Hackin9

Tackle Information Security from the Ground Up with “The InfoSec Handbook ...
Virtual-Strategy Magazine (press release)
“The InfoSec Handbook” is co-written by Umesh Hodeghatta Rao and Umesha Nayak. Professor Rao is on the faculty in the field of Information Systems at Xavier Institute of Management, Bhubaneswar, India. He has more than twenty years of experience in IT ...

and more »
 

PHP announced the released of version 5.5.17 and 5.4.33. Ten bugs were fixed in version 5.4.33 and 15 bugs were fixed in version 5.5.17. All PHP users are encouraged to upgrade.The latest version are available for download here.

[1] http://php.net/ChangeLog-5.php#5.4.33
[2] http://php.net/ChangeLog-5.php#5.5.17
[3] http://windows.php.net/download

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

 

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
 
Multiple IBM DB2 Products CVE-2012-4826 Remote Stack Buffer Overflow Vulnerability
 
IBM DB2 and DB2 Connect CVE-2013-5466 Remote Denial of Service Vulnerability
 
PowerDNS Recursor CVE-2014-3614 Remote Denial of Service Vulnerability
 
Re: Multiple Vulnerabilities with Aztech Modem Routers
 

Posted by InfoSec News on Sep 19

http://www.denverpost.com/business/ci_26556583/denver-based-ping-identity-gets-35-million-investment

By Laura Keeney
The Denver Post
09/18/2014

Recent data breaches at high-profile companies such as Home Depot and
Goodwill Stores have thrust Internet security back into the spotlight, and
one local company is on the verge of a giant leap forward in the mission
to make data safer.

Denver-based Ping Identity is expected to announce early...
 

Posted by InfoSec News on Sep 19

http://www.defenseone.com/threats/2014/09/china-wants-replicate-nsas-cyber-schools/94475/

By Aliya Sternstein
Nextgov
Sept 18, 2014

Chinese universities are welcome to adopt the U.S. National Security
Agency’s cyber education program, the top U.S. computer security education
official said, after a recent trip to Beijing.

Entrepreneurs in China have voiced support for improving the notoriously
spotty relations between the U.S. and China in...
 

Posted by InfoSec News on Sep 19

Cyber Security EXPO is a new event for everybody wanting to protect their
organisation from the increasing commercial threat of 21st century
cyber-attacks. The challenge of securing corporate data and networks to
mitigate risk is greater than ever, so Cyber Security EXPO has been designed to
include the following themes - Internet & Network Security, Cyber Crime, Log
Data & Advanced Analytics, Identity & Access Management,...
 

Posted by InfoSec News on Sep 19

http://www.scientificamerican.com/article/crime-ring-revelation-reveals-cybersecurity-conflict-of-interest/

By Erik Schechter
Scientific American
Sep 15, 2014

A small cybersecurity firm claimed this summer to have uncovered a scam by
Russian Internet thieves to amass a mountain of stolen information from
420,000 Web and FTP sites. The hacker network, dubbed “CyberVor,”
possessed 1.2 billion unique credentials—a user name and matching...
 
LinuxSecurity.com: Security Report Summary
 

Posted by InfoSec News on Sep 19

http://krebsonsecurity.com/2014/09/home-depot-56m-cards-impacted-malware-contained/

By Brian Krebs
Krebs on Security
Sept 18, 2014

Home Depot said today that cyber criminals armed with custom-built malware
stole an estimated 56 million debit and credit card numbers from its
customers between April and September 2014. That disclosure officially
makes the incident the largest retail card breach on record.

The disclosure, the first real...
 
[SECURITY] [DSA 3025-2] apt regression update
 
AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations
 
AST-2014-009: Remote crash based on malformed SIP subscription requests
 
CVE ID Syntax Change - Deadline Approaching
 
Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw
 
APPLE-SA-2014-09-17-6 OS X Server 2.2.3
 
APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1
 
Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw
 
CVE ID Syntax Change - Deadline Approaching
 
[SECURITY] [DSA 3028-1] icedove security update
 
Advantech WebAccess CVE-2014-0992 Stack Based Buffer Overflow Vulnerability
 
Advantech WebAccess CVE-2014-0991 Stack Based Buffer Overflow Vulnerability
 
Advantech WebAccess CVE-2014-0990 Incomplete Fix Stack-Based Buffer Overflow Vulnerability
 
Advantech WebAccess CVE-2014-0989 Incomplete Fix Stack-Based Buffer Overflow Vulnerability
 
APPLE-SA-2014-09-17-7 Xcode 6.0.1
 
Advantech WebAccess CVE-2014-0987 Incomplete Fix Stack Based Buffer Overflow Vulnerability
 
Advantech WebAccess CVE-2014-0986 Incomplete Fix Stack Based Buffer Overflow Vulnerability
 
Advantech WebAccess CVE-2014-0985 Incomplete Fix Stack Based Buffer Overflow Vulnerability
 
apt CVE-2014-0489 Security Bypass Vulnerability
 
apt CVE-2014-0490 Security Bypass Vulnerability
 
apt CVE-2014-0488 Security Bypass Vulnerability
 
apt CVE-2014-0487 Security Bypass Vulnerability
 
Internet Storm Center Infocon Status