The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015

Large DNS hoster hit by DDoS attack

Large DNS hoster hit by DDoS attack

Zerigo, one of the largest cloud DNS-hosters has suffered from distributed denial of service attack. The first official alert was issued on July 23 via Twitter: “Our a, b and http://d.ns.zerigo.net nameservers are currently under high load due to a DDOS attack. We are working to solve it”.

During that day http://www.zerigostatus.com/ website was updated on the process of setting junk traffic filters. By 18:45 UTC half of Zerigo customers from USA were able to access internet domain names properly. But still, 50% of US users and users from Europe were cut off the cloud based DNS system. “Our #1 priority is getting our customers back online.” Ц said the company in its evening update.

Today at 03:19 UTC Zerigo announced that DNS services are working normally. The company thanks Dallas and London ISPs for the assistance in filtering junk traffic.

But that’s not all folks. Domain names are not critical to the existence of the Internet, because all URLs we type turn into IP addresses. But imagine what would happen if we were deprived of simple addresses like google.com or nvd.nist.gov? We would have to memorize dozens of bogus numbers like 74.125.232.192 (that’s in fact is Google’s IP address). For most users it would turn into a real Internet blackout. For those who don’t want to rely on key DNS-hosters Naked Security.com highly recommends to add the key domain names to the Windows’ hosts file and save themselves from abuse of government discretion or random whim of Anonymous hactivists.

(c) Naked Security


Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015