The freshest blend of the latest infosec news headlines. Updated every 4 hours.

IT Security News
Regular Security News
Social Media
Tools
Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff
Security Blogs Bookmark + Share

Colour scheme


IT Security News

Y-Combinator

Regular Security News

Social Media

Reddit

Delicious/tag/security

Urbanadventurer’s Bookmarks

Tools

Security Tool Files ≈ Packet Storm

  • SILC (Secure Internet Live Conferencing) Client 1.1.11 SILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services in the Internet. It can be used to send any kind of messages, in addition to normal text messages. This includes multimedia messages like images, video, and audio stream. All messages in the SILC netwo. […]
  • Otori 0.3 This is a Metasploit-style module system specifically for XXE exploit code. This allows a common interface, including the ability to automate downloads of numerous files, or automatically walk the directory structure if the vulnerable system is based on Java.
  • pyClamd 0.3.10 pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
  • Packet Fence 4.3.0 PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration. […]
  • Lynis Auditing Tool 1.5.7 Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated audit. […]
  • GNU Privacy Guard 1.4.18 GnuPG (the GNU Privacy Guard or GPG) is GNU’s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such. […]
  • AIEngine 0.8 AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  • XSSYA Cross Site Scripting Scanner XSSYA is a python tool that attempts malicious payloads for bypassing web application firewalls.
  • SMTPTX 1.0 Beta SMTPTX is a very simple and basic tool used for sending simple email and to do some basic email testing from a pentester perspective. It is able to send messages without depending on knowing a specific MTA/SMTP server beforehand. It handles the MX record resolution itself and connects to the relevan. […]
  • IDGuard 0.60 IDGuard is a platform for preventing network-layer fingerprinting on the network.
  • r2dr2 UDP DrDoS Amplification Tool r2dr2 is a UDP amplification attack tool for committing DRDoS denial of service attacks.
  • Maligno 1.1 Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
  • privacyIDEA 1.0 privacyIDEA is a multi-factor authentication solution. It can manage any type of authentication device. All common OTP (one time password) devices are supported, including Google Authenticator, eToken Pass, OTP cards, and Yubikey. New devices can be added easily. Users can be retrieved from flat fil. […]
  • Clam AntiVirus Toolkit 0.98.4 Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are. […]
  • Otori 0.2 This is a Metasploit-style module system specifically for XXE exploit code. This allows a common interface, including the ability to automate downloads of numerous files, or automatically walk the directory structure if the vulnerable system is based on Java.
  • Lynis Auditing Tool 1.5.6 Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated audit. […]

CNET Download.com Security Software New Releases

  • Ascendo DataVault 07/24/14 – Store confidential information using AES encryption.
  • East-tec Eraser 2014 07/24/14 – Keep what you do on your computer to yourself and protect your privacy and files.
  • SaferVPN 07/24/14 – Unblock blocked sites, hide your IP to become anonymous online, and protect yourself from hackers.
  • Combofix 07/24/14 – Scan for spyware and remove it from your computer.
  • ZebNet Secure Text 07/24/14 – Encrypt any text using a password of your choice.
  • zebNet Checksum Calculator 07/24/14 – Generate hashes/checksums of a file.
  • Best Free Keylogger 07/23/14 – Monitor user activity on your PC.
  • Real Hide IP 07/23/14 – Hide your IP to protect your privacy on the Internet.
  • Trojan Killer 07/23/14 – REMOVE MALWARE WITH ONE CLICK!
  • File Cleaner 07/23/14 – Erase any Internet history and shred files permanently.

Exploits

Exploit-DB updates

Exploit Files ≈ Packet Storm

Vulnerabilities

Security Videos & Podcasts

Other Stuff

A feed could not be found at http://www.rssitfor.me/getrss?name=wikileaks

wikileaks on Twitter

Files ≈ Packet Storm

  • E2 2844 SQL Injection E2 version 2844 suffers from a remote SQL injection vulnerability.
  • LPAR2RRD 3.5 / 4.53 Command Injection Insufficient input sanitization on the parameters passed to the application web gui leads to arbitrary command injection on the LPAR2RRD application server. Versions 4.53 and below and 3.5 and below are affected.
  • HP Security Bulletin HPSBMU03073 HP Security Bulletin HPSBMU03073 – A potential security vulnerability has been identified with HP Network Vitalization. The vulnerability could be exploited remotely to allow execution of code and disclosure of information. Revision 1 of this advisory.
  • Debian Security Advisory 2984-1 Debian Linux Security Advisory 2984-1 – CESG discovered a root escalation flaw in the acpi-support package. An unprivileged user can inject the DBUS_SESSION_BUS_ADDRESS environment variable to run arbitrary commands as root user via the policy-funcs script.
  • Red Hat Security Advisory 2014-0921-01 Red Hat Security Advisory 2014-0921-01 – The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served. […]
  • Red Hat Security Advisory 2014-0920-01 Red Hat Security Advisory 2014-0920-01 – The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served. […]
  • Red Hat Security Advisory 2014-0922-01 Red Hat Security Advisory 2014-0922-01 – The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served. […]
  • Ubuntu Security Notice USN-2299-1 Ubuntu Security Notice 2299-1 – Marek Kroemeke discovered that the mod_proxy module incorrectly handled certain requests. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. Giancarlo Pellegrino and. […]
  • Ubuntu Security Notice USN-2298-1 Ubuntu Security Notice 2298-1 – A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed rend. […]
  • Red Hat Security Advisory 2014-0926-01 Red Hat Security Advisory 2014-0926-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel’s implementation of Reliable Datagram Sockets. A local, unprivileged user. […]
  • Red Hat Security Advisory 2014-0925-01 Red Hat Security Advisory 2014-0925-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel’s ptrace subsystem allowed a traced process’ instruction pointer to be set to a non-canonical memory address without forcing the non-sysre. […]
  • Red Hat Security Advisory 2014-0927-01 Red Hat Security Advisory 2014-0927-01 – KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Two integer overflow flaws were found in the QEMU block driver for QCOW version 1 dis. […]
  • Red Hat Security Advisory 2014-0923-01 Red Hat Security Advisory 2014-0923-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel’s ptrace subsystem allowed a traced process’ instruction pointer to be set to a non-canonical memory address without forcing the non-sysre. […]
  • Red Hat Security Advisory 2014-0924-01 Red Hat Security Advisory 2014-0924-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel’s ptrace subsystem allowed a traced process’ instruction pointer to be set to a non-canonical memory address without forcing the non-sysre. […]
  • Debian Security Advisory 2985-1 Debian Linux Security Advisory 2985-1 – Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.38.
  • Red Hat Security Advisory 2014-0919-01 Red Hat Security Advisory 2014-0919-01 – Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, po. […]

Security Blogs

IT Security News
Regular Security News
Social Media
Tools
Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff
Security Blogs
Colour scheme