The freshest blend of the latest infosec news headlines. Updated every 4 hours.

IT Security News
Regular Security News
Social Media
Tools
Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff
Security Blogs Bookmark + Share

Colour scheme


IT Security News

Y-Combinator

Regular Security News

Social Media

Reddit

Urbanadventurer’s Bookmarks

Tools

Security Tool Files ≈ Packet Storm

  • DAVOSET 1.2.1 DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
  • FireHOL 2.0.0 FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provi. […]
  • TOR Virtual Network Tunneling Tool 0.2.5.10 Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizatio. […]
  • Tor-ramdisk i686 UClibc-based Linux Distribution x86_64 20141022 Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced. […]
  • Tor-ramdisk i686 UClibc-based Linux Distribution x86 20141022 Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced. […]
  • OpenSSL 6.7p1 bl0wsshd00r67p1 Backdoor bl0wsshd00r backdoors OpenSSH 6.7p1 with a magic password for any user, sniffs and records traffic, and mitigates logging to lastlog/wtmp/utmp.
  • Packet Fence 4.5.0 PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration. […]
  • TOR Virtual Network Tunneling Tool 0.2.4.25 Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizatio. […]
  • AIEngine 0.10 AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  • WordPress Brute Forcer This is a python script that performs brute forcing against WordPress installs using a wordlist.
  • OpenSSL Toolkit 1.0.1j OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  • Lynis Auditing Tool 1.6.3 Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated audit. […]
  • Mobius Forensic Toolkit 0.5.21 Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
  • OpenSSH 6.7p1 This is a Linux/portable port of OpenBSD’s excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen’s SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
  • Mandos Encrypted File System Unattended Reboot Utility 1.6.9 The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encry. […]
  • oclHashcat For NVidia 1.31 oclHashcat is an advanced GPU hash cracking utility that includes the World’s fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.

CNET Download.com Security Software New Releases

Exploits

Exploit-DB updates

Exploit Files ≈ Packet Storm

Vulnerabilities

Security Videos & Podcasts

Other Stuff

wikileaks on Twitter

Files ≈ Packet Storm

  • Xerox Multifunction Printers (MFP) "Patch" DLM Escalation This Metasploit module exploits a vulnerability found in Xerox Multifunction Printers (MFP). By supplying a modified Dynamic Loadable Module (DLM), it is possible to execute arbitrary commands under root privileges.
  • Scalix Web Access 11.4.6.12377 / 12.2.0.14697 XXE Injection / XSS Scalix Web Access versions 11.4.6.12377 and 12.2.0.14697 suffer from cross site scripting and XXE injection vulnerabilities.
  • McAfee EEFF / FRP Predictable Salt The software encryption tool McAfee Endpoint Encryption for Removable Media (EERM) which is part of the data protection software McAfee Endpoint Encryption for Files and Folders (EEFF) uses a static and thus predictable salt for generating password hashes using the password-based key derivation func. […]
  • HP Security Bulletin HPSBUX03162 SSRT101767 HP Security Bulletin HPSBUX03162 SSRT101767 – Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access, or a man-in-the-middle (MitM) attack. This is the SSLv3. […]
  • HP Security Bulletin HPSBPI03147 HP Security Bulletin HPSBPI03147 – A potential security vulnerability has been identified with certain HP Color LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to data or to create a Denial of Service (DoS). Revision 1 of this advisory.
  • HumHub Modules Mail 0.5.8 Cross Site Scripting HumHub Modules Mail version 0.5.8 suffers from a cross site scripting vulnerability.
  • Ubuntu Security Notice USN-2396-1 Ubuntu Security Notice 2396-1 – Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash). […]
  • Debian Security Advisory 3060-1 Debian Linux Security Advisory 3060-1 – Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service.
  • F5 Big-IP 11.3.0.39.0 XML External Entity Injection #2 F5 Big-IP version 11.3.0.39.0 suffers from an XML external entity injection vulnerability.
  • F5 Big-IP 11.3.0.39.0 XML External Entity Injection #1 F5 Big-IP version 11.3.0.39.0 suffers from an XML external entity injection vulnerability.
  • HP Security Bulletin HPSBUX03159 SSRT101785 2 HP Security Bulletin HPSBUX03159 SSRT101785 2 – A potential security vulnerability has been identified in the HP-UX kernel. This vulnerability could allow local users to create a Denial of Service. Revision 2 of this advisory.
  • Red Hat Security Advisory 2014-1767-01 Red Hat Security Advisory 2014-1767-01 – PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or,. […]
  • Red Hat Security Advisory 2014-1768-01 Red Hat Security Advisory 2014-1768-01 – PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or,. […]
  • Red Hat Security Advisory 2014-1766-01 Red Hat Security Advisory 2014-1766-01 – PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or,. […]
  • Red Hat Security Advisory 2014-1765-01 Red Hat Security Advisory 2014-1765-01 – PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or,. […]
  • Red Hat Security Advisory 2014-1764-01 Red Hat Security Advisory 2014-1764-01 – The wget package provides the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. A flaw was found in the way Wget handled symbolic links. A malicious FTP server could allow Wget running in the mirror mode to write an arbitrary file to a locat. […]

Security Blogs

IT Security News
Regular Security News
Social Media
Tools
Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff
Security Blogs
Colour scheme