Navy's Cyberwar Expert - New Director of NSA, replacing Gen. Keith Alexander

It is very clear that when we talk about Intelligence and Surveillance, the first name comes to our mind is the U.S National Security Agency NSA and, the second is Gen. Keith Alexander, the Director of NSA..GEEK behind the massive surveillance Programs. Many documents revealed by the former NSA’s...

28% of Internet Users know the Importance of Online Privacy Tools

Privacy is “workings of your mind”. We share our personal moments captured in images, credit card details, thoughts that are personal or professional with a person or a certain group at different instances of time and want it to be safe and secure. We use an electronic gadget to share something...

Academics Call for End to Mass Surveillance

A group of hundreds of academics from countries around the world have started a petition that demands Western governments, such as those in the United States and UK, stop the mass surveillance programs they have in place and “effectively protect everyone’s fundamental rights and freedoms”. The...

[Malware Classifier] Malware Analysis Tool

Adobe Malware Classifier is a command-line tool that lets antivirus analysts, IT administrators, and security researchers quickly and easily determine if a binary file contains malware, so they can develop malware detection signatures faster, reducing the time in which users' systems are...

openjpa: Remote arbitrary code execution by creating a serialized object and leveraging improperly secured server programs

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...

NSA Must Reform Practices, Organization

A presidentially appointed, five member panel issued a more than 300-page report yesterday calling for nearly 50 recommendations for changes in the way that the National Security Agency conducts its increasingly public and controversial sweeping surveillance programs. The entire report hinges on...

Don't Install Crap ! Bitcoin Mining malware bundled with Potentially Unwanted Programs

The increasing public attention of Bitcoin did not go unnoticed by Cyber Criminals who have begun unleashing Bitcoin Mining malware. Security researchers at Malwarebytes warned about a new malware threat, in which Bitcoin Miners are bundled with third party potentially unwanted programs PUPs that...

Going Back to the Future in the Name of Better Security

NEW YORK–If Bill Cheswick had his way, the future of computing and computer security would look a lot like the distant past, with trusted platforms, small programs, applications that can’t affect the operating system and resistance to user mistakes. Cheswick, a former Bell Labs computer scientist...

[SECURITY] Fedora 20 Update: community-mysql-5.5.34-1.fc20

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

'The Hacker News' Celebrating 3rd Anniversary

The World's First Dedicated Hacking and Cyber Security News platform - 'The Hacker News' is celebrating its 3rd Anniversary today. When we began our journey 5 years back as a Small Local Community of few Hackers and Researchers, we had the dream of providing the Hacking Community with World's fir...

CVE-2013-6127

The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the...

Directory traversal

The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the...

CVE-2013-6127

The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the...

CVE-2013-6128

The KCHARTXYLib.KChartXY ActiveX control in KChartXY.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict SaveToFile method calls, which allows remote attackers to create or overwrite arbitrary files, and subsequently execute arbitrary programs, via the singl...

[SterJo Startup Patrol v.1.3] Disable software that delayed the boot time

Often may happen your PC to run a little slower than usual. Don't worry, it is nothing serious. You’ve probably installed some software that delayed the boot time. SterJo Startup Patrol allows you to view those files and disable them. This way you can optimize the Windows startup time but be...

An update on the bounty programs

Back in June of this year, we announced three new bounty programs that will pay researchers for techniques that bypass built-in OS mitigations and protections, for defenses that stop those bypasses and for vulnerabilities in Internet Explorer 11 Preview. This past Friday, we provided some...

Updated openjpa packages fix CVE-2013-1768

Updated openjpa packages fix security vulnerability: The BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to...

A Decade of Microsoft Patch Tuesday Security Updates

On Oct. 9, 2003, Microsoft announced its new security patching process that would end up being a catalyst for significant change in the information security community. Ten years ago, the program was announced with a press release that promised “Improved patch management processes, policies and...

Amazon Linux AMI : puppet (ALAS-2013-219)

Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resourcetype service. NOTE: this vulnerability can only be exploited...

NSA Chief, General Alexander defends US surveillance programs as a Noble Mission

On Wednesday, Chief of National Security Agency NSA, General Keith Alexander defended US surveillance programs as part of a Noble Mission to protect the nation. He said that the collection of bulk phone records by U.S. Intelligence agencies are essential to preventing terrorist attacks. He...