2013-05-20 - [slackware-security] kernel (SSA:2013-140-01)

2013-05-16 - [slackware-security] ruby (SSA:2013-136-02)

2013-05-16 - [slackware-security] mozilla-thunderbird x86_64 packages

2013-05-15 - [slackware-security] mozilla-thunderbird (SSA:2013-135-02)

2013-05-15 - [slackware-security] mozilla-firefox (SSA:2013-135-01)

Trojan.Zeroaccess!g45

Packed.Generic.414

Trojan.Zeroaccess!g44

Suspicious.Cloud.9

Trojan.Blackrev

Trojan.Shylock.B!gen6

Trojan.Shylock.B!gen5

Infostealer!gen3

Android.Roidsec

Trojan.Smackdown

Journalists accused of hacking after reporting data breach

The company, which leaked the data, accuses journalists of illegal access to information and the violation of Computer Fraud and Abuse Act.

Kim Dotcom claims he invented two-factor authentication

Researcher filed patent back in 1998.

Reckz0r claims hacking CNN website

Attacker managed to publish four fake articles.

HD Moore: Embedded systems vendors are careless

While systems administrators are doing their best to protect systems, they can not deal with threats contained in routers, modems, handsets, etc.

The number of Russian sites with child pornography declined by half

The greatest number of resources with child pornography is now registered in the Netherlands and the United States.

Guantanamo jail disconnected

The American military has turned off its Wi-Fi service following threats by Anonymous.

Developers hacked Google Glass

At the company’s I/O developer conference Google showed how to root the device.

Yahoo Japan suspects 22 million user IDs theft

Intrusion into Yahoo Japan systems occurred on May 16.

The Conpot honeypot helps catching hackers targeting SCADA-systems

Conpot detects cybercriminals scanning IP addresses for SCADA systems and then tracking their activities.

Symantec: Hackers attack European companies with Shadesrat Trojan

Cybercriminals begin attacks with a phone call to one of the victim’s employee.

Chinese university accused of cyberattacks on USA

U.S. intelligence agencies suspect the representatives of Wuhan University.

ZPanel website hacked after abusive message of one of the developers of the control panel

Use of unsafe method of encoding in ZPanel was repeatedly criticized.

The exploit for 0day-vulnerability in Linux 2.6.37 – 3.8.8

A patch for the vulnerability was released only for kernel version 3.8.9.

Vulnerability in Apache mod_rewrite

The flaw allows executing arbitrary command when viewing the log file by the server administrator.

Hacker gets 1 year of house arrest for PlayStation Network hack

23- year-old man destroyed all evidence and authorities couldn’t prove he was involved in the hack.

U.S. government – biggest buyer of malware

White House owns not only data centers that perform DoS-attacks against enemies’ systems, but also such software as Stuxnet.

Australian office of Google hacked

The hack was possible because of the vulnerability in the building's heating and cooling systems.

Critical vulnerability in NGINX fixed

Vulnerability allowed execution of arbitrary code on the target system.

Exploit for zero-day vulnerability in IE published in Metasploit

There is also an exploit for brute-force attack in Internet Explorer 10.

D-Link fixes vulnerabilities in several models of routers and IP cameras

Bug allowed unauthenticated users to gain access to video stream.

Cross-site Scripting Vulnerability in IBM Tivoli Monitoring Portal Browser Client

A cross-site scripting vulnerability was reported in IBM Tivoli Monitoring Portal Browser Client.

Cross-site Scripting Vulnerability in web2py

A cross-site scripting vulnerability was reported in web2py.

Cross-site Scripting Vulnerability in Automatic Operation

A cross-site scripting (XSS) vulnerability has been discovered in Automatic Operation.

Cross-site Scripting Vulnerability in jNews Component

A cross-site scripting vulnerability was reported in jNews Component.

Cross-site Scripting Vulnerability in WordPress Newsletter Plugin

A cross-site scripting vulnerability was found in WordPress Newsletter Plugin.

Buffer Overflow Vulnerability in Serva TFTPD Service

A remote code execution vulnerability was reported in Serva TFTPD Service.

Cross-site Scripting Vulnerability in Phocagallery Component

A cross-site scripting vulnerability was discovered in Phocagallery Component.

SQL Injection Vulnerability in WordPress Video Gallery Plugin

SQL inection vulnerability has been discovered in WordPress Video Gallery Plugin.

Cross-site Scripting Vulnerability in Brother MFC-9970CDW

A cross-site scripting vulnerability was reported in Brother MFC-9970CDW.

Cross-site Scripting Vulnerability in WordPress Securimage-WP Plugin

A cross-site scripting vulnerability was found in WordPress Securimage-WP Plugin.