The freshest blend of the latest infosec news headlines. Updated every 4 hours.

IT Security News
Regular Security News
Social Media
Tools
Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff
Security Blogs Bookmark + Share

Colour scheme


IT Security News

Y-Combinator

Regular Security News

Social Media

Reddit

Urbanadventurer’s Bookmarks

Tools

Security Tool Files ≈ Packet Storm

  • TOR Virtual Network Tunneling Tool 0.2.5.10 Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizatio. […]
  • Tor-ramdisk i686 UClibc-based Linux Distribution x86_64 20141022 Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced. […]
  • Tor-ramdisk i686 UClibc-based Linux Distribution x86 20141022 Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced. […]
  • OpenSSL 6.7p1 bl0wsshd00r67p1 Backdoor bl0wsshd00r backdoors OpenSSH 6.7p1 with a magic password for any user, sniffs and records traffic, and mitigates logging to lastlog/wtmp/utmp.
  • Packet Fence 4.5.0 PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration. […]
  • TOR Virtual Network Tunneling Tool 0.2.4.25 Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizatio. […]
  • AIEngine 0.10 AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  • WordPress Brute Forcer This is a python script that performs brute forcing against WordPress installs using a wordlist.
  • OpenSSL Toolkit 1.0.1j OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  • Lynis Auditing Tool 1.6.3 Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated audit. […]
  • Mobius Forensic Toolkit 0.5.21 Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
  • OpenSSH 6.7p1 This is a Linux/portable port of OpenBSD’s excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen’s SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
  • Mandos Encrypted File System Unattended Reboot Utility 1.6.9 The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encry. […]
  • oclHashcat For NVidia 1.31 oclHashcat is an advanced GPU hash cracking utility that includes the World’s fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
  • oclHashcat For AMD 1.31 oclHashcat is an advanced GPU hash cracking utility that includes the World’s fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.
  • Chatroom Client / Server With AES Encryption Support This is a chat system composed of a TCP/IP server daemon in C and its corresponding java client. You can chat with other peers in clear text or AES password based encryption on your own computer network. The AES password encryption and decryption functions is based on 128 bit key which is padded usi. […]

CNET Download.com Security Software New Releases

  • Avira Antivirus Pro 10/24/14 – Protect your computer against viruses, malware, adware, spyware, and phishing.
  • My Lockbox 10/24/14 – Protect your files and folders with My Lockbox application.
  • GlassWire 10/24/14 – Catch threats your antivirus missed.
  • My IP Hide 10/24/14 – Unblock all websites and hide your IP.
  • Cryptic Disk Free 10/24/14 – Encrypt physical and virtual disks on HDDs, USB drives, memory cards.
  • Combofix 10/24/14 – Scan for spyware and remove it from your computer.
  • AVG LinkScanner Free Edition 2015 10/23/14 – Get protected against poisoned Web pages.
  • AVG AntiVirus Free 2015 10/23/14 – Protect your computer from viruses and malicious programs.
  • AVG Internet Security 2015 10/23/14 – Protect your PC from all kinds of Internet threats.
  • AVG AntiVirus 2015 10/23/14 – Download and exchange files safely, enjoy games and Web surfing without interruptions.

Exploits

Exploit-DB updates

Exploit Files ≈ Packet Storm

Vulnerabilities

Security Videos & Podcasts

Other Stuff

wikileaks on Twitter

Files ≈ Packet Storm

  • TOR Virtual Network Tunneling Tool 0.2.5.10 Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizatio. […]
  • EMC Avamar Sensitive Information Disclosure EMC Avamar server contains a vulnerability that may allow remote Avamar client user to retrieve sensitive account credentials from affected Avamar server using Java API calls. No authentication to Avamar server is required for this potential attack. Exposed information includes MCUser and GSAN accou. […]
  • EMC Avamar Weak Password Storage EMC ADS/AVE Password hardening package uses the DES-based traditional Unix crypt scheme that may be susceptible to brute force and dictionary attacks if the hashes are obtained by an adversary. The hardening package is an optional package and installed separately. Affected includes EMC Avamar Data S. […]
  • EMC NetWorker Module For MEDITECH (NMMEDI) Information Disclosure A vulnerability exists in the EMC NetWorker Module for MEDITECH when used with EMC RecoverPoint that could potentially allow exposure of sensitive information. EMC NetWorker Module for MEDITECH (NMMEDI) version 3.0 builds 87-90 are affected.
  • Apple Security Advisory 2014-10-22-1 Apple Security Advisory 2014-10-22-1 – QuickTime 7.7.6 is now available and addresses memory corruption and buffer overflow vulnerabilities.
  • Mandriva Linux Security Advisory 2014-203 Mandriva Linux Security Advisory 2014-203 – OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade. Some client applications will reconnect using a downgraded protocol to work around interoperability bugs in older. […]
  • Mandriva Linux Security Advisory 2014-204 Mandriva Linux Security Advisory 2014-204 – A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excess. […]
  • Mandriva Linux Security Advisory 2014-202 Mandriva Linux Security Advisory 2014-202 – A heap corruption issue was reported in PHP’s exif_thumbnail() function. A specially-crafted JPEG image could cause the PHP interpreter to crash or, potentially, execute arbitrary code. The updated php packages have been upgraded to the 5.5.18 version reso. […]
  • Mandriva Linux Security Advisory 2014-209 Mandriva Linux Security Advisory 2014-209 – Multiple vulnerabilities has been discovered and corrected in java-1.7.0-openjdk. The updated packages provides a solution for these security issues.
  • Mandriva Linux Security Advisory 2014-208 Mandriva Linux Security Advisory 2014-208 – In phpMyAdmin before 4.2.10.1, with a crafted database or table name it is possible to trigger an XSS in SQL debug output when enabled and in server monitor page when viewing and analysing executed queries.
  • Mandriva Linux Security Advisory 2014-207 Mandriva Linux Security Advisory 2014-207 – A flaw was discovered in ejabberd that allows clients to connect with an unencrypted connection even if starttls_required is set.
  • Mandriva Linux Security Advisory 2014-206 Mandriva Linux Security Advisory 2014-206 – A denial of service issue was discovered in ctags 5.8. A remote attacker could cause excessive CPU usage and disk space consumption via a crafted JavaScript file by triggering an infinite loop.
  • Mandriva Linux Security Advisory 2014-205 Mandriva Linux Security Advisory 2014-205 – A heap-based overflow vulnerability was found in the way Lua handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution.
  • Slackware Security Advisory – glibc Updates Slackware Security Advisory – New glibc packages are available for Slackware 14.1 and -current to fix security issues.
  • Slackware Security Advisory – pidgin Updates Slackware Security Advisory – New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
  • Debian Security Advisory 3055-1 Debian Linux Security Advisory 3055-1 – Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol instant messaging client.

Security Blogs

IT Security News
Regular Security News
Social Media
Tools
Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff
Security Blogs
Colour scheme