TextSecure Integrated into CyanogenMod SMS App for Android

With the depths of domestic government surveillance still not fully realized, secure communications capabilities are at a premium, especially for the privacy conscious. Already, we’ve seen some services such as Lavabit and Silent Circle’s Silent Mail shudder operations rather than hand over...

Design/Logic Flaw

The Push Notifications subsystem in Apple iOS before 7 provides the push-notification token to an app without user approval, which allows attackers to obtain sensitive information via an app that employs a crafted push-notification registration process...

CVE-2013-5149

The Push Notifications subsystem in Apple iOS before 7 provides the push-notification token to an app without user approval, which allows attackers to obtain sensitive information via an app that employs a crafted push-notification registration process...

CVE-2013-5149

The Push Notifications subsystem in Apple iOS before 7 provides the push-notification token to an app without user approval, which allows attackers to obtain sensitive information via an app that employs a crafted push-notification registration process...

CVE-2013-5149

The CVE-2013-5149 affect Apple iOS prior to 7.0, where the push-notification token could be disclosed to an app during registration without user consent. Root cause: token access was granted before user approval. Impact: potential information disclosure via apps. Mitigation: upgrade to iOS 7.0 or...

DEBIAN-CVE-2013-4162

The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service BUG and system crash via a crafted application that uses the UDPCORK option ...

Facebook Bug Bounty #8 - Multiple Vulnerabilities

Document Title: =============== Facebook Bug Bounty 8 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=993 Release Date: ============= 2013-07-06 Vulnerability Laboratory ID VL-ID: ==================================== 993 Common...

Facebook Bug Bounty #8 - Multiple Vulnerabilities

Document Title: =============== Facebook Bug Bounty 8 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=993 Release Date: ============= 2013-07-06 Vulnerability Laboratory ID VL-ID: ==================================== 993 Common...

CVE-2013-1696

Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses...

Design/Logic Flaw

Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses...

CVE-2013-1696

CVE-2013-1696 affects Mozilla Firefox prior to 22.0 where X-Frame-Options protection is not enforced when using server push with multipart responses, enabling clickjacking via crafted pages. The issue is tracked in MFSA 2013-58 and was addressed by Mozilla in Firefox 22.0 and later. OpenSUSE/NVD ...

CVE-2013-1696

Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses...

CVE-2013-1696

Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses...

X-Frame-Options ignored when using server push with multi-part responses — Mozilla

Bugzilla developer Frédéric Buclin reported that the X-Frame-Options header is ignored when server push is used in multi-part responses. This can lead to potential clickjacking on sites that use X-Frame-Options as a protection...

Linux/x86 - Egghunter (0x5090) Shellcode (38 bytes)

Linux/x86 - Egghunter 0x5090 Shellcode 38 bytes. Shellcode exploit for Linuxx86 platform / Title : egghunter shellcode : hunter 30 bytes, marker 8 bytes, shellcode 28 bytes Date : 28 May 2013 Author : Russell Willis Testd on: Linux/x86 SMP Debian 3.2.41-2 i686 Comments: Using sigaction system cal...

Pentagon Plans Massive Increase in Cybersecurity Teams

As the Senate pushes for legislation to improve information-sharing on threats and attacks and President Barack Obama prepares to issue an executive order on cybersecurity, the Department of Defense is looking for a massive increase in the number of trained cybersecurity personnel helping to defe...

Blackberry OBEX PUSH Crash (Bluetooth) PoC

Using specially crafted packets can cause a crash in bluetooth communication. In this PoC used Obex Push packets to cause the crash. More details in the video. Work through an RFCOMM connection !/usr/bin/python Blackberry Bluetooth Crash OBEX PUSH By Xianur0 email protected First you need to...

Fedora Update for gitolite3 FEDORA-2012-15731

Check for the Version of gitolite3 OpenVAS Vulnerability Test Fedora Update for gitolite3 FEDORA-2012-15731 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

#Antisec Hackers hack FBI laptop and leak 12 Million Apple Device Records

The hacker group AntiSec released a file of a million and one UDIDs unique device identifiers which it claims to have hacked it off an FBI computer via a Java vulnerability. UDIDs are unique IDs for iPhone, iPad and iPod Touch devices. They said they obtained the file in March by hacking into the...

Anonymous Leaks Apple UDIDs Following Alleged Hack of FBI

UPDATE–The Antisec arm of hacktivist group Anonymous published one million unique device identifier numbers, or UDIDs, for Apple devices, including iPhones and iPads, on Monday night. The group alleges the slew of information was swiped from a laptop belonging to the FBI earlier this year. In a...