The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015

Microsoft provides security services with information about existing flaws before the release of patches

Microsoft provides security services with information about existing flaws before the release of patches

On Saturday, June 15, Bloomberg†reported†that hundreds of IT-companies and financial institutions (“trusted partners”) are cooperating with U.S. intelligence agencies, providing them with confidential information on a voluntary basis.

Among the trusted partners Bloomberg also named Microsoft Inc., which provides special services with information about vulnerabilities in their popular products before the patch is released. This information can be used both to protect government computers and to perform attacks on terrorist groups and military opponents.

Company spokesman Frank Shaw reported that Microsoft is really cooperating with several agencies and provides them with data on vulnerabilities. That is done for the government to respond as quickly as possible, taking appropriate protective measures and mitigating the consequences.

As pointed by some sources, many U.S. telecommunication companies provide security services with information on voluntary basis, especially when there is appropriate court adjudication.

Michael Hayden, former director of the National Security Agency and the CIA, claimed: УIf I were the director and had a relationship with a company who was doing things that were not just directed by law but were also valuable to the defense of the Republic, I would go out of my way to thank them and give them a sense as to why this is necessary and useful.Ф

(c) Naked Security


Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015