2013-10-18 - [slackware-security] hplip (SSA:2013-291-01)

2013-10-18 - [slackware-security] libtiff (SSA:2013-290-01)

2013-10-14 - [slackware-security] xorg-server (SSA:2013-287-05)

2013-10-14 - [slackware-security] libgpg-error (SSA:2013-287-04)

2013-10-14 - [slackware-security] gnutls (SSA:2013-287-03)

Downloader.Busadom!g1

Infostealer.Posteal

Downloader.Busadom

Trojan.Ladocosm

SONAR.SuspDocRun

SONAR.SuspHelpRun

W32.Tempedreve.D!inf

SONAR.PUA!AlnadInsta

SONAR.Infostealer!g5

SONAR.Infostealer!g4

Saudi Arabia wants Skype, Viber and WhatsApp to comply with government rules

Authorities state that the apps will be banned if they fail to follow their recommendations.

New Trojan targets computers in the Middle East

BaneChant contains fileless malicious code and uses short URL or dynamic DNS-servers for users’ redirection.

Hundreds of Android apps for Google Play infected with malware

More than two hundred apps containing ‘XXX’ content are infected with malware that uses “one-click fraud” technology.

Anonymous stole 15 thousand passwords from North Korean site

Hackers oppose to North Korea government’s dictatorship.

Vulnerabilities in Apple iMessage allow performing DoS-attacks and blocking the device

The attacks appear to have originated with a Twitter account involved in selling UDIDs.

Backdoor uses Evernote as C&C server

Malware also uses the service as a drop-off point for hijacked data.

One of Anonymous arrested for attack on Koch Industries

Hacker is convicted of helping Anonymous to take down the Koch Industries’ website.

Experts: Any mobile phone user can be easily identified

Researchers need only four locations and times to identify a particular user.

Matthew Garrett: Samsung notebooks’ UEFI-firmware gets locked when memory is full

According to the security expert, in order to function normally, the variable store must be less than 50% full.

Windows Blue Build Leaked

The developers managed to grant users with higher level of personalization control.

Five critical vulnerabilities found in Android-smartphones

Samsung was notified about the problems in January 2013 but didn’t respond to the researcher’s messages.

NATO: Killing hackers is justified

Commissioners made a couple of suggestions on how to make cyberwars more peaceful.

Chameleon botnet steals $ 6.2 million from advertisers per month

The botnet has about 120,000 hosts, located in the United States.

Trend Micro: SCADA-systems are the main target of hackers

Experts analyzed attacks on ICS / SCADA-device by setting up honeypot.

Google will pay $ 7 million for illegal interception of data transmitted over Wi-Fi

The company is accused of American citizens’ privacy breach while using the Street View program.

Attacks on Microsoft and Facebook carried out using mobile app development sites

Nearly 40 companies were the victims of such attacks over the last few months, including car manufacturers, U.S. government agencies and a candy company.

“Reporters Without Borders” named main enemies of the Internet

International organization published a new report containing a list of countries that are the main threat to the freedom of the Web.

Chinese authorities use Skype to spy on users

Database of tracked keywords of the Chinese Skype version contains thousands of items and is continually enlarging.

61-year-old hacker convicted in corporate hacking case

The former president of transportation logistics firm Exel hacked into the servers of his former employer.

SCADA-sandbox allows testing the impact of cyberattacks on critical infrastructure

The new organization, which operates in Montreal, is capable of finding methods to block cyberthreats in real time.

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

Multiple Vulnerabilities in Linux kernel

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.