ORGIN STUDIOS Cms Multiple Vulnerability
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability

The Register

Car parking mobile apps are vulnerable to hacking, say infosec folk
The Register
Mobile parking apps are often insecure, according to an investigation by security researchers at NCC Group. Firms running paid-for parking schemes across the UK are introducing mobile applications as an alternative to paying with coins and/or card at ...

Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
OpenSSL CVE-2015-3194 Denial of Service Vulnerability

A black-and-white bandanna printed with a blocky, digital pattern reminiscent of the common Arabic keffiyeh is one item in the Backslash kit, a package of devices that help protesters stay safe and connected during demonstrations. The bandanna's pattern can store messages that can be revealed with the Backslash app.

When riot police descended on protesters in Ferguson, Missouri, last year sporting assault rifles and armored vehicles, the images sparked an awareness of the military technologies and tactics authorities have adopted over the past decade. Many of these tools have quietly become regular components of day-to-day policing. And just as with social networks and cell phone cameras during the Arab Spring and Occupy Wall Street, they've dramatically—and often invisibly—altered the dynamics of contemporary protest.

Examples are everywhere, from the controversial Long-Range Acoustic Device (LRAD) sound weapons used to disperse crowds to secretive mass surveillance devices, commonly known as stingrays originally developed for the US Navy, which police use to track cell phones, often without a warrant. Earlier this year, police in India began equipping aerial drones with pepper spray cannons to use on crowds of protesters. In August, North Dakota became the first US state to allow the same; a new law drafted by a drone lobbyist permits North Dakota cops to arm drones with pepper spray, tasers, and other “less-than-lethal” weapons.

The FBI has admitted that it flew surveillance planes equipped with high-resolution cameras over the Black Lives Matter protests in Ferguson and Baltimore, Maryland—part of a secret program that has monitored over 30 major cities from the skies using aircraft registered to fake companies. And in New York City, the NYPD has outfitted unmarked white vans with advanced X-ray equipment capable of seeing through walls and even people's clothes.

Read 18 remaining paragraphs | Comments

libpng CVE-2015-8126 Multiple Heap Based Buffer Overflow Vulnerabilities
libpng 'png_convert_to_rfc1123()' Function Out Of Bounds Read Memory Corruption Vulnerability
Microsoft Windows CVE-2015-6127 Information Disclosure Vulnerability
libpng CVE-2015-8472 Incomplete Fix Heap Based Buffer Overflow Vulnerability
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
Adobe FlashPlayer and AIR CVE-2015-8407 Stack Buffer Overflow Vulnerability
Git CVE-2015-7545 Remote Command Execution Vulnerability
WordPress <=v4.4 Username Exists Information Disclosure

From the Infosec Files: Overcoming Obstacles
SYS-CON Media (press release)
We recently asked several infosec experts to highlight the techniques and tips they've used to overcome common obstacles associated with cyber security awareness and training. Here are three pieces of day-to-day, planning, executing, measuring, ...

and more »
Internet Storm Center Infocon Status