2013-10-18 - [slackware-security] hplip (SSA:2013-291-01)

2013-10-18 - [slackware-security] libtiff (SSA:2013-290-01)

2013-10-14 - [slackware-security] xorg-server (SSA:2013-287-05)

2013-10-14 - [slackware-security] libgpg-error (SSA:2013-287-04)

2013-10-14 - [slackware-security] gnutls (SSA:2013-287-03)

Downloader.Busadom!g1

Infostealer.Posteal

Downloader.Busadom

Trojan.Ladocosm

SONAR.SuspDocRun

SONAR.SuspHelpRun

W32.Tempedreve.D!inf

SONAR.PUA!AlnadInsta

SONAR.Infostealer!g5

SONAR.Infostealer!g4

Hackers stole Opera code signing certificate

Attackers distributed malware, signed by Opera Software.

American program PRISM is used by the government to track down the activities of internet users

U.S. governmental agencies deny all the information about uncontrolled acquisition of citizens’ personal data.

U.S. government monitors the phones calls of Verizon clients

NSA receives data about all calls, regardless of whether the subscriber is suspected of involvement in criminal or terrorist activities or not.

Experts claim Drupal.org was hacked

Users are advised to change passwords.

Hacker stole personal correspondence of the head of the U.S. National Intelligence Council

An attacker gained unauthorized access to the politician’s account at msn.com.

Yahoo Japan suspects 22 million user IDs theft

Intrusion into Yahoo Japan systems occurred on May 16.

The exploit for 0day-vulnerability in Linux 2.6.37 – 3.8.8

A patch for the vulnerability was released only for kernel version 3.8.9.

Australian office of Google hacked

The hack was possible because of the vulnerability in the building's heating and cooling systems.

Exploit for zero-day vulnerability in IE published in Metasploit

There is also an exploit for brute-force attack in Internet Explorer 10.

Vulnerability discovered in Exim and Dovecot configuration

To exploit the vulnerability hackers need to send an email with a specifically crafted sender address to a mail server.

Vulnerabilities in D-Link IP Cameras allow to capture video streams

Experts found five vulnerabilities in at least 14 company’s products.

10 million Dutch people couldn’t pay bills because of DDoS-attack

The blockage of the National payment system left millions of Dutch of online ID.

Malware spreads via Twitter

Attacks can be performed when introducing Javascript code into the victim’s Twitter account page.

Critical vulnerabilities found in Linksys, Belkin, Netgear, Verizon and D-Link routers

Independent Security Evaluators researchers partially disclosed details of discovered flaws.

Krebs: FSB arrested Phoenix Exploit Kit author

The young man was accused of spreading malware and illegal possession of firearms.

Wordpress blogs suffer a large scale brute force attack

Scammers carry up to 77 thousand attempts daily to log into the Wordpress admin panels.

Microsoft found a flaw in security bulletin MS13-036

Company deactivated bulletin KB 2823324 because of the bug.

Critical vulnerability in ISC BIND

The flaw was found in versions of BIND for Unix/Linux-based systems.

Russians created virus to steal banking credentials of Americans

Malware infected POS-terminals and ATMs of the largest U.S. banks.

A zero-day vulnerability in roundcube

An attacker can overwrite any configuration variable and disclose contents of arbitrary files.

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

Multiple Vulnerabilities in Linux kernel

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.