Bala Krishna, Sergey Yakovlev Security Vulnerabilities

Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities (Update C)

OVERVIEW This updated advisory is a follow-up to the advisory update titled ICSA-16-208-01B Siemens SIMATIC WinCC, PCS 7, and WinCC Runtime Professional Vulnerabilities that was published October 4, 2016, on the NCCIC/ICS-CERT web site. Siemens has identified two vulnerabilities in SIMATIC WinCC,.....

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt64

3:11-alt64 built July 20, 2016 Sergey V Turchin in task #167192 July 20, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-4172, CVE-2016-4173, CVE-2016-4174, CVE-2016-4175, CVE-2016-4176, CVE-2016-4177, CVE-2016-4178, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182,...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt64

3:11-alt64 built July 20, 2016 Sergey V Turchin in task #167193 July 20, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-4172, CVE-2016-4173, CVE-2016-4174, CVE-2016-4175, CVE-2016-4176, CVE-2016-4177, CVE-2016-4178, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182,...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 52 to the stable channel for Windows, Mac and Linux. Chrome 52.0.2743.82 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new...

Snowden says It's a 'Dark Day for Russia' after Putin Signs Anti-Terror Law

Whistleblower and ex-NSA employee Edward Snowden has criticized a new anti-terror law introduced on Thursday by Russian President Vladimir Putin, referring it as "repressive" and noting that it is a "dark day for Russia." The new legislation signed by Putin would compel the country's telephone...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt63

3:11-alt63 built June 27, 2016 Sergey V Turchin in task #166414 June 27, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133,...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt63

3:11-alt63 built June 27, 2016 Sergey V Turchin in task #166413 June 27, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133,...

Stable Channel Update

The stable channel has been updated to 51.0.2704.103 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party...

HITB16 issues resolution: Java applications ORM injection the development of new methods-vulnerability warning-the black bar safety net

! “Hack In The Box”conference is in Europe in Amsterdam, organized by the global well-known Security Summit. This year's conference very interesting, one by a security researcher Mikhail Egorov and Sergey Soldatov presented the topic“Java application ORM injection the development of new...

Stable Channel Update

The stable channel has been updated to 51.0.2704.79 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 51 to the stable channel for Windows, Mac and Linux. Chrome 51.0.2704.63 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about...

Cfengine RSA Authentication Heap Corruption

Advisory ID: CORE-2004-0714 Bugtraq ID: 10899, 10900 CVE Name: None currently assigned. Title: Cfengine RSA Authentication Heap Corruption Class: Input validation error Boundary error condition (Buffer Overflow) Remotely Exploitable: Yes Locally Exploitable: Yes Vendors contacted: - Mark Burgess,.....

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt62

3:11-alt62 built May 13, 2016 Sergey V Turchin in task #164674 May 13, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103, CVE-2016-1104, CVE-2016-1105, CVE-2016-1106,...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt62

3:11-alt62 built May 13, 2016 Sergey V Turchin in task #164675 May 13, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103, CVE-2016-1104, CVE-2016-1105, CVE-2016-1106,...

Stable Channel Update

The stable channel has been updated to 50.0.2661.102 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party...

Stable Channel Update

The stable channel has been updated to 50.0.2661.94 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 50 to the stable channel for Windows, Mac and Linux. Chrome 50.0.2661.75 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt61

3:11-alt61 built April 8, 2016 Sergey V Turchin in task #162674 April 8, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013, CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017, CVE-2016-1018, CVE-2016-1019, CVE-2016-1020,...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt61

3:11-alt61 built April 8, 2016 Sergey V Turchin in task #162675 April 8, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013, CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017, CVE-2016-1018, CVE-2016-1019, CVE-2016-1020,...

The Panama Papers — Biggest leak in History Exposes Global Corruption

A huge trove of confidential documents from the Panamanian law firm Mossack Fonseca was made public on Sunday in what's known as One of the World’s Largest Data Leaks ever, called The Panama Papers. Over 11.5 Million Leaked Files including 2.6 Terabytes of Data Even larger than the NSA wires leak.....

Stable Channel Update

The stable channel has been updated to 49.0.2623.108 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt60

3:11-alt60 built March 11, 2016 Sergey V Turchin in task #161197 March 11, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991,...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt60

3:11-alt60 built March 11, 2016 Sergey V Turchin in task #161198 March 11, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988, CVE-2016-0989, CVE-2016-0990, CVE-2016-0991,...

Stable Channel Update

The stable channel has been updated to 49.0.2623.87 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 49 to the stable channel for Windows, Mac and Linux. Chrome 49.0.2623.75 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new...

Hollywood Hospital Pays $17K Ransom to Decrypt Files

After being knocked offline for nearly two weeks, officials at a California hospital that was hit with ransomware elected on Wednesday to pay attackers. The Hollywood Presbyterian Medical Center (HPMC) shut down computers on its network on Feb. 5, after attackers allegedly asked for 9,000 Bitcoin,....

Sergey Lozhkin on How He Hacked His Hospital

Threatpost editor Mike Mimoso talks with Sergey Lozhkin, senior researcher at Kaspersky Lab’s Global Research and Analysis Team about medical device security and how he was able to access some devices at his local hospital via...

Stable Channel Update

The stable channel has been updated to 48.0.2564.116 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party...

Disabled PadCrypt Ransomware Includes Live Chat, Uninstaller

Several flavors of ransomware, most notably Cryptowall, have come packaged with support features. But a new piece of crypto-ransomware called PadCrypt has upped the game with a live chat feature that victims can use to interact with the attackers about ransom payments and other information....

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt59

3:11-alt59 built Feb. 11, 2016 Sergey V Turchin in task #158593 Feb. 10, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974,...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt59

3:11-alt59 built Feb. 11, 2016 Sergey V Turchin in task #158592 Feb. 10, 2016 Sergey V Turchin - new version - security fixes: CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974,...

Medical Device, Health Care Security Continues to Ail

TENERFIE, Spain – Sergey Lozhkin knows malware. Medical devices? Admittedly, not so much. That, however, was not an impediment to the Kaspersky Lab researcher in cracking the digital walls of a Moscow hospital and finding a shocking array of open doors on the network and weaknesses in medical...

Stable Channel Update

The stable channel has been updated to 48.0.2564.109 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 48 to the stable channel for Windows, Mac and Linux. Chrome 48.0.2564.82 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new...

Security fix for the ALT Linux 7 package cyrus-imapd version 2.4.18-alt1.M70P.1

2.4.18-alt1.M70P.1 built Jan. 7, 2016 Sergey Y. Afonin in task #155557 Dec. 15, 2015 Sergey Y. Afonin - updated to git 20151026 of "cyrus-imapd-2.4" branch (CVE-2015-8077,...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt58

3:11-alt58 built Dec. 29, 2015 Sergey V Turchin in task #155487 Dec. 29, 2015 Sergey V Turchin - new version - security fixes: CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643,...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt58

3:11-alt58 built Dec. 29, 2015 Sergey V Turchin in task #155486 Dec. 29, 2015 Sergey V Turchin - new version - security fixes: CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643,...

Security fix for the ALT Linux 9 package cyrus-imapd version 2.5.7-alt1

Dec. 11, 2015 Sergey Y. Afonin 2.5.7-alt1 - 2.5.7 (CVE-2015-8077, CVE-2015-8078; Closes: #31611 ) - added tzdata to "Requires" (Closes:...

Security fix for the ALT Linux 8 package cyrus-imapd version 2.5.7-alt1

Dec. 11, 2015 Sergey Y. Afonin 2.5.7-alt1 - 2.5.7 (CVE-2015-8077, CVE-2015-8078; Closes: #31611 ) - added tzdata to "Requires" (Closes:...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt57

3:11-alt57 built Dec. 9, 2015 Sergey V Turchin in task #154716 Dec. 9, 2015 Sergey V Turchin - new version - security fixes: CVE-2015-8045, CVE-2015-8047, CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8418, CVE-2015-8454, CVE-2015-8455, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057,...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt57

3:11-alt57 built Dec. 9, 2015 Sergey V Turchin in task #154717 Dec. 9, 2015 Sergey V Turchin - new version - security fixes: CVE-2015-8045, CVE-2015-8047, CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8418, CVE-2015-8454, CVE-2015-8455, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057,...

Threat Outbreak Alert RuleID19688: Email Messages Distributing Malicious Software on November 29, 2015

Medium Alert ID: 42301 First Published: 2015 November 30 14:11 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID19688) may contain the following...

CVE-2015-8124: Session Fixation in the "Remember Me" Login Feature

Affected Versions Symfony 2.3.0 to 2.3.34, 2.6.0 - 2.6.11, 2.7.0 - 2.7.6 versions of the Security component are affected by this security issue. This issue has been fixed in Symfony 2.3.35, 2.6.12, and 2.7.7. Note that no fixes are provided for Symfony 2.4 and 2.5 as they are not maintained...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt56

3:11-alt56 built Nov. 11, 2015 Sergey V Turchin in task #153026 Nov. 11, 2015 Sergey V Turchin - new version - security fixes: CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7659, CVE-2015-7660, CVE-2015-7661,...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt56

3:11-alt56 built Nov. 11, 2015 Sergey V Turchin in task #153025 Nov. 11, 2015 Sergey V Turchin - new version - security fixes: CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7659, CVE-2015-7660, CVE-2015-7661,...

[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ======================================================================== Revive Adserver Security Advisory REVIVE-SA-2015-001 ========================================================================...

APPLE-SA-2015-10-21-1 iOS 9.1

APPLE-SA-2015-10-21-1 iOS 9.1 iOS 9.1 is now available and addresses the following: Accelerate Framework Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A...

APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007

APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 OS X El Capitan 10.11.1 and Security Update 2015-007 are now available and address the following: Accelerate Framework Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan 10.11 Impact: ...

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt55

3:11-alt55 built Oct. 19, 2015 Sergey V Turchin in task #151824 Oct. 19, 2015 Sergey V Turchin - new version - security fixes: CVE-2015-7645, CVE-2015-7647,...

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt55

3:11-alt55 built Oct. 19, 2015 Sergey V Turchin in task #151823 Oct. 19, 2015 Sergey V Turchin - new version - security fixes: CVE-2015-7645, CVE-2015-7647,...