New Android Banking Trojan targeting Korean users

A very profitable line for mobile malware developers is Android Banking Trojans, which infect phones and steal passwords and other data when victims log onto their online bank accounts. One recent trend is Android malware that attacks users in specific countries, such as European Countries, Brazi...

Apple Releases Security Update for Java on OS X

Apple has released a security update for Java on Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, and OS X Mountain Lion 10.8 or later to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code wi...

Security Updates Available for Adobe Reader and Acrobat

Adobe has released security updates for Adobe Reader and Acrobat XI 11.0.04 for Windows. These updates address a regression that occurred in version 11.0.04 affecting Javascript security controls. US-CERT recommends that users and administrators review Adobe Security Bulletin APSB13-25 and follow...

Apple Releases iOS 7

Apple has released iOS 7 for the iPhone 4 and later, iPod touch 5th generation and later, and iPad 2 and later to address multiple vulnerabilities. These vulnerabilities could allow remote attackers to execute arbitrary code, cause a cross-site scripting attack, bypass security restrictions, or...

Microsoft Releases Security Advisory for Internet Explorer

Microsoft has released Security Advisory 2887505 regarding a remote code execution vulnerability CVE-2013-3893 impacting Internet Explorer versions 6 through 11. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability in Internet Explorer 8 and Internet Explorer 9. The...

OpenEMR 4.1.1 Patch 14 - Multiple Vulnerabilities

OpenEMR is a Free and Open Source electronic health records and medical practice management application that can run on Windows, Linux, Mac OS X, and many other platforms. OpenEMR is ONC Complete Ambulatory EHR certified and is one of the most popular open source electronic medical records in use...

OpenEMR 4.1.1 Patch 14 - Multiple Vulnerabilities

OpenEMR 4.1.1 Patch 14 - Multiple Vulnerabilities Exploit Title: OpenEMR 4.1.1 Patch 14 Multiple Vulnerabilities Date: Sep 17 2013 Exploit Author: xistence Vendor Homepage: www.open-emr.org Tested on: CentOS 5.9 32-bit Affected Version : 4.1.1 Patch 14 and lower Fix: Upgrade to OpenEMR 4.1.2...

Microsoft Releases September 2013 Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server Software as part of the Microsoft Security Bulletin Summary for September 2013. These vulnerabilities could allow remote code execution, elevation of privilege...

Security Update Available for Adobe Shockwave Player

Adobe has released a security update for Adobe Shockwave Player 12.0.3.133 and earlier versions for Windows and Macintosh to address multiple vulnerabilities. These vulnerabilities, if exploited, could allow an attacker to run malicious code on an affected system. US-CERT recommends that users an...

Cisco Releases Security Advisory for Cisco WebEx Players

Cisco has released a security advisory to address multiple vulnerabilities in Cisco WebEx Recording Format WRF and Advanced Recording Format ARF Players. These vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial of service condition. US-CERT encourages users...

Google Releases Google Chrome 29.0.1547.57

Google has released Google Chrome 29.0.1547.57 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial of service condition, conduct a directory traversal attack, or obtain sensitive information. US-CERT...

Microsoft Releases Security Advisory

Microsoft has released Security Advisory 2862973 impacting applications and services using certificates with the MD5 hashing algorithm. Usage of the MD5 hash algorithm in certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. US-CERT...

[Samurai Web Testing Framework v2.1] Live linux environment that has been pre-configured to function as a web pen-testing environment

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool...

Google Releases Google Chrome 28.0.1500.95

Google has released Google Chrome 28.0.1500.95 for Chrome Frame, Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to bypass intended restrictions or cause a denial-of-service condition. US-CERT encourages users and administrators to...

Fedora Update for kbruch FEDORA-2013-13112

Check for the Version of kbruch OpenVAS Vulnerability Test Fedora Update for kbruch FEDORA-2013-13112 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Oracle Releases July 2013 Security Advisory

Oracle has released its Critical Patch Update for July 2013 to address 89 vulnerabilities across multiple products. This update contains the following security fixes: 6 for Oracle Database Server 21 for Oracle Fusion Middleware 1 for Oracle Hyperion 2 for Oracle Enterprise Manager Grid Control 7...

Adobe Releases Security Updates for Adobe Flash Player

Adobe has released security updates for Adobe Flash Player to address multiple vulnerabilities. These vulnerabilities could allow an attacker to execute arbitrary code or cause a denial-of-service condition. Security updates are available for the following versions: Adobe Flash Player 11.7.700.22...

Google Releases Google Chrome 28.0.1500.71

Google has released Google Chrome 28.0.1500.71 for Windows, Macintosh, and Chrome Frame platforms to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to execute arbitrary code, bypass intended restrictions, obtain sensitive information or cause a...

Security Hotfixes Available for Adobe ColdFusion

Adobe has released a security hotfix for ColdFusion 10 for Windows, Macintosh and Linux to address a vulnerability that could allow an attacker to cause an elevation of privilege condition. A security hotfix for Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 on JRun is available to address a vulnerabilit...

Security Update Available for Adobe Shockwave Player

Adobe has released a security update for Adobe Shockwave Player 12.0.2.122 and earlier versions on the Windows and Macintosh operating systems to address a vulnerability. This vulnerability could potentially allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CE...