2013-10-18 - [slackware-security] hplip (SSA:2013-291-01)

2013-10-18 - [slackware-security] libtiff (SSA:2013-290-01)

2013-10-14 - [slackware-security] xorg-server (SSA:2013-287-05)

2013-10-14 - [slackware-security] libgpg-error (SSA:2013-287-04)

2013-10-14 - [slackware-security] gnutls (SSA:2013-287-03)

Downloader.Busadom!g1

Infostealer.Posteal

Downloader.Busadom

Trojan.Ladocosm

SONAR.SuspDocRun

SONAR.SuspHelpRun

W32.Tempedreve.D!inf

SONAR.PUA!AlnadInsta

SONAR.Infostealer!g5

SONAR.Infostealer!g4

PayPal: The era of online passwords comes to an end

The company wants to use embedded fingerprint scanners on mobile phones to authenticate users.

US start unprecedented counter-attack on Chinese hackers

Such measures will be held as a response to attacks of Chinese hackers who are accused of stealing American industrial secrets.

Fake Chrome extension compromises Facebook profiles

Hackers use malware which allows them to gain full control over Facebook profiles.

KrebsOnSecurity: Bit9 Breach Started in July 2012

The custom-made malicious software was deployed last year in attacks against U.S. Defense contractors.

Hacker attacked the computers of Apple’s employees

The company said in a statement that sensitive information was not compromised.

More Than 6 000 Users Signed Microsoft’s “Scroogled” Petition

Analysts call Microsoft’s campaign a failure, if taking into account that only 0.002 percent of Google’s users signed the petition.

Rodpicom worm aims at infecting Skype and MSN Messenger users

The worm installs a backdoor on the user's system to download additional malware, sends spam, and connects to the C&C server to download its new versions.

YouTube will be blocked in Egypt for “Innocence of Muslims”

Google was not notified about the recent court ruling and didn't receive any orders.

Researchers warn about Whitehole Exploit Kit

New toolkit is notable for an ability to hide itself from antimalware detections.

MITRE: Three Possible Ways of New CVE Identification

New ways of identifying will give a possibility to register about 999 999 vulnerabilities per year.

Fortinet on “Crime-as-a-Service”

According to the company’s report, criminals are trying to create a definite structure in order to organize cybercrimes.

FBI busted cybercriminal ring responsible for $850 losses

Criminals infected the computers of Facebook users with the malware ‘Yahos’.

Iranian authorities have opened access to Gmail

Gmail is now available as users can no longer switch from Gmail to YouTube.

Operation b70: Microsoft has the right to take over domains

US District Court ruling allows Microsoft to take over domains related to the Nitol virus.

Insiders assisted the hackers to breach Saudi Aramco

The attack was carried out with the help of Shamoon - virus, which was distributed to the company’s intranet and deleted all the data from computers’ hard drives.

The Big Brother gathers IPs of BitTorrent users

The lists of BitTorrent users are usually updated once in three hours.

Antisec leak data on 12 million Apple clients

Hackers posted a file with 1 million Unique Device Identifiers.

Hackers repeatedly broke into Saudi Aramco

The second attack allowed the hackers to steal company’s confidential information.

Saudi Arabia's National Oil Company attacked with virus originated from external sources

In the official statement the company noted that roughly 30,000 workstations were affected via cyberattack.

Google: USA needs to ditch software patents

According to Google, software patents are not helpful to innovation.

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

Multiple Vulnerabilities in Linux kernel

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.