Hackin9
XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow
 
[SECURITY] [DSA 2793-1] libav security update
 
Re: Word 2003 SP2 .doc fork bomb on WinXP SP3
 
Belkin WiFi NetCam video stream backdoor with unchangeable admin/admin credentials
 
Passengers in flight could make voice calls and exchange text messages using a new service from Gogo, but that doesn't mean your seatmate will necessarily be able to blab all through your next flight.
 
4.) Have a very again up in the event your card is stolen. Write down your account figures and place them within a secure site. Have a very distinctive credit score card that you choose to preserve as part of your suitcase. ナイキ カスタマイズ 原宿
 

Researchers have uncovered new, currently unpatched vulnerabilities in multiple versions of Internet Explorer that criminals are actively exploiting to surreptitiously hijack computers when they visit booby-trapped websites.

The vulnerabilities in various configurations of IE versions 7, 8, 9, and 10 running on Windows XP and Windows 7 are separate from the Microsoft Windows and Office graphics flaw that's also under active exploit at the moment. According to researchers at security firm FireEye, the IE-targeted exploits arrive as a classic drive-by attack that's found on at least one breached website located in the US. The attacks are able to bypass security protections Microsoft engineers have gradually added to later versions of their software. The exploits appear to circumvent the measures, at least in part, by exploiting at least two separate flaws. One flaw allows attackers to access and control computer memory, and another leaks system information needed to capitalize on the first bug.

"The memory access vulnerability is designed to work on Windows XP with IE 7 and 8 and on Windows 7," FireEye researchers Xiaobo Chen and Dan Caselden wrote in a post published Friday. "The exploit targets the English version of Internet Explorer, but we believe the exploit can be easily changed to leverage other languages. Based on our analysis, the vulnerability affects IE 7, 8, 9 and 10."

Read 6 remaining paragraphs | Comments


    






 

According to a new report (German) by Der Spiegel, the British signals intelligence spy agency has again employed a “quantum insert” technique as a way to target employees (Google Translate) of two companies that are GRX (Global Roaming Exchange) providers.

The lead author of the story in the German magazine is Laura Poitras, one of the journalists known to have access to the entire trove of documents leaked by former National Security Agency contractor Edward Snowden.

GRX is roughly analogous to an IX (Internet Exchange), and it acts as a major exchange for mobile Internet traffic while users roam around the globe. There are only around two dozen such GRX providers globally. This new attack specifically targeted administrators and engineers of Comfone and Mach (which was acquired over the summer by Syniverse), two GRX providers.

Read 10 remaining paragraphs | Comments


    






 
Internet Storm Center Infocon Status