The finest blend of the latest IT security news headlines, updated every 4 hours.

IT Security News
Regular Security News
Social Media
Tools
Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff
Security Blogs
Microsoft Security Advisories
Mailing Lists
Bookmark + Share

Colour scheme


IT Security News

Y-Combinator

Regular Security News

Social Media

Reddit
I’m sure you can think of something with an rss feed

Tools

Security Tool Files ≈ Packet Storm

  • OpenStego Free Steganography Solution 0.6.1 OpenStego is a tool implemented in Java for generic steganography, with support for password-based encryption of the data. It supports plugins for various steganographic algorithms (currently, only Least Significant Bit algorithm is supported for images). Both source and jar releases are in this tar. […]
  • AIEngine 0.6 AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
  • Nmap Port Scanner 6.45 Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). N. […]
  • Fwknop Port Knocking Utility 2.6.1 fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect servic. […]
  • OpenDNSSEC 1.4.5 OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
  • Tor-ramdisk i686 UClibc-based Linux Distribution x86 20140409 Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced. […]
  • Lynis Auditing Tool 1.5.0 Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated audit. […]
  • Zed Attack Proxy 2.3.0 Windows Installer The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. […]
  • Zed Attack Proxy 2.3.0 Linux Release The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. […]
  • Zed Attack Proxy 2.3.0 Mac OS X Release The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. […]
  • sn00p 0.8 sn00p is a modular tool written in bourne shell and designed to chain and automate security tools and tests. It parses target definitions from the command line and runs corresponding modules afterwards. sn00p can also parse a given nmap logfile for open tcp and udp ports. All results will be logged. […]
  • DNS Spider Multithreaded Bruteforcer 0.5 DNS Spider is a multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.
  • GNUnet P2P Framework 0.10.1 GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP,. […]
  • CodeCrypt 1.6 codecrypt is a GnuPG-like program for encryption and signing that uses only quantum-computer-resistant algorithms.
  • Heartbleed Honeypot Script This Perl script listens on TCP port 443 and responds with completely bogus SSL heartbeat responses, unless it detects the start of a byte pattern similar to that used in Jared Stafford’s (jspenguin@jspenguin.org) demo for CVE-2014-0160 ‘Heartbleed’. Run as root for the privileged port. Outputs IPs. […]
  • OpenSSL Toolkit 1.0.1g OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

CNET Download.com Security Software New Releases

empty What security software source do you want to see here?

Exploits

Exploit Files ≈ Packet Storm

Exploit-DB updates

Securityvulns exploits channel

Vulnerabilities

Security Videos & Podcasts

Other Stuff

Announcement

Announcements go here.

Files ≈ Packet Storm

  • Bleed Out Heartbleed Command Line Tool 1.0.1.46 Bleed Out is a command line tool written in C# for targeting instances of OpenSSL made vulnerable by the prolific “Heartbleed” bug. The tool aggressively exploits the OpenSSL vulnerability, dumping both ASCII and binary data to files. It also checks the uniqueness of each chunk before persisting it,. […]
  • Apple Security Advisory 2014-04-22-3 Apple Security Advisory 2014-04-22-3 – Apple TV 6.1.1 is now available and addresses vulnerabilities related to credential compromise, ASLR bypass, code execution, and more.
  • Apple Security Advisory 2014-04-22-2 Apple Security Advisory 2014-04-22-2 – iOS 7.1.1 is now available and addresses vulnerabilities in IOKit Kernel, CFNetwork HTTPProtocol, Secure Transport, and WebKit.
  • Apple Security Advisory 2014-04-22-1 Apple Security Advisory 2014-04-22-1 – Security Update 2014-002 is now available and addresses vulnerabilities in CFNetwork HTTPProtocol, CoreServicesUIAgent, FontParser, Heimdal Kerberos, ImageIO, Intel Graphics Driver, IOKit Kernel, the kernel, power management, Ruby, and more.
  • iDevAffiliate 5.x SQL Injection iDevAffiliate versions 5.x and below suffer from a remote SQL injection vulnerability.
  • Symantec Messaging Gateway 10.5.1 Cross Site Scripting Symantec Messaging Gateway version 10.5.1 suffers from a reflective cross site scripting vulnerability.
  • HP Security Bulletin HPSBMU03018 HP Security Bulletin HPSBMU03018 – A potential security vulnerability has been identified with HP Software Asset manager running OpenSSL. The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bu. […]
  • HP Security Bulletin HPSBMU03017 HP Security Bulletin HPSBMU03017 – A potential security vulnerability has been identified with HP Software Connect-IT running OpenSSL. The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulle. […]
  • HP Security Bulletin HPSBMU03019 HP Security Bulletin HPSBMU03019 – A potential security vulnerability has been identified with HP Software UCMDB Browser and Configuration Manager running OpenSSL. The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP. […]
  • Ubuntu Security Notice USN-2169-1 Ubuntu Security Notice 2169-1 – Benjamin Bach discovered that Django incorrectly handled dotted Python paths when using the reverse() function. An attacker could use this issue to cause Django to import arbitrary modules from the Python path, resulting in possible code execution. Paul McMillan disco. […]
  • Slackware Security Advisory – php Updates Slackware Security Advisory – New php packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.
  • Slackware Security Advisory – libyaml Updates Slackware Security Advisory – New libyaml packages are available for Slackware 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.
  • Red Hat Security Advisory 2014-0421-01 Red Hat Security Advisory 2014-0421-01 – KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Multiple in. […]
  • Red Hat Security Advisory 2014-0420-01 Red Hat Security Advisory 2014-0420-01 – KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple integer overflow, input validation, logic error, and buffer overflow flaws w. […]
  • Red Hat Security Advisory 2014-0419-01 Red Hat Security Advisory 2014-0419-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote attacker could use this f. […]
  • Debian Security Advisory 2911-1 Debian Linux Security Advisory 2911-1 – Multiple security issues have been found in Icedove, Debian’s version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary cod. […]

Security Blogs

cURL error 60: SSL certificate problem, verify that the CA cert is OK. Details:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

A feed could not be found at http://feeds.feedburner.com/dvlabsblog

A feed could not be found at http://feeds.voices.washingtonpost.com/wp/securityfix/index

Microsoft Security Advisories

MSRC

  • April 2014 Security Bulletin Webcast and Q&A Today we published the April 2013 Security Bulletin Webcast Questions & Answers page. We answered 13 questions in total, with the majority focusing on the update for Internet Explorer (MS14-018) and the Windows 8.1 Update (KB2919355). Two questions that were not answered on air have been included on. […]
  • The April 2014 Security Updates T. S. Elliot once said, “What we call the beginning is often the end. And to make an end is to make a beginning. The end is where we start from.” So as we put one season to bed, let’s start another by looking at the April security updates. Today, we release four bulletins to address 11 CVEs in. […]
  • Advance Notification Service for the April 2014 Security Bulletin Release Today we provide advance notification for the release of four bulletins, two rated Critical and two rated Important in severity. These updates address issues in Microsoft Windows, Office and Internet Explorer. The update provided through MS14-017 fully addresses the Microsoft Word issue first descri. […]
  • The Next Leap Forward in Cyber Defense: Taking Action to Help Defeat Adversaries It is often said that attackers have an advantage, because the defenders have to protect every part of their systems all the time, while the attacker only has to find one way in. This argument oversimplifies the security landscape and the real strength that defenders can achieve if they work togethe. […]
  • Microsoft Releases Security Advisory 2953095 Today we released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. An attacker could cause remote code execution if someone was convinced to open a specially crafted Rich Text. […]
  • March 2014 Security Bulletin Webcast and Q&A Today we published the March 2014 Security Bulletin Webcast Questions & Answers page. We answered eight questions in total, with the majority focusing on the updates for Windows (MS14-016) and Internet Explorer (MS14-012). One question that was not answered on air has been included on the Q&A page.. […]
  • The March 2014 Security Updates This month we release five bulletins to address 23 unique CVEs in Microsoft Windows, Internet Explorer and Silverlight. If you need to prioritize, the update for Internet Explorer addresses the issue first described in Security Advisory 2934088, so it should be at the top of your list. While that up. […]
  • Advance Notification Service for the March 2014 Security Bulletin Release Today we provide advance notification for the release of five bulletins for March 2014, two rated Critical and thee rated Important in severity. These updates address issues in Microsoft Windows, Internet Explorer and Silverlight. The update provided in MS14-012 fully addresses the issue first descr. […]
  • Announcing the Enhanced Mitigation Experience Toolkit (EMET) 5.0 Technical Preview I’m here at the Moscone Center, San Francisco, California, attending the annual RSA Conference USA 2014. There’s a great crowd here and many valuable discussions. Our Microsoft Security Response Center (MSRC) engineering teams have been working hard on the next version of EMET, which helps custo. […]
  • Microsoft Releases Security Advisory 2934088 Today, we released Security Advisory 2934088 regarding an issue that impacts Internet Explorer 9 and 10. Internet Explorer 6, 7, 8 and 11 are not affected. At this time, we are only aware of limited, targeted attacks against Internet Explorer 10. This issue allows remote code execution if users brow. […]
  • February 2014 Security Bulletin Webcast and Q&A Today we published the February 2014 Security Bulletin Webcast Questions & Answers page.  We answered seven questions on air, with the majority of questions focusing on the MSXML bulletin (MS14-005) and the revision to Security Advisory 2915720. One question that was not answered on air has been in. […]
  • Safer Internet Day 2014 and Our February 2014 Security Updates In addition to today being the security update release, February 11 is officially Safer Internet Day for 2014. This year, we’re asking folks to Do 1 Thing to stay safer online. While you may expect my “Do 1 Thing” recommendation would be to apply security updates, I’m guessing that for reade. […]
  • Update (2/10) – Advance Notification Service for February 2014 Security Bulletin Release Update as of February 10, 2014 We are adding two updates to the February release. There will be Critical-rated updates for Internet Explorer and VBScript in addition to the previously announced updates scheduled for release on February 11, 2014. These updates have completed testing and will be inclu. […]
  • Antimalware Support for Windows XP and the January 2014 Security Bulletin Webcast and Q&A Today we’re publishing the January 2014 Security Bulletin Webcast Questions & Answers page.  We answered 16 questions in total, with the majority of questions focusing on the Dynamics AX bulletin (MS14-004), the update for Microsoft Word (MS14-001) and the re-release of the Windows 7 and Windows. […]
  • A Look Into the Future and the January 2014 Bulletin Release In January, there are those who like to make predictions about the upcoming year. I am not one of those people. Instead, I like to quote Niels Bohr who said, “Prediction is very difficult, especially if it’s about the future.” However, I can say without a doubt that change is afoot in 2014. In. […]
  • Advance Notification Service for the January 2014 Security Bulletin Release Today we provide advance notification for the release of four bulletins for January 2014. All bulletins this month are rated Important in severity and address vulnerabilities in Microsoft Windows, Office, and Dynamics AX. The update provided in MS14-002 fully addresses the issue first described in S. […]

Microsoft Sec Notification

  • Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Apr 17******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: April 17, 2014 ******************************************************************** Summary ======= The following bulletins have undergone mino. […]
  • Hello, we miss you! Re-subscribe to receive the latest IT news from Microsoft Posted by Microsoft on Apr 15We miss you! Re-subscribe to receive the latest IT news from Microsoft Prefer to read this online? http://view.email.microsoftemail.com/?j=fe9816787667047c73&m=fe6015707361017c7212&ls=fe30157570640079711676&l=fec21c767365017e&s=fe281071756d007e7c1174&jb=ff68107375&ju= Cl. […]
  • Microsoft Security Bulletin Summary for April 2014 Posted by Microsoft on Apr 08******************************************************************** Microsoft Security Bulletin Summary for April 2014 Issued: April 8, 2014 ******************************************************************** This bulletin summary lists security bulletins released for. […]
  • Microsoft Security Advisory Notification Posted by Microsoft on Apr 08******************************************************************** Title: Microsoft Security Advisory Notification Issued: April 8, 2014 ******************************************************************** Security Advisories Updated or Released Today =================. […]
  • Microsoft Security Bulletin Advance Notification for April 2014 Posted by Microsoft on Apr 03******************************************************************** Microsoft Security Bulletin Advance Notification for April 2014 Issued: April 3, 2014 ******************************************************************** This is an advance notification of security bul. […]
  • Microsoft Security Advisory Notification Posted by Microsoft on Mar 27******************************************************************** Title: Microsoft Security Advisory Notification Issued: March 27, 2014 ******************************************************************** Security Advisories Updated or Released Today ================. […]
  • Microsoft Security Advisory Notification Posted by Microsoft on Mar 24******************************************************************** Title: Microsoft Security Advisory Notification Issued: March 24, 2014 ******************************************************************** Security Advisories Updated or Released Today ================. […]
  • Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Mar 20******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: March 20, 2014 ******************************************************************** Summary ======= The following bulletins have undergone mino. […]
  • Microsoft Security Advisory Notification Posted by Microsoft on Mar 11******************************************************************** Title: Microsoft Security Advisory Notification Issued: March 11, 2014 ******************************************************************** Security Advisories Updated or Released Today ================. […]
  • Microsoft Security Bulletin Summary for March 2014 Posted by Microsoft on Mar 11******************************************************************** Microsoft Security Bulletin Summary for March 2014 Issued: March 11, 2014 ******************************************************************** This bulletin summary lists security bulletins released for. […]
  • Microsoft Security Bulletin Advance Notification for March 2014 Posted by Microsoft on Mar 06******************************************************************** Microsoft Security Bulletin Advance Notification for March 2014 Issued: March 6, 2014 ******************************************************************** This is an advance notification of security bul. […]
  • Microsoft Security Advisory Notification Posted by Microsoft on Feb 28******************************************************************** Title: Microsoft Security Advisory Notification Issued: February 28, 2014 ******************************************************************** Security Advisories Updated or Released Today =============. […]
  • Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Feb 28******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: February 28, 2014 ******************************************************************** Summary ======= The following bulletins have undergone m. […]
  • Microsoft Security Advisory Notification Posted by Microsoft on Feb 27******************************************************************** Title: Microsoft Security Advisory Notification Issued: February 27, 2014 ******************************************************************** Security Advisories Updated or Released Today =============. […]
  • Microsoft Security Advisory Notification Posted by Microsoft on Feb 20******************************************************************** Title: Microsoft Security Advisory Notification Issued: February 20, 2014 ******************************************************************** Security Advisories Updated or Released Today =============. […]
IT Security News
Regular Security News
Social Media
Tools
Exploits
Vulnerabilities
Security Videos & Podcasts
Other Stuff
Security Blogs
Microsoft Security Advisories
Mailing Lists
Colour scheme