The freshest blend of the latest infosec news headlines. Updated every 4 hours.

IT Security News
Regular Security News
Social Media
Tools
Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff
Security Blogs Bookmark + Share

Colour scheme


IT Security News

CNET is Dead

Y-Combinator

Regular Security News

There are no items in this feed.

WIRED

Social Media

Reddit

Urbanadventurer’s Bookmarks

Tools

Security Tool Files ≈ Packet Storm

  • Tor-ramdisk i686 UClibc-based Linux Distribution x86 20150531 Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced. […]
  • Maligno 2.2 Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
  • Smart PCAP Replay 1.0 This is a tool to replay packet captures and simulate client/server models when doing analysis. Written in Python.
  • Packet Fence 5.1.0 PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration. […]
  • OATH Toolkit 2.6.0 OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
  • INURLBR Search Scanner 2.1.0 INURL is a php tool written to make searching across multiple engines easier when researching web site targets.
  • UFONet 0.5b UFONet is a tool designed to launch DDoS attacks against a target, using open redirection vectors on third party web applications.
  • AIEngine 1.2 AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  • TOR Virtual Network Tunneling Tool 0.2.6.8 Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizatio. […]
  • HostBox SSH 0.3 HostBox SSH is a python script will scan servers and routers for insecure SSH configurations.
  • FTP-Map 0.5 Ftpmap scans remote FTP servers to identify what software and what versions they are running. It uses program-specific fingerprints to discover the name of the software even when banners have been changed or removed, or when some features have been disabled. also FTP-Map can detect vulnerable server. […]
  • Wireshark Analyzer 1.12.5 Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
  • Netsniff-NG High Performance Sniffer 0.5.9 netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by ‘zero-copy’ mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless suppor. […]
  • Capstone 3.0.3 Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.
  • DAVOSET 1.2.4 DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
  • Faraday 1.0.10 Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the. […]

CNET Download.com Security Software New Releases

  • Remove PowerPoint Password to Modify 06/01/15 – Modify locked Microsoft PowerPoint 2007/2010/2013 presentations.
  • Shiela USB Shield 06/01/15 – Protect PC against viruses from infected removable drives.
  • VPN Gate Client Plug-in with SoftEther VPN Client 06/01/15 – Access the Internet via VPN Gate Public VPN Relay Servers by volunteers.
  • Spotflux 06/01/15 – Stay anonymous, change your IP address, and protect your computer from malware and trackers.
  • Stopzilla AntiVirus 06/01/15 – Provide the ultimate advanced protection against viruses, spyware and other malware.
  • K7 Total Security 06/01/15 – Protect home user systems against data theft and system invasion by complex malware.
  • AdwCleaner 06/01/15 – Search and remove unwanted adware and toolbars from your computer.
  • Junkware Removal Tool 06/01/15 – Remove unwanted toolbars and adwares on PC.
  • Combofix 06/01/15 – Scan for spyware and remove it from your computer.
  • IObit Malware Fighter 06/01/15 – Scan and remove the deepest malware that your antivirus/antispyware missed.

Exploits

Exploit Files ≈ Packet Storm

cURL error 7: couldn’t connect to host

1337day.com

Vulnerabilities

Security Videos & Podcasts

Other Stuff

wikileaks on Twitter

Files ≈ Packet Storm

  • Packet Storm New Exploits For May, 2015 This archive contains 169 exploits that were added to Packet Storm in May, 2015.
  • Tor-ramdisk i686 UClibc-based Linux Distribution x86 20150531 Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced. […]
  • Maligno 2.2 Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
  • D-Link Devices HNAP SOAPAction-Header Command Execution Different D-Link Routers are vulnerable to OS command injection in the HNAP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command. This Metasploit module has been tested on a DIR-645 device. The following devices are also reported as affe. […]
  • Red Hat Security Advisory 2015-1041-01 Red Hat Security Advisory 2015-1041-01 – Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use. […]
  • Ubuntu Security Notice USN-2624-1 Ubuntu Security Notice 2624-1 – As a security improvement, this update removes the export cipher suites from the default cipher list to prevent their use in possible downgrade attacks.
  • Ubuntu Security Notice USN-2623-1 Ubuntu Security Notice 2623-1 – It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain UDP packets. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service.
  • Debian Security Advisory 3276-1 Debian Linux Security Advisory 3276-1 – Jakub Zalas discovered that Symfony, a framework to create websites and web applications, was vulnerable to restriction bypass. It was affecting applications with ESI or SSI support enabled, that use the FragmentListener. A malicious user could call any contro. […]
  • Debian Security Advisory 3269-2 Debian Linux Security Advisory 3269-2 – The update for postgresql-9.1 in DSA-3269-1 introduced a regression which can causes PostgreSQL to refuse to restart after an unexpected shutdown or when restoring from a binary backup. Updated packages are now available to address this regression.
  • Debian Security Advisory 3275-1 Debian Linux Security Advisory 3275-1 – Ansgar Burchardt discovered that the Git plugin for FusionForge, a web-based project-management and collaboration software, does not sufficiently validate user provided input as parameter to the method to create secondary Git repositories. A remote attacker ca. […]
  • Gentoo Linux Security Advisory 201505-03 Gentoo Linux Security Advisory 201505-3 – Multiple vulnerabilities have been found in phpMyAdmin, the worst of which could lead to arbitrary code execution. Versions less than 4.2.13 are affected.
  • Gentoo Linux Security Advisory 201505-02 Gentoo Linux Security Advisory 201505-2 – Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.460 are affected.
  • SafeConfig 2015 Call For Papers SafeConfig 2015 has announced its Call For Papers. It will take place October 12, 2015 at the Denver Marriott City Center, Denver, Colorado, USA.
  • WordPress UserPro 2.33 Cross Site Scripting WordPress UserPro plugin version 2.33 suffers from a cross site scripting vulnerability.
  • IBM Security AppScan 9.0.2 Remote Code Execution IBM Security AppScan versions 9.0.2 and below suffer from an OLE automation array remote code execution vulnerability.
  • Yooz.ir Open Redirect Yooz.ir suffers from an open redirection vulnerability.

Security Blogs

IT Security News
Regular Security News
Social Media
Tools
Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff
Security Blogs
Colour scheme