Oracle MySQL Server CVE-2012-0496 Remote Security Vulnerability
Oracle MySQL CVE-2012-0583 Remote MySQL Server Vulnerability
Oracle MySQL Server CVE-2012-0495 Remote Security Vulnerability
A body-worn IMSI catcher for covert snooping.

Recently leaked brochures advertising next generation spy devices give outsiders a glimpse into the high-tech world of government surveillance. And one of the most tantalizing of the must-have gizmos available from a company called GammaGroup is a body-worn device that surreptitiously captures the unique identifier used by cell phones.

"The unit is optimized for short range covert operation, designed to allow users to get close to Target(s) to maximize the changes of only catching the Target(s') identities and minimal unwanted collateral," one of the marketing pamphlets boasts. "The solution can be used as a standalone device or integrated into wider data-gathering and geo-tracking systems."

At just 41 x 33 x 18 centimeters, the device is small enough to fit under a shirt. It needs from one to 90 seconds to capture the international mobile subscriber identity (IMSI) or international mobile equipment identity (IMEI) of the person being tracked. It works on all GSM-based networks regardless of country and is fully operational even when functioning in a moving vehicle. The same brochure advertises several other varieties of IMSI catchers, including some that work in a totable briefcase and one that receives signals from a covert vehicle roof bar antenna. The James Bond spying tools are sold to government agencies and law enforcement organizations.

Read 5 remaining paragraphs | Comments


LinuxSecurity.com: A NULL pointer dereference in Cyrus-SASL may allow remote attackers to cause a Denial of Service condition.
LinuxSecurity.com: The wheezy part of the previous python-django update, DSA-2740-1, was incorrectly built and did not include all legacy symbolic links for the jquery Javascript library. [More...]
LinuxSecurity.com: Several denial-of-service vulnerabilities were discovered in the dcraw code base, a program for procesing raw format images from digital cameras. This update corrects them in the copy that is embedded in the exactimage package. [More...]
LinuxSecurity.com: Two vulnerabilities were discovered in Cacti, a web interface for graphing of monitoring systems: CVE-2013-5588 [More...]
LinuxSecurity.com: New gnutls packages are available for Slackware 14.0 and -current to fix a security issue. Sorry about having to reissue this one -- I pulled it from ftp.gnu.org not realizing that the latest version there was actually months out of date. [More Info...]
Microsoft got some good news Sunday as metrics company Net Applications said Windows 8's user share in August is now larger than Vista's at the same point in the latter's post-launch timeline.
Internet Storm Center Infocon Status