2013-10-18 - [slackware-security] hplip (SSA:2013-291-01)

2013-10-18 - [slackware-security] libtiff (SSA:2013-290-01)

2013-10-14 - [slackware-security] xorg-server (SSA:2013-287-05)

2013-10-14 - [slackware-security] libgpg-error (SSA:2013-287-04)

2013-10-14 - [slackware-security] gnutls (SSA:2013-287-03)

Downloader.Busadom!g1

Infostealer.Posteal

Downloader.Busadom

Trojan.Ladocosm

SONAR.SuspDocRun

SONAR.SuspHelpRun

W32.Tempedreve.D!inf

SONAR.PUA!AlnadInsta

SONAR.Infostealer!g5

SONAR.Infostealer!g4

EA Origin contains dangerous vulnerability

Gaming platform contains vulnerability which allows remote code execution.

Trend Micro: Andromeda Botnet Returns

Traces of the botnet were found in spam-letters.

US-CERT: Backdoor Existing In HP LaserJet Printers

Vulnerability grants the user of the local network with possibility to hijack important data.

Oracle Launches an Emergency Fix for 0-day Java Vulnerabilities

Due to the frequent hackers’ attacks, the company for the second time violated the update release schedule.

0-day Vulnerabilities in Adobe Reader and Acrobat

Company management says that the fix is yet to come.

Zero day vulnerability in Microsoft IE exploited in the wild

New zero day vulnerability in Microsoft Internet Explorer spotted.

Criminals actively exploit Java zero-day

Criminals actively use Java zero day vulnerability in targeted attacks.

Large DNS hoster hit by DDoS attack

Zerigo restored its services with the help of Dallas and London ISPs.

A Windows zero-day might be exploited to conduct industrial espionage

Website of a European aeronautical supplier compromised users’ systems with CVE-2012-1889 vulnerability.

Flame uses Windows Update to propagate

Some modules of Flame spoof Windows Update queries and distribute the malware dropper.

PHP CGI vulnerability is being massively exploited

Hackers exploit the vulnerability to create a backdoor and prevent its further use.

Adobe patches a 0-day vulnerability

Vendor informs that vulnerability is being exploited in the course of an e-mail spam campaign.

A zero-day vulnerability in Adobe Reader is used in attacks against U.S. military contractors

Adobe warns that hackers are exploiting a vulnerability in the latest versions of Adobe Reader and Acrobat to get access to computers running Microsoft Windows.

Zero-day vulnerability in ISC BIND 9

Representatives of numerous organizations all over the Internet reported about crashes of BIND 9 DNS-servers performing recursive queries, which led to the denial of service.

Vulnerability in OpenID Implementation Allows Unauthorized Data Manipulation

Last Thursday the OpenID foundation announced a weakness in Attribute Exchange extension.

IncognitoRAT – A Cross-platform Malware in Java

McAffee spotted a new Java-based botnet. This particular malware can execute on Windows and Mac using Java inside Java Virtual Machine.

Skype Vulnerable to Remote Code Execution on Mac OS X Machines

Skype has silently issued an updated version of their client on April 14, which fixed a remote code execution vulnerability.

New Malware Laden's Death.doc Sent via E-mail

An e-mail containing a malicious Laden's Death.doc file attachment was personally sent to many recipients.

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

Multiple Vulnerabilities in Linux kernel

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.