the best tool for hackers, penetration testers and Security researchers. Officially Nmap a desktop tool, can be used as web version but should be under some limitations. When someone doe...
Microsoft Internet Explorer Mouse Tracking
Summary: Unprivileged attackers can track your system-wide mouse movements from any IE page, even when the page is unfocused or minimised. Package: Microsoft Internet Explorer Affected: Tested on versions 610 Introduction ----------------- A security vulnerability in Internet Explorer, versions...
Scientific Linux Security Update : rpm on SL4.x i386/x86_64
It was discovered that RPM did not remove setuid and setgid bits set on binaries when upgrading or removing packages. A local attacker able to create hard links to binaries could use this flaw to keep those binaries on the system, at a specific version level and with the setuid or setgid bit set,...
Fedora 16 : boost-1.47.0-7.fc16 (2012-9029)
This update fixes a bug in Boost.Pool, which could under certain circumstances overflow allocated chunk size. This could have security implications for applications that use Boost pool without sanitizing pool parameters. - Add a sub-package boost-math with math-related bits from Boost.TR1. This...
Fedora 17 : boost-1.48.0-13.fc17 (2012-9818)
This update fixes a bug in Boost.Pool, which could under certain circumstances overflow allocated chunk size. This could have security implications for applications that use Boost pool without sanitizing pool parameters. - Boost.Locale library now contains backend code, which was left out before...
Common Firewall Feature Enables TCP Hijacking Attacks
Attackers using a feature that is common to many firewalls, switches and other networking gear could silently hijack Web sessions on mobile and desktop devices, according to a research paper presented by two Ph.D students from the University of Michigan. The two discovered that so-called TCP...
Hacktivism - The Hacker News Magazine - May 2012 Issue
Welcome cyber space readers and internet junkies from around the world. May brings us into an in-depth look at our favorite topic: Hacktivism Our fearless leader, Mohit Kumar, founder of The Hacker News opens the discussion with a look at the meaning of Hackitivism and what it means for society...
Critics Continue Pushing for Bigger Probe into Google Street View Practices
Privacy advocates continue urging for a wider federal investigation into Google Street View practices following Google’s $25,000 fine for stonewalling federal officials during an earlier probe of Wi-Fi snooping allegations. The Federal Communications Commission late last week gave the Internet...
Generation Y Won't Listen To IT
The latest generation of desk-jockey’s admitted in a recent CISCO study that they frequently ignore and/or circumvent the information technology IT policies of their employers, heightening corporate risk. The CISCO Connected World Technology Report surveyed some 2,800 college students and young...