[SECURITY] [DSA 3573-1] qemu security update
[security bulletin] HPSBUX03577 SSRT102172 rev.1 - HP-UX VxFS, Local Unauthorized Access to Files
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Enlarge / An image showing a SQL injection attack on the Lee County Elections Office exposing the plaintext passwords of Supervisor Sharon Harrington. (credit: Dan Sinclair)

A Florida man has been slapped with felony criminal hacking charges after gaining unauthorized access to poorly secured computer systems belonging to a Florida county elections supervisor.

David Michael Levin, 31, of Estero, Florida, was charged with three counts of unauthorized access to a computer, network, or electronic device and released on $15,000 bond, officials with the Florida Department of Law Enforcement said. According to a court document filed last week in Florida's Lee County and a video it cited as evidence, Levin logged into the Lee County Elections Office website using the pilfered credentials of Sharon Harrington, the county's Supervisor of Elections. Levin, who authorities said is the owner of a security firm called Vanguard Cybersecurity, also allegedly gained access to the website of Florida's Office of Elections.

Levin posted a YouTube video in late January that showed him entering the supervisor's username and password to gain control of a content management system used to control leeelections.com, which at the time was the official website for the elections office. At no time did anyone from the county authorize Levin to access the site, officials said.

Read 6 remaining paragraphs | Comments


I found out recently there is a very interesting tool that enables some interesting capabilities to perform network forensics from a PCAP capture file. It"> in the command prompt. There is a major keyword that launches the decoding framework and it">decode. Let" />


Manuel Humberto Santander Pelez
SANS Internet Storm Center - Handler
Twitter: @manuelsantander
e-mail: msantand at isc dot sans dot org

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
[SECURITY] [DSA 3572-1] websvn security update

This wizard greets visitors to ImageMagick's website. (credit: ImageMagick)

Attackers have wasted no time targeting a critical vulnerability that could allow them to take complete control over websites running a widely used image-processing application, security researchers said.

As Ars reported last week, a vulnerability in ImageMagick allows hackers to execute code of their choice on webservers that use the app to resize or crop user-uploaded images. Over the past few days, security researchers said, attackers have begun uploading booby-trapped images in an attempt to exploit the vulnerability, which is indexed as CVE-2016-3714. CloudFlare, a content delivery network that helps secure and optimize websites, has updated its Web application firewall to block exploits in an attempt to protect customers who have yet to patch the remote code-execution threat.

"We began watching the exploitation of CVE-2016-3714 as soon as the WAF rule went live across our network," CloudFlare researcher John Graham-Cumming wrote in a blog post published Monday. "The bad news is that this vulnerability is being actively used by hackers to attack websites."

Read 5 remaining paragraphs | Comments



Soon you will see black links instead of blue in Google Search
It seems Google is upto something! Google searches could look and feel very different in coming days as the search giant is testing a new version of its results page featuring black links, in the place of the familiar blue links that we have been so ...

and more »

GIAC Launches New Certification for Python Coders, GPYC
SYS-CON Media (press release)
The new GIAC Python Code certification is targeted toward penetration testers and information security professionals who want to use the Python programming language to enhance their effectiveness during information security engagements or projects.

and more »

Security Intelligence (blog)

Friendly Warning: PoC Exploits Dial In on Social Media Channels
Security Intelligence (blog)
At first glance, this looks like a positive step for InfoSec since more researchers were finding flawed code before hackers got their hands on it. But as noted by Dark Reading, the rate of exploit detection is quickly outstripping organizations ...


SANS Institute sets agenda for 2016 San Antonio cybersecurity event
Homeland Preparedness News
The SANS Institute on Wednesday set the agenda for its San Antonio 2016 InfoSec training event, taking place July 18-23. Included on the agenda is an additional event discussing the recent attack on the Ukrainian power grid and lessons to be learned ...


We're Going on a Threat Hunt
Consultant News
In fact, lots of smaller issues, if unaddressed, can add up to the infosec equivalent to the Death of a Thousand Cuts, with attackers chaining together many vulnerabilities to achieve their goals. Being fixated on the big logoed vulnerabilities talked ...

and more »

Cyber security gap leaves door open for the channel
Usually you have to wait until InfoSec to get the latest insight into just how cyber crime is having an impact on businesses of all sizes but the government has released its own worrying numbers over the weekend. According to government figures two ...

and more »
WordPress Plugin event-registration 6.02.02: SQL-Injection and persistent XSS

Softpedia News

Researcher Arrested After Finding and Reporting SQL Injection on Elections Site
Softpedia News
While it is common for infosec professionals to search for security flaws in state-owned infrastructure, authorities say they charged Levin because he never asked for permission prior to starting his endeavor. Levin, who's the owner of his own company ...

and more »
[SECURITY] [DSA 3571-1] ikiwiki security update
Internet Storm Center Infocon Status