6.7AI Score
0.001EPSS
6.7AI Score
0.001EPSS
HTTPS Available as Opt-In for Blogspot
Google said on Wednesday it has made HTTPS available as an opt-in for its Blogspot publishing service. Google and other technology providers have been ramping up encryption rollouts in the two years since the publication of the Snowden documents began. To date, Google has encrypted Gmail, search,.....
-0.6AI Score
Scan of Internet for Compromised Cisco Routers Finds Fewer Than 100
A day after researchers detailed a technique that attackers are using to upload malicious firmware images to Cisco routers, academic researchers say they have scanned the entire IPv4 address space and discovered a total of 79 likely compromised routers. The researchers at the University of...
AI Score
Attackers Replacing Firmware on Cisco Routers
Cisco routers are built into the fabric of the Internet and enterprise networks, a fact that makes them highly attractive targets for attackers. Researchers at FireEye have come across attacks recently in which hackers have been modifying the firmware of Cisco routers and using that foothold to...
0.8AI Score
Six U.K. Teens Arrested for using Lizard Squad's DDoS Tool
Six British teenagers arrested and released on bail on suspicion of launching cyber attacks on websites and services with the help of Lizard Squad DDoS attack tool, called Lizard Stresser. Lizard Squad is infamous for hacking and knocking down the largest online gaming networks – PlayStation...
6.8AI Score
British-born ISIS Hacker Killed in US Drone Strike in Syria
Remember Team Poison? The hackers group that was active in 2012, and was known for gaining access to the former Prime Minister Tony Blair's address book and then publishing information from it. The British hacker who actually obtained the Prime Minister's address book and was jailed for six...
6.6AI Score
Apple Pushing Developers Toward HTTPS Connections in Apps
Apple is encouraging developers who create apps for iOS to begin moving their apps to an HTTPS-only model as soon as possible in an effort to thwart eavesdropping on insecure, plaintext HTTP connections. The move is yet one more sign that major Internet and technology companies are becoming ever...
AI Score
Federal Agencies to Move to HTTPS-Only Connections
Following the lead of many major Web services, the White House on Monday announced that it would move all of the federal government’s public sites and services to HTTPS-only. Tony Scott, the federal CIO, has issued a memorandum to all federal agencies and departments instructing them to move all...
1.2AI Score
Threat Outbreak Alert RuleID15756: Email Messages Distributing Malicious Software on June 7, 2015
Medium Alert ID: 39237 First Published: 2015 June 8 17:05 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID15756) may contain the following...
0.5AI Score
The Triumphant Finale of CSI: Cyber
It’s been a couple of months since we left our heroes on CSI: Cyber, and boy, have they been busy. They have apparently solved many crimes using cyber-sleuthing, acquired some decidedly non-cyber firearms skills, and, in the case of our man Krumitz, taken up running. We wanted to check in and see.....
0.4AI Score
Threat Outbreak Alert RuleID15257: Email Messages Distributing Malicious Software on May 12, 2015
Medium Alert ID: 38810 First Published: 2015 May 13 13:09 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID15257) may contain the following...
0.3AI Score
CVE-2015-1855 Ruby OpenSSL Hostname Verification | Cloud Foundry
CVE-2015-1855 Ruby OpenSSL Hostname Verification Moderate Vendor N/A Versions Affected Ruby OpenSSL Hostname Verification Description Ruby’s OpenSSL extension suffers a vulnerability through overly permissive matching of hostnames, which can lead to similar bugs such as CVE-2014-1492. This...
5.9CVSS
6.4AI Score
0.028EPSS
Threat Outbreak Alert RuleID14475: Email Messages Distributing Malicious Software on April 3, 2015
Medium Alert ID: 38214 First Published: 2015 April 3 13:04 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID14475) may contain the following...
0.2AI Score
Unbreakable Enterprise kernel security and bugfix update
kernel-uek [3.8.13-68] - ttusb-dec: buffer overflow in ioctl (Dan Carpenter) [Orabug: 20673373] {CVE-2014-8884} - mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support (Kirill A. Shutemov) [Orabug: 20673279] {CVE-2014-8173} - netfilter: conntrack: disable generic tracking for...
-0.1AI Score
0.004EPSS
Google Blacklists Sites Peddling SoakSoak Malware
UPDATE Google blacklisted more than 10,000 different websites over the weekend that it spotted doling out SoakSoak malware, but experts claim the number of impacted sites may ultimately be ten times that figure. Up to 100,000 sites hosted on WordPress may be vulnerable to a campaign known as...
-0.8AI Score
[SECURITY] [DLA 91-1] tomcat6 security update
Package : tomcat6 Version : 6.0.41-2+squeeze5 CVE ID : CVE-2012-3439 CVE-2013-1571 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 Debian Bugs : 299635 608286 654136 659748 664072 665393 666256 668761 671373 677912 682955 687818...
8.1AI Score
EPSS
kernel security and bug fix update
[2.6.32-504.1.3] - Revert: [net] revert 'bridge: Set vlan_features to allow offloads on vlans' (Vlad Yasevich) [1144442 1121991] [2.6.32-504.1.2] - [x86] kvm: fix PIT timer race condition (mguzik) [1149592 1149593] {CVE-2014-3611} - [x86] kvm: vmx: handle invept and invvpid vm exits gracefull...
0.9AI Score
0.003EPSS
Multiple Android applications fail to properly validate SSL certificates
Overview Multiple Android applications fail to properly validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack. Description When communicating via HTTPS, an application should validate the SSL chain to be sure that the...
0.3AI Score
Threat Outbreak Alert RuleID11133: Email Messages Distributing Malicious Software on August 15, 2014
Medium Alert ID: 35306 First Published: 2014 August 15 19:35 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID11133) may contain the following...
0.6AI Score
CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall
Vulnerability title: Authentication Bypass in Barracuda Web Application Firewall CVE: CVE-2014-2595 Vendor: Barracuda Product: Web Application Firewall Affected version: Firmware v7.8.1.013 Fixed version: N/A Reported by: Nick Hayes Details: It is possible to re-use a link which includes a...
AI Score
0.169EPSS
Barracuda Web Application Firewall - Authentication Bypass
Barracuda Web Application Firewall - Authentication...
0.6AI Score
7.4AI Score
EPSS
0.8AI Score
0.169EPSS
0.3AI Score
0.919EPSS
VMware Server <= 2.0.1,ESXi Server <= 3.5 Directory Traversal Vulnerability
No description provided by...
7.1AI Score
0.959EPSS
7.1AI Score
7.1AI Score
Tony Cook Imager 0.4x JPEG and TGA Images Denial of Service Vulnerability
No description provided by...
7.1AI Score
Tony Greenwood WebWho+ 1.1 - Remote Command Execution Vulnerability
No description provided by...
7.1AI Score
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:0899-1)
MozillaFirefox was updated to 14.0.1 to fix various bugs and security issues. Following security issues were fixed: MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...
0.4AI Score
0.375EPSS
openSUSE Security Update : xulrunner (openSUSE-SU-2012:0924-1)
Mozilla XULRunner was updated to 14.0.1, fixing bugs and security issues : Following security issues were fixed: MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...
0.2AI Score
0.375EPSS
kernel security and bug fix update
kernel [2.6.18-371.4.1] - [char] ipmi: fix message handling during panics (Tony Camuso) [1049731 995293] - [net] igb: Use 32bit mask calculating the flow control watermarks (Stefan Assmann) [1041694 1036115] - [fs] NTLM auth and sign - Use appropriate server challenge (Sachin Prabhu) [1029865...
3.1AI Score
0.001EPSS
Threat Outbreak Alert: Fake Product Purchase Order Email Messages on January 8, 2014
Medium Alert ID: 31225 First Published: 2013 October 11 20:37 GMT Last Updated: 2014 January 9 16:18 GMT Version: 49 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a purchase order notification for the recipient. The text in the...
-0.3AI Score
kernel [2.6.18-371] - [net] be2net: enable polling prior enabling interrupts globally (Ivan Vecera) [987539] [2.6.18-370] - [net] be2net: Fix to avoid hardware workaround when not needed (Ivan Vecera) [995961] - [kernel] signals: stop info leak via tkill and tgkill syscalls (Oleg Nesterov)...
-0.4AI Score
0.741EPSS
SOL14712 - The BIG-IP APM access policy logout page may be vulnerable to XSS cookie tampering
Recommended action To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. To mitigate this vulnerability, you can modify the logout web page to null the specific code identified at issue. To do so, perform the...
-0.4AI Score
SOL14700 - BIG-IP APM clickjacking vulnerability
Note: This issue has been addressed in BIG-IP APM 11.3.0 and later through the use of the x-frame-options header in the Access Policy pages. Modifying a BIG-IP APM 11.3.0 or later system dB variable settings for apm.xframeoptions or apm.xframeoptions.allowfrom from their defaults may open the...
0.6AI Score
Oracle Linux 5 : nfs-utils-lib (ELSA-2007-0951)
From Red Hat Security Advisory 2007:0951 : An updated nfs-utils-lib package to correct two security flaws is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The nfs-utils-lib package contains...
0.5AI Score
0.967EPSS
kernel security and bug fix update
kernel [2.6.18-348.12.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for...
0.4AI Score
0.002EPSS
kernel security and bug fix update
kernel [2.6.18-348.12.1] - Revert: [fs] afs: export a couple of core functions for AFS write support (Lukas Czerner) [960014 692071] - Revert: [fs] ext4: drop ec_type from the ext4_ext_cache structure (Lukas Czerner) [960014 692071] - Revert: [fs] ext4: handle NULL p_ext in...
0.8AI Score
0.002EPSS
Threat Outbreak Alert: Fake Bank Payment Transfer Notification Email Messages on June 13, 2013
Low Alert ID: 29667 First Published: 2013 June 14 12:48 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a bank transfer notification for the recipient. The text in the email message attempts to convince the recipient...
0.8AI Score
Unbreakable Enterprise kernel Security update
[2.6.39-400.109.1] - while removing a non-empty directory, the kernel dumps a message: (rmdir,21743,1):ocfs2_unlink:953 ERROR: status = -39 (Xiaowei.Hu) [Orabug: 16790405] - stop mig handler when lockres in progress ,and return -EAGAIN (Xiaowei.Hu) [Orabug: 16876446] [2.6.39-400.108.1] -...
-0.2AI Score
0.003EPSS
kernel [2.6.18-348.6.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for...
-0.6AI Score
0.001EPSS
kernel security and bug fix update
kernel [2.6.18-348.6.1] - [char] ipmi: use a tasklet for handling received messages (Tony Camuso) [953435 947732] - [char] ipmi: do run_to_completion properly in deliver_recv_msg (Tony Camuso) [953435 947732] - [fs] nfs4: fix locking around cl_state_owners list (Dave Wysochanski) [954296 948317] -....
0.3AI Score
0.001EPSS
WordPress Plugin IndiaNIC FAQs Manager 1.0 - Blind SQL Injection
WordPress Plugin IndiaNIC FAQs Manager 1.0 - Blind SQL...
0.7AI Score
7.4AI Score
kernel security and bug fix update
[2.6.32-358.2.1] - [kernel] utrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL (Oleg Nesterov) [912073 912074] {CVE-2013-0871} [2.6.32-358.1.1] - [netdrv] mlx4: Set number of msix vectors under SRIOV mode to firmware defaults (Michal Schmidt) [911663 904726] - [netdrv] mlx4: Fix....
-0.1AI Score
0.002EPSS
Oracle Linux 6 kernel security and bugfix update
[2.6.32-358.el6] - [fs] Fix sget() race with failing mount (Eric Sandeen) [883276] [2.6.32-357.el6] - [virt] xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests (Andrew Jones) [896050] {CVE-2013-0190} - [block] sg_io: use different default filters for each device class...
-0.4AI Score
0.001EPSS
SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 6574)
Mozilla Firefox has been updated to the 10.0.6ESR security release fixing various bugs and several security issues, some critical. The following security issues have been fixed : Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and ...
0.1AI Score
0.375EPSS
0.2AI Score