# SANS ISC

# Reddit netsec

# Krebs On Security

  • Canadian Man Behind Popular ‘Orcus RAT’ Thu, 21 Jul 2016 14:33:36 +0000
    Far too many otherwise intelligent and talented software developers these days apparently think they can get away with writing, selling and supporting malicious software and then couching their commerce as a purely legitimate enterprise. Here's the story of how I learned the real-life identity of Canadian man who's laboring under that same illusion as proprietor of one of the most popular and affordable tools for hacking into someone else's computer.
  • Cici’s Pizza: Card Breach at 130+ Locations Wed, 20 Jul 2016 01:13:14 +0000
    Cici's Pizza, a Coppell, Texas-based fast-casual restaurant chain, today acknowledged a credit card breach at more than 135 locations. The disclosure comes more than a month after KrebsOnSecurity first broke the news of the intrusion, offering readers a sneak peak inside the sprawling cybercrime machine that thieves used siphon card data from Cici's customers in real-time.
  • Carbanak Gang Tied to Russian Security Firm? Tue, 19 Jul 2016 03:49:52 +0000
    Among the more plunderous cybercrime gangs is a group known as "Carbanak," Eastern European hackers blamed for stealing more than a billion dollars from banks. Today we'll examine some compelling clues that point to a connection between the Carbanak gang's staging grounds and a Russian security firm that claims to work with some of the world's largest brands in cybersecurity.

# Bruce Schneier's blog

# WIRED Threat Level

# exploit-db.com

# Securiteam

  • Apache Commons Fileupload 1.3.1 Denial Of Service Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Apache Commons Fileupload is prone to a denial of service (DoS) vulnerability. This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.
  • Apple Iphone Os 9.2.1 Cross Site Scripting Obtain Information Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Apple Iphone Os is prone to a cross-site scripting vulnerability.This allows remote attackers to inject arbitrary web script or HTML via vulnerable vectors. A remote attacker can use cross-site scripting(XSS) to send a hostile script to an unsuspicious user.
  • Canonical Ubuntu Linux Denial Of Service Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Canonical Ubuntu Linux is prone to a denial of service (DoS) vulnerability.This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors.
  • Cisco Aironet Access Point Software8.2 (100.0) Remote Code Execution Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Cisco Aironet Access Point Software 8.2(100.0) on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037.
  • Criu Remote Code Execution Vulnerability Wed, 20 Jul 2016 00:00 GMT
    The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a directory path.
  • EMC Data Domain Os 5.5.3.3 Remote Code Execution Vulnerability Wed, 20 Jul 2016 00:00 GMT
    EMC Data Domain OS 5.5 before 5.5.4.0, 5.6 before 5.6.1.004, and 5.7 before 5.7.2.0 stores session identifiers of GUI users in a world-readable file, which allows local users to hijack arbitrary accounts via vectors.
  • Flexerasoftware Installanywhere Gain privileges Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Untrusted search path vulnerability in Flexera InstallAnywhere allows local users to gain privileges via a Trojan horse DLL in the current working directory of a setup-launcher executable file.
  • GNU Glibc Denial Of Service Overflow Vulnerability Wed, 20 Jul 2016 00:00 GMT
    GNU Glibc is prone to a denial of service (DoS) vulnerability.This allow a remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources via certain vulnerable vectors. GNU Glibc is prone to a overflow vulnerability.This allows a remote attackers to execute arbitrary code via crafted packets and cause a denial of service (memory corruption)
  • Google Chrome 50.0.2661.102 Blink Bypass A Restriction Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Google Chrome is prone to a bypass vulnerability. This allow an attacker to bypass detection or blocking system, which could allow malware to pass through the system undetected
  • HP Insight Contol 7.5 Denial Of Service Obtain Information Vulnerability Wed, 20 Jul 2016 00:00 GMT
    HP Insight Control before 7.5.1 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via vectors.
  • IBM Infosphere Streams 4.0.1.1 Remote Code Execution Vulnerability Wed, 20 Jul 2016 00:00 GMT
    IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the runAsUser feature, which allows local users to obtain root group privileges via unspecified vectors.
  • Linux Linux Kernel 4.5.5 Obtain Information Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Linux Linux Kernel is prone to a gain information vulnerability.This allows local or remote attackers to gain privileges via a malicious program in the affected application.
  • Microfocus Rumba 9.4 Execute Code Overflow Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers to execute arbitrary code via a long MacroName argument. NOTE: some references mention CVE-2016-5226 but that is not a correct ID for any Rumba vulnerability.
  • Netgear D3600 Firmware Remote Code Execution Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Netgear D3600 Firmware is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
  • Openssl 1.0.2h Obtain Information Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Openssl Openssl is prone to a gain information vulnerability.This allows local or remote attackers to gain privileges via a malicious program in the affected application
  • Redhat Openshift 3.2 Execute Code Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image.
  • Qemu Denial Of Service Overflow Obtain Information Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Qemu is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
  • Siemens Sicam Pas 8.06 Remote Code Execution Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges.
  • Unitronics VisiLogic Execute Code Overflow Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Unitronics VisiLogic is prone to a overflow vulnerability.This allows a remote attackers to execute arbitrary code via crafted packets and cause a denial of service (memory corruption).
  • Vmware Vcenter Server 5.0 Cross Site Scripting Vulnerability Wed, 20 Jul 2016 00:00 GMT
    Vmware Vcenter Server is prone to a cross-site scripting vulnerability.This allows remote attackers to inject arbitrary web script or HTML via vulnerable vectors. A remote attacker can use cross-site scripting(XSS) to send a hostile script to an unsuspicious user.