Atheme IRC Services CVE-2017-6384 Denial of Service Vulnerability
Soruly CVE-2017-6390 Cross Site Scripting Vulnerability
WordPress fast-image-adder Plugin CVE-2015-1000001 Arbitrary File Upload Vulnerability
FlightAirMap CVE-2017-6397 Multiple Cross Site Scripting Vulnerabilities
Cisco Meeting Server CVE-2017-3837 Denial of Service Vulnerability
Adobe Flash Player CVE-2017-2987 Unspecified Integer Overflow Vulnerability
Adobe Flash Player CVE-2017-2995 Type Confusion Remote Code Execution Vulnerability
Adobe Flash Player APSB17-04 Multiple Unspecified Memory Corruption Vulnerabilities
Rapid7 Insight Collector CVE-2017-5234 DLL Loading Remote Code Execution Vulnerability
HashOver CVE-2017-6395 Cross Site Scripting Vulnerability
WordPress Mobile App Plugin CVE-2017-6104 Arbitrary File Upload Vulnerability
ImageMagick CVE-2017-6335 Local Denial of Service Vulnerability
Eaton xComfort Ethernet Communication Interface CVE-2017-9368 Information Disclosure Vulnerability
IBM Development Package for Apache Spark CVE-2016-4970 Denial of Service Vulnerability
Schneider Electric Conext ComBox CVE-2017-6019 Denial of Service Vulnerability
NagVis 'share/userfiles/gadgets/std_table.php' Cross Site Scripting Vulnerability
OpenEMR CVE-2017-6394 Multiple Cross Site Scripting Vulnerabilities
Multiple IBM Products CVE-2017-1124 Local Information Disclosure Vulnerability
Multiple Siemens Products CVE-2017-2685 Man in the Middle Security Bypass Vulnerability
w3m Multiple Security Vulnerabilities
WordPress rockhoist-badges Plugin CVE-2017-6102 HTML Injection Vulnerability
IBM QRadar SIEM CVE-2016-9725 Information Disclosure Vulnerability
IBM QRadar SIEM and Incident Forensics CVE-2016-9720 Information Disclosure Vulnerability

Enlarge (credit: Gage Skidmore)

As the US Republican vice presidential candidate, Mike Pence vigorously chastised Hillary Clinton for using a personal server to send and receive official e-mails while she was Secretary of State. Not only was the arrangement an attempt to escape public accountability, he said, it also put classified information within dangerous reach of hackers.

Now come revelations that Pence routinely used a private AOL account to conduct government business while he was governor of Indiana and that the account was hacked last summer, just months before he turned the heat on his Democratic rival over her personal e-mail server. Use of the AOL account for state business came to light in a 2,100-word article published Thursday evening by The IndyStar. The news outlet based its report on e-mails it received under a public records request. State officials declined to release an unspecified number of e-mails because the state considers them confidential and too sensitive to release to the public.

Pence used the account starting in the mid 1990s and continued using it until it was hijacked in 2016, three years into Pence's four-year tenure as governor, the news outlet reported. The hackers who compromised the account used it to send a scam e-mail to Pence's contacts, falsely claiming that the governor and his wife were stranded in the Philippines and in urgent need of financial assistance. Pence then abandoned that account and opened a new AOL account.

Read 5 remaining paragraphs | Comments

Internet Storm Center Infocon Status