# SANS ISC

# threatpost.com

# Reddit netsec

# Krebs On Security

  • Scientology Seeks Captive Converts Via Google Maps, Drug Rehab Centers Mon, 27 Jun 2016 18:32:44 +0000
    Fake online reviews generated by unscrupulous marketers blanket the Internet these days. Although online review pollution isn't exactly a hot-button consumer issue, there are plenty of cases in which phony reviews may endanger one's life or well-being. This is the story about how searching for drug abuse treatment services online could cause concerned loved ones to send their addicted, vulnerable friends or family members straight into the arms of the Church of Scientology.
  • How to Spot Ingenico Self-Checkout Skimmers Fri, 24 Jun 2016 14:36:36 +0000
    A KrebsOnSecurity story last month about credit card skimmers found in self-checkout lanes at some Walmart locations got picked up by quite a few publications. Since then I've heard from several readers who work at retailers that use hundreds of thousands of these Ingenico credit card terminals across their stores, and all wanted to know the same thing: How could they tell if their self-checkout lanes were compromised? This post provides a few pointers.
  • Rise of Darknet Stokes Fear of The Insider Wed, 22 Jun 2016 20:49:56 +0000
    With the proliferation of shadowy black markets on the so-called "darknet" -- hidden crime bazaars that can only be accessed through special software that obscures one's true location online -- it has never been easier for disgruntled employees to harm their current or former employer. At least, this is the fear driving a growing stable of companies seeking technical solutions to detect would-be insiders.

# Bruce Schneier's blog

# WIRED Threat Level

# exploit-db.com

# Securiteam

  • Mozilla Firefox CmapSubtable12Lookup Buffer Over-Read Vulnerabilities Mon, 20 Jun 2016 00:00 GMT
    The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) .
  • OpenSSL Cryptographic Protection Mechanisms Security Bypass Vulnerabilities Mon, 20 Jun 2016 00:00 GMT
    ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
  • Apache Solr Execution Of Arbitrary Script Code Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled during the rendering of the (1) Analysis page, related to webapp/web/js/scripts/analysis.js or (2) Schema-Browser page, related to webapp/web/js/scripts/schema-browser.js.
  • Apple IOS Execution Of Arbitrary Code Via A Crafted App Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
  • Apple Safari Code-Signing Subsystem Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    The code-signing subsystem in Apple OS X before 10.11.4 does not properly verify file ownership, which allows local users to determine the existence of arbitrary files .
  • Cisco IOS Wide Area Application Services Express TCP Segment Validation Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment.
  • Cybozu Office 10.3.0 'customapp' Denial Of Service Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    Cybozu Office 10.3.0 allows remote attackers to read image files via a crafted e-mail message.
  • Dropbear SSH CRLF Injection Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data..
  • FFmpeg Processing improperly Calculate A Buffer Size Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have other impact via a crafted .tga file, related to the gif_image_write_image, gif_encode_init, and gif_encode_close functions.
  • Google Chrome Crafted HTML Document Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    WebKit/Source/core/layout/LayoutObject.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly restrict relayout scheduling, which allows remote attackers to cause a denial of service (use-after-free) or possibly have other impact via a crafted HTML document.
  • IBM FlashSystem Model V9000 Cross-Site Request Forgery Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    Cross-site request forgery (CSRF) vulnerability in IBM Flash System V9000 7.4 before 7.4.1.4, 7.5 before 7.5.1.3, and 7.6 before 7.6.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
  • Microsoft Edge Remote Users Obtain Potentially Sensitive Information Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
  • MIT Kerberos 5 Information Disclosure Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cause a denial of service (out-of-bounds read) via a crafted string.
  • Moodle Allows Obtaining Sensitive Course-Participant Information Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    The core_enrol_get_enrolled_users web service in enrol/externallib.php in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly implement group-based access restrictions, which allows remote authenticated users to obtain sensitive course-participant information via a web-service request.
  • Mozilla Firefox Ubuntu Spoof The Address Bar Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via use of the Clients API.
  • Nettle Produces Incorrect Output Implementation Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have impact.
  • PhpMyAdmin Crafted Query In SQL Parser Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    Cross-site scripting (XSS) vulnerability in the format function in libraries/sql-parser/src/Utils/Error.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query.
  • Ruby on Rails Active Model Security Bypass Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters.
  • SAP NetWeaver Java 7.4 Directory Traversal Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    Directory traversal vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to read arbitrary files via directory traversal sequences .
  • Squid Does Not Check Buffer Limits Vulnerabilities Tue, 21 Jun 2016 00:00 GMT
    The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsing, which allows remote HTTP servers to cause a denial of service (assertion failure and daemon exit) via a crafted XML document, related to esi/CustomParser.cc and esi/CustomParser.