FISA Court renews NSA surveillance programs exposed by Snowden

The secret Foreign Intelligence Surveillance Court FISA gave the green light to the Obama administration by renewing the government's authority Friday to continue the collection of millions of Americans' telephone records. The order by the Foreign Intelligence Surveillance Court has been in place...

Edward Snowden made public appearance at Moscow's Sheremetyevo Airport

Whistleblower Edward Snowden made a public appearance yesterday at a Moscow airport, beside a staff member of the Wikileaks organization, met with representatives of a half-dozen or so human rights groups. Snowden has not been seen in public and was stuck in the transit area of Moscow's...

Edward Snowden made public appearance at Moscow's Sheremetyevo Airport

Whistleblower Edward Snowden made a public appearance yesterday at a Moscow airport, beside a staff member of the Wikileaks organization, met with representatives of a half-dozen or so human rights groups. Snowden has not been seen in public and was stuck in the transit area of Moscow’s...

Oracle Linux 4 : gdb (ELSA-2007-0229)

From Red Hat Security Advisory 2007:0229 : An updated gdb package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C, C++, a...

Oracle Linux 5 : acpid (ELSA-2009-1642)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2009-1642 advisory. 1.0.4-9.el54.1 - Resolves: 515062 CVE-2009-4033 acpid: log file created with random permissions Tenable has extracted the preceding description block directly...

CVE-2013-1768

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...

Deserialization of untrusted data

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...

CVE-2013-1768

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...

Google, Microsoft Seek Help in Lifting FISA Gag Order

Google and Microsoft have locked arms with a number of civil liberties advocates in filing a brief with the secret Foreign Intelligence Surveillance Court hoping to lift a gag order preventing the two tech giants from releasing information on their role in the NSA’s surveillance activities. To...

Bug Bounty Programs Pay Economic Rewards

Bug bounty programs can be as much as 100 times more cost-effective for finding security vulnerabilities than hiring full-time security researchers to do the same thing. New research from the University of California at Berkeley, which focused on bug bounty programs run by Google and Mozilla, fou...

Filling A Gap In the Vulnerability Market – First Bounty Notification

When Microsoft decided to offer not one but three new bounties, paying outside researchers directly for security research on some of our latest products, we put a lot of thought into developing those bounty programs. We developed a customized set of programs designed to create a win-win between t...

New Bounty Programs – One Week In

Two weeks ago, Microsoft made an important evolutionary step in our work with the security community when we announced our first-ever bounty programs for security issues. One week ago, the Windows 8.1 Preview and Internet Explorer 11 Preview became available for download, and the doors officially...

DNI Clapper Says Statement to Congress About NSA Data Collection Was 'Erroneous'

In a highly unusual move, James Clapper, the director of national intelligence, said Tuesday that he misspoke when he told a Congressional committee in March that the National Security Agency does not assemble dossiers on Americans. Clapper said at the time that the agency does not do so...

[SECURITY] Fedora 18 Update: nagios-3.5.0-5.fc18

Nagios is a program that will monitor hosts and services on your network. It has the ability to send email or page alerts when a problem arises and when a problem is resolved. Nagios is written in C and is designed to run under Linux and some other NIX variants as a background process,...

Heart of Blue Gold – Announcing New Bounty Programs

Our Philosophy At the heart of our community outreach programs, we’ve always had the same philosophy: help increase the win-win between Microsoft’s customers and the security research community. We have evolved and deepened our relationships with this community since the earliest days of...

New Bounty Program Details

Today we announced the upcoming Mitigation Bypass Bounty, the BlueHat Bonus for Defense, and the Internet Explorer 11 Preview Bug Bounty program. It’s very exciting to finally take the wraps off of these initiatives and we are anticipating some great submissions from the security research...

Announcing the Microsoft Bounty Programs

Over the years, weve put a lot of work into helping secure the computing ecosystem and limiting the number of issues in our products. The security researcher community is critical to these efforts, as they help us find vulnerabilities in our software that we may have missed. Now were taking it ev...

Fedora Update for ktimer FEDORA-2013-10182

Check for the Version of ktimer OpenVAS Vulnerability Test Fedora Update for ktimer FEDORA-2013-10182 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

[SECURITY] Fedora 17 Update: ktimer-4.10.4-1.fc17

KTimer is a little tool to execute programs after some time...

[SECURITY] Fedora 19 Update: community-mysql-5.5.31-7.fc19

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...