Hackin9

GovInfoSecurity.com

Bill OK'd to Enhance NIST Cybersecurity Role
GovInfoSecurity.com
Years before the federal government issued the cybersecurity framework last February, Sen. Jay Rockefeller offered legislation to establish a process for the government to develop IT security best practices with advice from industry that critical ...

and more »
 
Honeywell OPOS Suite 'HWOPOSSCANNER.ocx' Stack Buffer Overflow Vulnerabilities
 
Linux Kernel 'rd_build_device_space()' Function Information Disclosure Vulnerability
 
BMC Track-It! CVE-2014-8270 Information Disclosure Vulnerability
 
ESA-2014-173: RSA® Authentication Manager Unvalidated Redirect Vulnerability
 
ESA-2014-163: RSA Archer® GRC Platform Multiple Vulnerabilities
 
ESA-2014-164: EMC Isilon InsightIQ Cross-Site Scripting Vulnerability
 
LinuxSecurity.com: Several security issues were fixed in the kernel.
 
LinuxSecurity.com: Several security issues were fixed in the kernel.
 
LinuxSecurity.com: Several security issues were fixed in the kernel.
 
LinuxSecurity.com: Several security issues were fixed in the kernel.
 
LinuxSecurity.com: Several security issues were fixed in the kernel.
 
LinuxSecurity.com: Several security issues were fixed in the kernel.
 
LinuxSecurity.com: Several security issues were fixed in the kernel.
 
LinuxSecurity.com: Several security issues were fixed in the kernel.
 
LinuxSecurity.com: Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security [More...]
 
LinuxSecurity.com: Multiple vulnerabilities have been found in AMD64 x86 emulation base libraries, the worst of which may allow remote execution of arbitrary code.
 
LinuxSecurity.com: This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2013. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE [More...]
 
QEMU 'cirrus_vga.c' Security Bypass Vulnerability
 
UnRTF RTF File Handling CVE-2014-9275 Out of Bounds Memory Corruption Vulnerability
 
Linux Kernel 'trace_syscalls.c' Multiple Local Denial of Service Vulnerabilities
 

Posted by InfoSec News on Dec 12

http://arstechnica.com/security/2014/12/iranian-hackers-used-visual-basic-malware-to-wipe-vegas-casinos-network/

By Sean Gallagher
Ars Technica
Dec 11, 2014

Stop us if this sounds familiar: a company executive does something that
makes a foreign government’s leadership upset. A few months later, hackers
break into the company’s network through a persistent cyber attack, and
plant malware that erases the contents of hard drives, shuts...
 

Posted by InfoSec News on Dec 12

http://www.bloomberg.com/news/2014-12-11/sony-hack-reveals-health-details-on-employees-and-their-children.html

By Shannon Pettypiece
Bloomberg News
Dec 11, 2014

Documents stolen from Sony Corp. (6758) by hackers include detailed and
identifiable health information on more than three dozen employees, their
children or spouses -- a sign of how much information employers have on
their workers and how easily it can become public.

One memo by a...
 

Posted by InfoSec News on Dec 12

http://www.balkaninsight.com/en/article/serbian-police-investigates-allegedly-largest-data-theft

Balkan Insight
12 DEC 14

Police are investigating claims by a group of hackers that they have got
hold of data on everyone in the country.

“We have whole Serbia in our hands. We have almost all information about
Serbian citizens, starting from their ID numbers to information on what
they do, where they live and what are their phone numbers,”...
 
X.Org X Server Protocol Handling Out-of-Bounds Multiple Denial of Service Vulnerabilities
 
X.Org X Server CVE-2014-8094 Out of Bounds Denial of Service Vulnerability
 
Docker 1.3.3 - Security Advisory [11 Dec 2014]
 
[security bulletin] HPSBUX03162 SSRT101767 rev.3 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Man-in-the-Middle (MitM) Attack
 
[SECURITY] [DSA 3099-1] dbus security update
 
X.Org X Server CVE-2014-8099 Out of Bounds Read Multiple Remote Denial of Service Vulnerabilities
 
X.Org X Server CVE-2014-8097 Out of Bounds Multiple Integer Overflow Vulnerabilities
 
Internet Storm Center Infocon Status