Databáze Hot News 2014 January

Databáze Hot News 2014 January - 2014 January February March April May June July August September October November December

31.1.2014

Bugtraq

Ektron CMS Take Over - Hijacking Accounts 2014-01-30
Mark Litchfield (mark securatary com)

SimplyShare v1.4 iOS - Multiple Web Vulnerabilities 2014-01-29
Vulnerability Lab (research vulnerability-lab com)

Malware

W32/Relnek!AD7F51EB2C06
Generic.bfr!6CCEA8D78529
Generic PUP.x!186E1B88992E
Generic PUP.x!E7876A3EB817
Generic PUP.x!181AFE6957C5
Generic PUP.x!5BE2D3B4DB9E
Generic PUP.x!7423FB5121BE
Generic PUP.x!E52EC1C068C1
Generic.bfr!A749685028F3
W32/Expiro!ADE83FDD8A85
RDN/Generic PUP.x!br3!0335700E8271
Generic PUP.x!F440A722CB7C
Generic PUP.x!182B14ACC468
Generic.bfr!F439F6C36000
Generic PUP.x!17EBF4E57525
Generic PUP.x!73DCB99AEF38
Generic PUP.x!1F96D2CD89A2
Generic.bfr!17BAA166B355
Generic.bfr!5665C184D838
Dowloader-FEX!09ACB5D12BA5
Generic PUP.x!A054DDFA5014
Generic.bfr!676A6B2980EF
W32/Expiro!B07224AE1B87
Generic PUP.x!379B097BF495
Generic.bfr!D96F35CCD103
Generic PUP.x!475CA9B16C58
Generic.bfr!848E75C2553B
Generic PUP.x!71A538CE6949
Generic PUP.x!F543945817C4
Generic PUP.x!E4D6E58E2D9E

Phishing

MINT	30th January 2014
MINT ACCOUNT REVIEW NOTIFICATION.
Lloyds Group	30th January 2014
LLOYDS BANK - ACCOUNT REINSTATEMENT
Halifax	30th January 2014
Update and verify your online Billing
NatWest Credit Card Online	30th January 2014
LATEST NATWEST CREDIT CARD ACCOUNT STATEMEN
NatWest Credit Card Online	30th January 2014
LATEST NATWEST CREDIT CARD ACCOUNT STATEMENT
Barclays	30th January 2014
Important Update

Vulnerebility

Exploit

Linux 3.4+ recvmmsg x32 compat Proof of Concept

30.1.2014

Bugtraq

SiteCore XML Control Script Insertion 2014-01-29
Mark Litchfield (mark securatary com)

[slackware-security] mozilla-nss (SSA:2014-028-02) 2014-01-28
Slackware Security Team (security slackware com)

Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail 2014-01-28
Mark Litchfield (mark securatary com)

Malware

Generic PUP.x!6D0409CB0FD3
Generic PUP.x!77BAD7BC4570
Generic PUP.x!29335C111F2D
Generic PUP.x!044D6B5A0252
Generic PUP.x!D7BE021EC25F
Generic PUP.x!F61238EC7128
Generic PUP.x!74E3C9F04BD5
Generic PUP.x!65F3B5F0C92D
Generic PUP.x!2AF227E63E65
Generic PUP.x!2A0195267960
Generic PUP.x!150E8FFEE83B
Generic PUP.x!D6BA17170D63
Generic PUP.x!C59115D3693E
Generic PUP.x!952878653E9D
Generic PUP.x!FD3E45BB3D3D
Generic PUP.x!5207F2842F14
Generic PUP.x!9497EB4F012F
Generic PUP.x!53729D638488
Generic PUP.x!0E45A8C96D7F
Generic PUP.x!8FADA4685985
Generic PUP.x!36BF7AD8D48E
Generic PUP.x!8A14C413B2A5
Generic PUP.x!04707068422D
Generic PUP.x!8C0E149F881C
Generic PUP.x!8620497265C4
Generic PUP.x!F6779CCC9846
Generic PUP.x!41AACDB43DF2
Generic PUP.x!047A82ECF667
Generic PUP.x!297D00A85D3F
Generic PUP.x!25B93F0719AA

Phishing

American Express	29th January 2014
AMERICAN EXPRESS SECURITY NOTIFICATION
Chase	29th January 2014
Chase Online Banking Notification
PayPal	29th January 2014
Important Information about your PayPal account
Barclays Bank	29th January 2014
Your Barclays Account is Suspended

Vulnerebility

Exploit

Oracle Forms and Reports 11.1 - Remote Exploit

Simple E-Document Arbitrary File Upload

SimplyShare 1.4 iOS - Multiple Vulnerabilities

A10 Networks Loadbalancer - Directory Traversal

ManageEngine Support Center Plus 7916 - Directory Traversal

pfSense 2.1 build 20130911-1816 - Directory Traversal

29.1.2014

Bugtraq

Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability 2014-01-27
Vulnerability Lab (research vulnerability-lab com)

DC4420 - London DEFCON - January meet - Tuesday 28th January 2014 2014-01-27
Major Malfunction (majormal pirate-radio org)

Multiple Vulnerabilities in Eventum 2014-01-27
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic.bfr!344E80BF1B50
RDN/Generic PUP.x!brm!AD5398408013
Generic PUP.x!4C66AAB80C9F
W32/Expiro!20E458313ED4
Generic.bfr!11A530D8AB38
Generic PUP.x!38C14DE2C403
W32/Expiro!0B632754088A
Generic.bfr!BECEE78D4777
W32/Expiro!FADFC1410EFC
Generic PUP.x!8BF133BF8755
Generic.bfr!FDCED4A13A64
Generic PUP.x!2EFFD8E93004
Generic PUP.x!8990AEF55740
Generic PUP.x!8A19C8675CA8
Generic PUP.x!AB2C3C85BF81
Generic PUP.x!CE91909F3010
Generic PUP.x!AD706008CAD2
Generic PUP.x!5070F15E0A82
Generic PUP.x!1BEAA7F01AE6
RDN/Downloader.a!oy!5EDBCE39BAF0
Generic PUP.x!F3C7F1ADA158
RDN/Generic PUP.x!brm!5A3C6351204E
Generic PUP.x!DF0CFBBAC5E0
Generic PUP.x!BA2CF4F2478F
Generic PUP.x!A8FB2C29F0EC
Generic PUP.x!6FA19C9D322E
Generic PUP.x!20BC0519D4AB
Generic PUP.x!3F15A0CA7796
Generic.bfr!A50E693128F7
Generic PUP.x!189D2969E129

Phishing

Chase	28th January 2014
New Message From Chase Online (SM)
RBS	28th January 2014
YOUR RBS CARD IMPORTANT NOTIFICATION.
NATWEST	28th January 2014
NATWEST CREDIT CARD ONLINE SERVICES
RBS	28th January 2014
YOUR LATEST STATEMENT FOR ACCOUNT ENDING 952 IS READY FOR YOU ONLINE NOW
PayPal	28th January 2014
Account Notification

Vulnerebility

Exploit

28.1.2014

Bugtraq

Malware

RDN/Downloader.a!oy!AC08A9F4C29E
Generic PUP.x!1E3D0DA0E39A
Generic.bfr!045F826DACAB
Generic.bfr!0A8249690995
Generic.bfr!1599AFD60537
RDN/Generic BackDoor!A95389472155
Generic PUP.x!F8F657F2BF6D
Generic PUP.x!C1A2E45D4276
Generic PUP.x!CC862D3B8521
W32/Expiro!27CEE36B8457
Generic PUP.x!BD2F8B363A61
RDN/Downloader.a!oy!49BC767AED90
RDN/Generic.dx!c2d!D1C874703CED
W32/Sdbot.worm!A791ABA045DF
Generic.bfr!4B02F8FA4646
Generic PUP.x!8AE4D2780616
Generic.bfr!623E945441EA
RDN/Generic PUP.x!brk!54F393CA274B
Generic PUP.x!1606B7EB88C3
Generic PUP.x!9001D9284D1B
RDN/Generic PUP.x!brk!E2DD8ACF01D1
Adware-FDI!B7BD8FCD0265!B7BD8FCD0265
RDN/Generic PUP.x!8A7CA4C7372E
Generic PUP.x!415FD088C9C6
Generic.bfr!8F1C8E778185
Generic.bfr!D8DE28BFB8ED
Generic.bfr!95B6D166EFD6
Generic PUP.x!54CF97A0B720
Generic PUP.x!56F9E1AC6788
Generic PUP.x!5AFF340B19BC

Phishing

PayPal	28th January 2014
Account Notification
PayPal	27th January 2014
* CACTUS * Your account status has changed!
Natwest Bank Plc	27th January 2014
SECURITY ALERT (SECURE YOUR ONLINE CREDIT CARD ACCESS)
service@paypal.co.uk	27th January 2014
Your Account PayPal Has Been Limited !

Vulnerebility

Exploit

27.1.2014

Bugtraq

Malware

Generic PUP.x!6AE4423081B1
Generic PUP.x!85E911031511
RDN/Spybot.bfr!l!BD7D4E092BB0
Generic.bfr!627057A6267F
Generic PUP.x!BDACB46BC263
RDN/Generic PUP.x!2DFA591E16C1
Adware-DomaIQ!7DC6AC9A22CF!7DC6AC9A22CF
RDN/Generic.dx!2B07199D0153
Generic PUP.x!76414AE6C97D
Generic PUP.x!C83600C82870
Generic PUP.x!2D33BC265D1A
Adware-DomaIQ!F287AC4D253B!F287AC4D253B
RDN/Ransom!ea!B1E7ABA36A01
Generic PUP.x!3E5C3A47D034
Generic.bfr!B25DDFD38762
Generic PUP.x!B2A29854239F
Generic PUP.x!09EA90A70171
RDN/Generic PUP.x!1E73BAA774C0
Generic PUP.x!BBB97AF8D165
Adware-DomaIQ!5CDFD0D91100!5CDFD0D91100
Generic.bfr!354B7DA27B5E
Generic PUP.x!7393AE297ECE
Adware-DomaIQ!8F21208F4DFE!8F21208F4DFE
Generic PUP.x!4FC1B186BC4B
Adware-DomaIQ!BADBAB0C488D!BADBAB0C488D
Generic PUP.x!80B59DC20BCD
Generic PUP.x!B011DABAF433
Generic PUP.x!FD72D12C8679
Generic PUP.x!97697AEFF25F
Generic.bfr!D87EFCF365A3

Phishing

service@paypal.co.uk	26th January 2014
YOU HAVE CHANGED YOUR PAYPAL EMAIL ADDRESS
PayPal	26th January 2014
WE NOTICED AN ISSUE WITH YOUR ACCOUNT
NATWEST PLC	26th January 2014
Important information regarding internet banking
NatWest Bank	26th January 2014
NatWest Account Notice!
RBS	26th January 2014
Your RBS Card Important Notification.
Natwest	26th January 2014
SECURITY MESSAGE: READ CAREFULLY.
RBS	26th January 2014
RE-CONFIRM YOUR RBS CARD MEMBERSHIP
NatWest Bank	25th January 2014
Your NatWest account will be suspended
Bank of America	25th January 2014
Bank of America Alert: Sign-in to Online Banking Locked

Vulnerebility

Exploit

Ability Mail Server 2013 - Password Reset CSRF from Stored XSS (Web UI)

Oracle Outside In MDB File Parsing Stack Based Buffer Overflow PoC

Mozilla Thunderbird 17.0.6 - Input Validation Filter Bypass

25.1.2014

Bugtraq

Security Vulnerabilities in Apache Cordova / PhoneGap 2014-01-24
mgeorgiev utexas edu

[CTF] nullcon HackIM 2014 will start at 24-01-2014, when the clock will strike at 11:59 (+5:30 GMT) 2014-01-24
nullcon (nullcon nullcon net)

[CVE-2014-1664] GoToMeeting Information Disclosure via Logging Output (Android) 2014-01-24
cjlacayo gmail com

Malware

RDN/Generic PWS.y!BA8B495DA9F8
Generic.bfr!9E1764E7D22C
Generic PUP.x!36649F93DABA
Generic PUP.x!50419017E7B6
Generic PUP.x!FE238B7C19AA
Generic PUP.x!B34E098A17AA
Generic BackDoor!AB6139FA6523
Generic PUP.x!168F78F0178D
Generic.bfr!DF776E9DFAA0
Generic PUP.x!BE00272BD4AD
Generic PUP.x!257A23600F61
Generic PUP.x!4677D81A38D5
Generic PUP.x!895E707AC080
Generic PUP.x!82241E34E53B
Generic PUP.x!F880BE71BEFB
Adware-FFN!6A0003461B4B!6A0003461B4B
Generic.bfr!6C77E1806D9A
RDN/Generic.bfr!fs!AE054DC761F0
RDN/Generic Dropper!tn!43962F8DEA71
Generic.bfr!00F1B9312028
Generic PUP.x!BF0DBF080D74
RDN/Generic PUP.x!br3!8FF51606EC9A
Generic.bfr!8A476C0A8EF7
Generic PUP.x!6CC44EC0729F
Generic Downloader.x!6C0328DC3C32
Generic.bfr!F9123C673DF5
Generic PUP.x!781CED597B5F
Generic.bfr!CA6B76D9FD7A
Generic PUP.x!119A689EA497
Generic.bfr!2DC58CB145C3

Phishing

Bank of America	25th January 2014
Bank of America Alert: Sign-in to Online Banking Locked
Natwest	24th January 2014
Message From NatWest Credit Card Secuity System
NatWest	24th January 2014
WE DETECT AN ERROR WITH YOUR ACCOUNT.

Vulnerebility

Exploit

24.1.2014

Bugtraq

Cross-Site Scripting (XSS) in Komento Joomla Extension 2014-01-23
High-Tech Bridge Security Research (advisory htbridge com)

SQL Injection in JV Comment Joomla Extension 2014-01-23
High-Tech Bridge Security Research (advisory htbridge com)

Reflected cross-site scripting (XSS) vulnerability in Mediatrix Web Management Interface login page 2014-01-23
tudor enache helpag com

Malware

Generic PUP.x!FB1F5220F4C7
Generic PUP.x!AD88769E6CE7
Generic PUP.x!21E103B290C5
Generic PUP.x!975DEEBDF44B
Generic PUP.x!F269AA2FEA04
Generic PUP.x!95D500798758
Generic PUP.x!43C4FAB152A8
W32/Sdbot.worm!B8A5EC6329AA
Generic PUP.x!2C114D64DFB9
W32/Expiro!090B3B70E41B
Generic.bfr!7D629D8EF7E3
Generic PUP.x!80ACFEB29F44
Generic PUP.x!C576750AAB1B
Generic PUP.x!5A201BB4A327
Generic PUP.x!98542A0D01A0
Generic PUP.x!952DD5E71F5A
Generic PUP.x!E3731E5A05DF
Generic PUP.x!B57D9FBC11D7
Generic PUP.x!593AA8225B27
Generic PUP.x!D24C31DA58C9
Generic PUP.x!58A876CB7D6A
Generic PUP.x!92AFDECE8AC7
Generic PUP.x!4FFDB093E5AA
Generic PUP.x!A63EEEF9352A
Generic PUP.x!EBE47AFD8155
Generic.bfr!9481CCF0A6A0
Generic.bfr!E01B63D7CA76
RDN/Generic BackDoor!ws!E0580DD8BB98
Generic.bfr!B87F1FB2762D
Generic PUP.x!609CDA89DA8F

Phishing

NatWest Card	23rd January 2014
Account Schedule Maintenance !
NatWest	23rd January 2014
We Detect An Error With Your Account.

Vulnerebility

Exploit

NCH Software Express Burn Plus 4.68 (.EBP) Project File Buffer Overflow

Daum Game 1.1.0.5 ActiveX (IconCreate Method) - Stack Buffer Overflow

HP Data Protector Backup Client Service Directory Traversal

Ammyy Admin 3.2 - Authentication Bypass

MW6 Technologies Aztec ActiveX (Data param) - Buffer Overflow

MW6 Technologies DataMatrix ActiveX (Data param) - Buffer Overflow

MW6 Technologies MaxiCode ActiveX (Data param) - Buffer Overflow

23.1.2014

Bugtraq

[ MDVSA-2014:020 ] x11-server 2014-01-22
security mandriva com

Cisco Security Advisory: Cisco TelePresence System Software Command Execution Vulnerability 2014-01-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability 2014-01-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability 2014-01-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

Generic PUP.x!7DCC5A5683AF
Generic PUP.x!3E5BD9B7B65A
RDN/Generic PUP.x!brh!3452C439CAAE
Generic PUP.x!334716DAE2C4
RDN/Generic PUP.x!3377C4FCFD19
Generic.bfr!C350BA135F8D
Generic.bfr!E481AD73D3D2
Generic.bfr!9124533533D1
Generic.bfr!06E61C34F2B0
Generic PUP.x!931B69DB713E
Generic PUP.x!3B37D28DC1FE
Generic PUP.x!C047EFE8D69A
Generic PUP.x!A127D9D3E19D
Generic PUP.x!82D1B32D7859
Generic.bfr!BDF5BCC1C644
Generic.bfr!332C7DD20CEA
RDN/Downloader.a!ox!204AA3243D16
Generic PUP.x!34620204317D
Generic PUP.x!BE85B509057C
Generic PUP.x!8344D925DA50
Generic PUP.x!DCF09820AD6F
Generic PUP.x!15D89C0172B0
Generic PUP.x!53B8161A2F86
Generic.bfr!BE416AAFC707
Generic PUP.x!7EE05A33D866
Generic PUP.x!F60BB2A632B3
Generic PUP.x!00F4DEC3433A
Generic PUP.x!36ECD6EDA172
Generic PUP.x!B6FA48188FBE
Generic.bfr!BEAC62E01B12

Phishing

Vulnerebility

Exploit

iTechClassifieds 3.03.057 - SQL Injection

godontologico 5 - SQL Injection (0day)

Simple e-document 1.31 - Login bypass

PizzaInn_Project - SQL Injection

mySeatXT 0.2134 - SQL Injection

Easy POS System - SQL Injection (login.php)

Cells Blog 3.3 - XSS Reflected & Blind SQLite Injection

Adult Webmaster PHP - Password Disclosure

22.1.2014

Bugtraq

[ MDVSA-2014:017 ] net-snmp 2014-01-22
security mandriva com

[ MDVSA-2014:016 ] spice 2014-01-22
security mandriva com

[ MDVSA-2014:015 ] cups 2014-01-22
security mandriva com

SEC Consult SA-20140122-0 :: Critical vulnerabilities in T-Mobile HOME NET Router LTE (Huawei B593u-12) 2014-01-22
SEC Consult Vulnerability Lab (research sec-consult com)

[FFRRA-20131213] Crafted ICMP ECHO REQUEST can cause denial of service on Juniper SSG20 2014-01-22
research-feedback ffri jp

[ MDVSA-2014:014 ] php 2014-01-21
security mandriva com

[ MDVSA-2014:013 ] libxfont 2014-01-21
security mandriva com

[SECURITY] [DSA 2847-1] drupal7 security update 2014-01-20
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2014:012 ] nss 2014-01-20
security mandriva com

[ MDVSA-2014:011 ] java-1.7.0-openjdk 2014-01-20
security mandriva com

Secunia Research: OpenPNE PHP Object Injection Vulnerability 2014-01-20
Secunia Research (remove-vuln secunia com)

Malware

Generic PUP.x!B463B172F182
Generic PUP.x!B3F990F20234
RDN/Generic.bfr!fq!FF7991869860
Generic PUP.x!0C9261676A40
Generic PUP.x!A9A40EF593BC
Generic PUP.x!B023BAE9797C
Generic PUP.x!133D8BC96C17
Generic PUP.x!FD0A06D6BE4D
Generic PUP.x!558AA708B6FB
Generic PUP.x!B899CADB2455
Generic PUP.x!CAF0A68E9C57
Generic PUP.x!AF238503D913
Generic PUP.x!2AC9ABB8860C
Generic PUP.x!2DCB6FE1694D
Generic PUP.x!B471F916408E
Generic.bfr!92A6AE6A3EBA
Generic PUP.x!982E8C1E53A0
Generic PUP.x!9CA007295A67
Generic PUP.x!9D74EA03FA23
Generic PUP.x!7B2E86FBC055
Generic PUP.x!983BA72D7AD2
Generic.bfr!01B72F872C74
Generic.bfr!60297A90BB4A
Generic PUP.x!B048AF932CBA
Generic PUP.x!0C6807A1AD7D
Generic PUP.x!51C3334073FC
Generic PUP.x!873E19782A7F
Generic.bfr!AF85D05BF519
Generic PUP.x!65F9BFD8A05C
Generic PUP.x!B29208BCE2BA

Phishing

service@paypal.co.uk	21st January 2014
ONLINE ACCESS HAS BEEN SUSPENDED
Barclays Bank	21st January 2014
You Have One Unread Message
Google Docs noreply@google.com	21st January 2014
ORIGINAL DOCUMENTS!!.....

Vulnerebility

Exploit

21.1.2014

Bugtraq

Malware

RDN/Spybot.bfr!01845607536E
Generic PUP.x!755E0C8F87B5
Generic.bfr!4E68E2C90340
Generic.bfr!41740D36713E
Generic.bfr!C24795FC534D
Generic PUP.x!3C73BFAB70AD
Generic PUP.x!A292D658637E
Generic.bfr!7D3884CBEAC5
Generic.bfr!C7F8202D631B
RDN/Generic PUP.x!F6A3A4E0BBD7
Generic PUP.x!1865A2D81372
Generic PUP.x!5A7377252A5C
Generic PUP.x!D11CB2C12110
Generic PUP.x!8E05B2F74EFE
Generic.bfr!48F67FEADAA6
Generic.bfr!BEA2FB22065E
Generic PUP.x!5A60D62FF2D9
Generic PUP.x!7C189E51FB45
Generic PUP.x!164C52FDD6CF
Generic.bfr!9D849AD00DC5
Generic.bfr!70A4E884D945
Generic.bfr!B4F16DBDB39C
Generic PUP.x!D15ABA7360BB
Generic PUP.x!E9BA9409E615
Generic.bfr!B474AD1DEBEE
Generic.bfr!A5F4083B045A
Generic.bfr!AE884668A52D
Generic PUP.x!2020FE8323E7
Generic PUP.x!CDB5A6CF8411
Generic.bfr!F6EABA5F08B0

Phishing

Vulnerebility

Exploit

MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color()

Doodle4Gift - Multiple Vulnerabilities

AfterLogic Pro and Lite 7.1.1.1 - Stored XSS

Teracom Modem T2-B-Gawv1.4U10Y-BI - Stored XSS Vulnerability

BLUE COM Router 5360/52018 - Password Reset Exploit

20.1.2014

Bugtraq

Malware

Generic PUP.x!8509B16AC4DA
Generic PUP.x!886D34CF019E
ObfuscatedASX!hb!0F8C66629D8D!0F8C66629D8D
Generic PUP.x!01FA35524D3E
Adware-FFN!5347A9F3D929!5347A9F3D929
Generic.bfr!093F94A72FE0
RDN/Generic PUP.x!83AAF4C2F6D4
Generic PUP.x!5131F5306D92
Generic PUP.x!89941A66E3B4
Generic PUP.x!86614121DBD8
Generic PUP.x!67BA1C34CC88
RDN/Generic.dx!cxv!4BFD6DDB0F67
Generic PUP.x!2618C770AF33
Generic PUP.x!88EC6F996519
Generic PUP.x!E7C0C125F6A8
RDN/DNSChanger.bfr!1EA30796BD9A
Generic PUP.x!87FBBAF67D80
Generic PUP.x!6C5313536266
Generic PUP.x!E61A2ECFB2AF
Generic PUP.x!9EB2787C196F
Generic.bfr!26AFDEE6EDE7
RDN/Generic Downloader.x!17D96FC2B4AF
Generic PUP.x!1B76546139E4
RDN/Generic BackDoor!wq!D7DAACD9C373
Generic PUP.x!87EF2405D18C
Generic PUP.x!87A4FA471587
ObfuscatedASX!hb!0FF85F2C41B8!0FF85F2C41B8
Generic PUP.x!89FEB748AF86
PWSZbot-FON!0F76EC2115A5!0F76EC2115A5
Generic PUP.x!25722B752690

Phishing

ebilling@bt.com	20th January 2014
Important Information About Your BT account (cell 13)
PayPal.com	20th January 2014
ACCOUNT VALIDATION
Bank of America Alert	20th January 2014
Bank of America Alert: Thats New Required Verification Process From Bank of America Alert
Mint Credit card	19th January 2014
MINT.CO.UK - MINIMUM PAYMENT DUE
Natwest	19th January 2014
Your NatWest Card Importante Notification !
Tesco	19th January 2014
Tesco Credit Card
Google Drive	18th January 2014
IMPORTANT DOCUMENTS

Vulnerebility

Exploit

17.1.2014

Bugtraq

Open-Xchange Security Advisory 2014-01-17 2014-01-17
Martin Braun (martin braun open-xchange com)

[security bulletin] HPSBUX02961 SSRT101420 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2014-01-17
security-alert hp com

[ MDVSA-2014:004 ] nagios 2014-01-16
security mandriva com

[ MDVSA-2014:006 ] libxslt 2014-01-16
security mandriva com

[ MDVSA-2014:005 ] ejabberd 2014-01-16
security mandriva com

[ MDVSA-2014:003 ] nrpe 2014-01-16
security mandriva com

[ MDVSA-2014:002 ] bind 2014-01-16
security mandriva com

SQL Injection in Sexy Polling Joomla Extension 2014-01-16
High-Tech Bridge Security Research (advisory htbridge com)

[HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL 2014-01-16
Hafez Kamal (aphesz hackinthebox org)

CVE-2013-4200 - Plone URL redirection / Forwarding of cookie data (session hijack) in certain browsers 2014-01-16
Alexandre Herzog (alexandre herzog csnc ch)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System 2014-01-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[slackware-security] openssl (SSA:2014-013-02) 2014-01-14
Slackware Security Team (security slackware com)

Online OWASP Security Challenges 2014-01-15
Ivan Buetler (ivan buetler csnc ch)

[SECURITY] [DSA 2844-1] djvulibre security update 2014-01-15
Raphael Geissert (geissert debian org)

FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete 2014-01-14
Pivotal Security Team (security gopivotal com)

[CVE-2014-1238] Cross Site Scripting(XSS) in q-pulse application 2014-01-14
ali hussein helpag com

FreeBSD Security Advisory FreeBSD-SA-14:02.ntpd 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-14:04.bind 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-14:03.openssl 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

CVE-2013-6430 Possible XSS when using Spring MVC 2014-01-14
Pivotal Security Team (security gopivotal com)

[slackware-security] libXfont (SSA:2014-013-01) 2014-01-14
Slackware Security Team (security slackware com)

[slackware-security] samba (SSA:2014-013-04) 2014-01-14
Slackware Security Team (security slackware com)

[slackware-security] php (SSA:2014-013-03) 2014-01-14
Slackware Security Team (security slackware com)

[CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application 2014-01-14
Daniel Wood (daniel wood owasp org)

[security bulletin] HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS) 2014-01-13
security-alert hp com

[SECURITY] [DSA 2843-1] graphviz security update 2014-01-13
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2842-1] libspring-java security update 2014-01-13
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:001 ] kernel 2014-01-13
security mandriva com

NETGEAR WNR1000v3 Password Recovery Vulnerability 2014-01-12
c1ph04mail gmail com

Malware

Generic PUP.x!2A33D3EB453C
Generic PUP.x!4BE668A899F3
Generic PUP.x!52D85A1A04C9
RDN/Generic.dx!cx3!D105C840469B
Generic.bfr!F01BD1D3CDEA
Generic.bfr!1C143D846EE7
Generic PUP.x!609AD050C20E
Generic.bfr!93568AD0DCAD
Generic PUP.x!24980CA029C6
Generic PUP.x!6BAD5DC85B03
Generic PUP.x!1E41299BF6C2
Generic PUP.x!378C14E44945
Generic PUP.x!C03843372EB8
Generic.dx!0ACB289832A8
Generic.bfr!15DC5F96AD53
Generic PWS.y!F81ECD6EDFA2
Generic PUP.x!69FB0C5E2576
RDN/Generic PUP.x!brd!AADC62FF9B93
RDN/Generic Dropper!tl!E3FD6EEA2646
Generic PUP.x!29799CD10DFD
Generic PUP.x!C6D8B34778AD
Generic PUP.x!F53437834FF7
Generic PUP.x!CABAB29710AE
Generic PUP.x!F6B486585543
Generic PUP.x!D3C407B21048
Generic PUP.x!6376D3A9D760
RDN/Generic Qhost!l!007C93968434
RDN/Generic.dx!cx3!38AD97469A9A
RDN/Generic PUP.x!brd!171A035EA516
Generic PUP.x!A5354B6452B1

Phishing

Citi Cards	17th January 2014
YOUR CITI CREDIT CARD STATEMENT
Natwest	16th January 2014
NatWest Card Online Membership Identification
NatWest ;	16th January 2014
NatWest Card Important Maintenance.
Natwest	16th January 2014
Account Schedule Maintenance
Pay Pal	15th January 2014
NEW PAYMENT TO SKYPE !
Paypal	15th January 2014
Your Account Has Been Limited
eBilling@bt.com	15th January 2014
Important Information About Your Service-Mail Update
Vodafone	15th January 2014
HMRC Notification - Tax refund (HM Revenue FONT-SIZE: 10pt">After the last annual calculations of your fiscal
Royal Bank of Scotland	15th January 2014
Account Schedule Maintenance
Apple	14th January 2014
ACCOUNT INFO CHANGES
Barclays Internet Banking	14th January 2014
BARCLAYS BANK - THIS MONTH'S E-STATEMENT IS NOW AVAILABLE TO VIEW ONLINE
Career	14th January 2014
Job Post: Customer Service Representatives
Lloyds	14th January 2014
Important Update !

Vulnerebility

Exploit

SoapUI 4.6.3 - Remote Code Execution

SerComm Device Remote Code Execution

vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload

CCProxy 7.3 - Integer Overflow Exploit

haneWIN DNS Server 1.5.3 - Denial of Service