Databáze Hot News 2015 August -

SUPPORT	24th August 2015
We Advise You To Update Your Account Right Now âœ”
Microsoft	24th August 2015
Update Your Account Amazon
sales	23rd August 2015
YOUR PAYMENT TO SKYPE, RECEIPT NR. 02695125143
Chase Bank	23rd August 2015
[ Chase Bank ] Important Notification
USAA	23rd August 2015
Important Account Update

Vulnerebility

SANS News

Are You Protecting your "Backdoor" ?

Threatpost

White House Support for CISA Worries Privacy Advocates - See more at: https://threatpost.com/#sthash.N0mq2Ham.dpuf

White House Support for CISA Worries Privacy Advocates

AlienSpy RAT Resurfaces as JSocket

Vulnerabilities Identified in Dolphin, Mercury Android Browsers

Exploit

Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow

Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow

24.8.2015

Bugtraq

Logstash vulnerability CVE-2015-5619 2015-08-21
Suyog Rao (suyog elastic co)

[security bulletin] HPSBUX03410 SSRT102175 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-21
security-alert hp com

Re: [SECURITY] [DSA 3325-2] apache2 regression update 2015-08-21
franzskinn gmail com

APPLE-SA-2015-08-20-1 QuickTime 7.7.8 2015-08-20
Apple Product Security (product-security-noreply lists apple com)

Re: Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability 2015-08-20
anonymous yahoo com

[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege 2015-08-20
security-alert hp com

[SECURITY] [DSA 3342-1] vlc security update 2015-08-20
Alessandro Ghedini (ghedo debian org)

[oCERT-2015-009] VLC arbitrary pointer dereference 2015-08-20
Andrea Barisani (lcars ocert org)

UBNT Bug Bounty #3 - Persistent Filename Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)

UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)

WebSolutions India Design CMS - SQL Injection Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)

ChiefPDF Software v2.x - Buffer Overflow Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)

PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)

Malware

Backdoor.Duuzer

Phishing

Chase Bank	23rd August 2015
[ Chase Bank ] Important Notification
USAA	23rd August 2015
Important Account Update
Lloyds Bank	22nd August 2015
YOUR ACCOUNT HAS BEEN FROZEN
Lloyds	22nd August 2015
LLOYDS BANK UPDATE

Vulnerebility

SANS News

Threatpost

Exploit

Microsoft Office 2007 wwlib.dll fcPlcfFldMom Uninitialized Heap Usage

Microsoft Office 2007 wwlib.dll Type Confusion

Microsoft Office 2007 OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write

Microsoft Office 2007 MSO.dll Arbitrary Free

Microsoft Office 2007 MSO.dll Use-After-Free

Windows win32k.sys TTF Font Processing win32k!fsc_BLTHoriz Out-of-Bounds Pool Write

Windows win32k.sys TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access

Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed FDSelect Offset in the CFF Table

Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table

Windows win32k.sys TTF Font Processing win32k!scl_ApplyTranslation Pool-Based Buffer Overflow

Windows win32k.sys TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow

Windows ATMFD.DLL Write to Uninitialized Address Due to Malformed CFF Table

Windows ATMFD.DLL CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access

Windows ATMFD.DLL CFF table (ATMFD+0x34072 / ATMFD+0x3407b) Invalid Memory Access

Windows ATMFD.DLL CharString Stream Out-of-Bounds Reads

Microsoft Office 2007 MSPTLS Heap Index Integer Underflow

21.8.2015

Bugtraq

[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege 2015-08-20
security-alert hp com

[SECURITY] [DSA 3342-1] vlc security update 2015-08-20
Alessandro Ghedini (ghedo debian org)

[oCERT-2015-009] VLC arbitrary pointer dereference 2015-08-20
Andrea Barisani (lcars ocert org)

UBNT Bug Bounty #3 - Persistent Filename Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)

UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)

WebSolutions India Design CMS - SQL Injection Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)

Malware

Backdoor.Duuzer

Win32/Backzat.Z

Win32/TrojanDownloader.Small.ACX

Win32/PSW.OnLineGames.AQLO

OSX/Ventir.A

Win32/Saynob.2406.A

OSX/Spy.Hapus.A

Phishing

Microsoft	21st August 2015
Opportunity Job
HM Revenue & Customs	21st August 2015
PERIODIC YEAR-END FISCAL INFORMATION
@aol.com	20th August 2015
UPDATE
Amazon Support	20th August 2015
ACCOUNT VEREFICATION
Amazon Support	19th August 2015
ACCOUNT VEREFICATION

Vulnerebility

SANS News

A recent decline in traffic associated with Operation Windigo

Threatpost

Uptick in Neutrino Exploit Kit Traffic Doesn’t Mean Angler Reign Over

Details Surface on Patched Sandbox Violation Vulnerability in iOS

Facebook Updates Information-Sharing Platform

Exploit

WordPress MDC Private Message Plugin 1.0.0 - Persistent XSS

Valhala Honeypot 1.8 - Stack-Based Buffer Overflow

Win2003 x64 - Token Stealing shellcode - 59 bytes

20.8.2015

Bugtraq

[security bulletin] HPSBUX03400 SSRT102211 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-19
security-alert hp com

CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability 2015-08-19
Christofer Dutz (cdutz apache org)

Privilege escalation through RPC commands in EMC Documentum Content Server (incomplete fix in CVE-2015-4532) 2015-08-19
andrew panfilov tel

Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19
Asher995 gmail com (2 replies)

Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19
paul szabo sydney edu au

RE: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19
Chillman, Paul, Vodafone UK (Paul Chillman vodafone com)

[SYSS-2015-041] XSS in OpenText Secure MFT 2015-08-19
adrian vollmer syss de

Malware

Phishing

Amazon Support	20th August 2015
ACCOUNT VEREFICATION
Amazon Support	19th August 2015
ACCOUNT VEREFICATION
PayPal Inc	19th August 2015
[PAYPAL VERIFICATION] âœ‰ LAST REMINDER YOU MUST UPDATE YOUR ACCOUNT INFORMATION âœ”

Vulnerebility

SANS News

Actor using Angler exploit kit switched to Neutrino

Threatpost

Holes Patched in Online Bookmarking App Pocket

Web.com Loses 93,000 Credit Card Numbers in Breach

Inside the Unpatched OS X Vulnerabilities

Exploit

Aruba Mobility Controller 6.4.2.8 - Multiple vulnerabilities

Vifi Radio v1 - CSRF Vulnerability

up.time 7.5.0 Superadmin Privilege Escalation Exploit

up.time 7.5.0 XSS And CSRF Add Admin Exploit

up.time 7.5.0 Arbitrary File Disclose And Delete Exploit

up.time 7.5.0 Upload And Execute File Exploit

19.8.2015

Bugtraq

[SYSS-2015-041] XSS in OpenText Secure MFT 2015-08-19
adrian vollmer syss de

Trend Micro Deep Discovery XSS 2015-08-19
apparitionsec gmail com

Trend Micro Deep Discovery Authentication Bypass 2015-08-19
apparitionsec gmail com

Re: Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-08-18
aabbccdd05407 gmail com

CVE-2015-5699 - Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation 2015-08-18
Gregory Pickett (gpickett71 yahoo com)

FreeBSD Security Advisory FreeBSD-SA-15:20.expat 2015-08-18
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 3338-1] python-django security update 2015-08-18
Alessandro Ghedini (ghedo debian org)

Malware

TrojanDownloader:Win32/Upatre.BR
TrojanDownloader:MSIL/Torwofun.B
PWS:Win32/QQpass.GR
PWS:MSIL/Facepass.A
SoftwareBundler:Win32/Bestof
PWS:O97M/Wipha.A

Phishing

admin email	19th August 2015
UPGRADE EMAIL ACCOUNT!
Lisa	18th August 2015
NEW ORDER
285$	18th August 2015
THE OPPORTUNITY TO EARN UP TO $ 500 PER DAY [VKGPM]
Tesco Bank	18th August 2015
Tesco Account suspended due to TOS violations
Tracy Allen	18th August 2015
A NEW CHEAT MATCH IS PENDING
Natwest	18th August 2015
Violation Terms
Mail Administrator	18th August 2015
EXCEEDED LIMIT
Arlene Horton	18th August 2015
STRANGER HAS SENT YOU A QUICKIE REQUEST
Unlimited	18th August 2015
FRESH TOOLS / ONLINE LIVE SUPPORT, VISIT US: HTTP://ASHOKTOOLS.NET
Apple	18th August 2015
YOUR APPLE ID WAS USED TO SIGN IN TO ICLOUD ON AN MACBOOK PRO.

Vulnerebility

SANS News

Microsoft Security Bulletin MS15-093 - Critical OOB - Internet Explorer RCE

Threatpost

Emergency IE Patch Fixes Vulnerability Under Attack

IRS Hack May Implicate Three Times As Many Taxpayers Than Expected

Apple Zero Day Remains Unpatched

Core Infrastructure Initiative Launches Open Source Security Badge Program

Adobe Patches XXE Vulnerability in LiveCycle Data Services

Exploit

Flash Broker-Based Sandbox Escape via Forward Slash Instead of Backslash

Flash Broker-Based Sandbox Escape via Unexpected Directory Lock

Flash Broker-Based Sandbox Escape via Timing Attack Against File Moving

Flash Boundless Tunes - Universal SOP Bypass Through ActionSctipt's Sound Object

Flash PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution

Flash Player Integer Overflow in Function.apply

Flash AVSS.setSubscribedTags Use After Free Memory Corruption

Flash Uninitialized Stack Variable MPD Parsing Memory Corruption

Flash Issues in DefineBitsLossless and DefineBitsLossless2 Leads to Using Uninitialized Memory

Flash AS2 Use After Free in TextField.filters

Flash AS2 Use After Free While Setting TextField.filters

Flash Use-After-Free in Display List Handling

Flash Use-After-Free in NetConnection.connect

Adobe Flash Use-After-Free When Setting Variable

Flash AS2 Use After Free in DisplacementMapFilter.mapBitmap

Flash Use-After-Free with MovieClip.scrollRect in AS2

Adobe Flash Use-After-Free When Setting Value

Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File

Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File (2)

Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF

Adobe Flash Use-After-Free in XML.childNodes

Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow

FTP Commander 8.02 - SEH Overwrite

OS X 10.10.5 - XNU Local Privilege Escalation

18.8.2015

Bugtraq

Re: [SECURITY] [DSA 3336-1] nss security update 2015-08-17
miguelmellolopes gmail com

EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532) 2015-08-17
andrew panfilov tel

[SECURITY] [DSA 3336-1] nss security update 2015-08-17
Salvatore Bonaccorso (carnil debian org)

sysadmin privilege in EMC Documentum Content Server 2015-08-17
andrew panfilov tel

Insufficient certificate validation in EMC Secure Remote Services Virtual Edition 2015-08-17
Securify B.V. (lists securify nl)

Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal 2015-08-17
Securify B.V. (lists securify nl)

[ERPSCAN-15-013] SAP NetWeaver AS Java CIM UPLOAD â?? XXE 2015-08-17
ERPScan inc (erpscan online gmail com)

[ERPSCAN-15-012] SAP Afaria 7 XComms â?? Buffer Overflow 2015-08-17
ERPScan inc (erpscan online gmail com)

ESA-2015-130: EMC Documentum WebTop and WebTop Clients Cross-Site Request Forgery Vulnerability 2015-08-17
Security Alert (Security_Alert emc com)

ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities 2015-08-17
Security Alert (Security_Alert emc com)

Malware

Trojan.Cryptolocker.Z

Trojan.Cryptolocker.Y

Trojan.Sofacy.C

PWS:O97M/Wipha.A
PWS:Win32/Wipha.A
TrojanDownloader:Win32/Tembatch.B
Exploit:VBS/CVE-2014-6332
Exploit:SWF/CVE-2014-6332

Linux.Pinscan

Phishing

Barclays	18th August 2015
YOUR DEBIT CARD HAS BEEN BLOCKED
TalkTalk	17th August 2015
The payment for your latest TalkTalk Bill could not be processed
NEWF#CKFRIEND	17th August 2015
want to f#ck right now
6367$	17th August 2015
No need to stay awake all night long to earn money. Launch the robot.

Vulnerebility

SANS News

Tool Tip: Kansa Stafford released, PowerShell for DFIR

Threatpost

Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched

Exploit

Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched - See more at: https://threatpost.com/#sthash.fuC1gXrv.dpuf

Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched

Uber to Quadruple Security Staff by 2016

Werkzeug Debug Shell Command Execution

Symantec Endpoint Protection Manager Authentication Bypass and Code Execution

VideoCharge Studio Buffer Overflow (SEH)

FTP Commander 8.02 - SEH Overwrite

Cisco Unified Communications Manager - Multiple Vulnerabilities

vBulletin < 4.2.2 - Memcache Remote Code Execution

Nuts CMS Remote PHP Code Injection / Execution

Magento CE < 1.9.0.1 Post Auth RCE

PHPfileNavigator 2.3.3 - XSS Vulnerabilities

PHPfileNavigator 2.3.3 - CSRF Vulnerability

Sagemcom F@ST 3864 V2 - Get Admin Password

17.8.2015

Bugtraq

Poor security in SOHO routers, again. Changing configuration parameters with a click. 2015-08-17
DonVallejo . (j v vallejo gmail com)

Re: Multiple vulnerabilites in vendor IKE implementations, including Cisco, 2015-08-16
arash yazdanfare gmail com

Re: NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE 2015-08-16
13669185678 139 com

Malware

PWS:Win32/Rugond.A
TrojanDropper:Win32/Notdinoti.B
TrojanDropper:Win32/Strakupa.A
TrojanSpy:Win32/Gucotut.A
TrojanDownloader:Win32/Lentrigy.A
TrojanDownloader:MSIL/Runtk.A
Backdoor:Win32/Venik.K

Phishing

FindMeAndF#ckMe	17th August 2015
I WANT TO BE IN YOUR BED
PayPal	17th August 2015
ACCOUNT VERIFICATION REQUIRED
ROCKSTAR SERVER	15th August 2015
GENUINE MING TOOLS CONTACT ROCKSTAR

Vulnerebility

SANS News

Are you a "Hunter"?

Tool Tip: Kansa Stafford released, PowerShell for DFIR

Threatpost

Apple Patches Critical OS X DYLD Flaw in Monster Update - See more at: https://threatpost.com/#sthash.1zChwKF7.dpuf

AT&T Facilitated NSA Surveillance Efforts, Reports

Using BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks

Exploit

Microsoft Windows HTA (HTML Application) - Remote Code Execution (MS14-064)

Sagemcom F@ST 3864 V2 - Get Admin Password

MASM321 11 Quick Editor (.qeditor) 4.0g- .qse SEH Based Buffer Overflow (ASLR & SAFESEH bypass)

XMPlay 3.8.1.12 - .pls Local Crash PoC

16.8.2015

Bugtraq

Malware

Win32 / PSW.Furitron.A

Win32 / PSW.Fantast.22

Phishing

ROCKSTAR SERVER	15th August 2015
GENUINE MING TOOLS CONTACT ROCKSTAR
PayPal	15th August 2015
Your Account has limitation
Apple Inc.	15th August 2015
PLEASE UPDATE YOUR APPLE ACCOUNT INFORMATION !

Vulnerebility

SANS News

Threatpost

Apple Patches Critical OS X DYLD Flaw in Monster Update

Exploit

15.8.2015

Bugtraq

Malware

Trojan.Sofacy.C

Trojan.Cryptolocker.X

Phishing

Apple Inc.	15th August 2015
PLEASE UPDATE YOUR APPLE ACCOUNT INFORMATION !
webmaster	14th August 2015
EMail from Easy Biz (EARN $500 to $1,000 In Just 1-3 Hours a Day!)
Ashley Johnston	14th August 2015
1 Waiting Super QuickCheat Alert

Vulnerebility

SANS News

Threatpost

OwnStar Attack Now Aimed at BMW, Chrysler, Mercedes Cars

Apple Patches Critical OS X DYLD Flaw in Monster Update

Exploit

Gkplugins Picasaweb - Download File

TOTOLINK Routers - Backdoor and RCE Exploit PoC

Joomla com_memorix component - SQL Injection vulnerability

Microsoft HTML Help Compiler 4.74.8702.0 - SEH Based Overflow

Firefox < 39.03 - pdf.js Same Origin Policy Exploit

Ability FTP Server 2.1.4 - afsmain.exe USER Command Remote DoS

Ability FTP Server 2.1.4 - Admin Panel AUTHCODE Command Remote DoS

Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC

14.8.2015

Bugtraq

Nuance PowerPDF Advanced Metadata Information Disclosure Vulnerability (low|local) 2015-08-13
Christopher Hudel (christopher hudel com)

APPLE-SA-2015-08-13-4 OS X Server v4.1.5 2015-08-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006 2015-08-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2015-08-13-3 iOS 8.4.1 2015-08-13
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 2015-08-13
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBGN03393 rev.1 - HP Operations Manager i, Remote Code Execution 2015-08-12
security-alert hp com

Malware

Exploit/Stagefright.F

Exploit/Stagefright.G

Exploit/Stagefright.H

Exploit/Stagefright.J

Phishing

Amazon	13th August 2015
AMAZON
WebTeam	13th August 2015
INFO
JAMES F. ENTWISTLE	13th August 2015
JAMES F. ENTWISTLE U.S AMBASSADOR TO NIGERIA
PayPal	13th August 2015
[PayPal Support] Your Account Has Been Limited ! Please Confirm Your Account

Vulnerebility

ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-08-14
http://www.securityfocus.com/bid/76092

WordPress Prior to 4.2.4 Multiple Security Vulnerabilities
2015-08-14
http://www.securityfocus.com/bid/76160

WordPress Prior to 4.2.3 Multiple Security Vulnerabilities
2015-08-14
http://www.securityfocus.com/bid/76011

Mozilla Firefox CVE-2015-4492 Use After Free Memory Corruption Vulnerability
2015-08-14
http://www.securityfocus.com/bid/76297

Mozilla Firefox Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-08-14
http://www.securityfocus.com/bid/76294

SANS News

Adwind: another payload for botnet-based malspam

More patches! This time from Apple to Safari, OS X and OS X server

Microsoft patch tuesday problem with Symantec Cloud Endpoint protection?

Threatpost

Stagefright Patch Incomplete Leaving Android Devices Still Exposed

Salesforce Patches XSS on a Subdomain

Zero Day in Android’s Google Admin App Can Bypass Sandbox

Exploit

13.8.2015

Bugtraq

phpipam-1.1.010 XSS Vulnerability 2015-08-12
apparitionsec gmail com

PHPfileNavigator v2.3.3 CSRF Add Arbitrary Users 2015-08-12
apparitionsec gmail com

phpipam-1.1.010 XSS Vulnerability 2015-08-12
apparitionsec gmail com

Malware

BrowserModifier:Win32/SupTab

Linux.Pinscan

Exploit/CVE-2015-1538

Exploit/CVE-2015-1539

Exploit/CVE-2015-3827

Exploit/CVE-2015-3826

Exploit/CVE-2015-3824

Exploit/CVE-2015-3829

Phishing

iLOTTO INTERNET LOTTERY	13th August 2015
GET BACK FOR CLAIMS/TICKETS NO. ILOTTO/2015/ATM
iLOTTO INTERNET LOTTERY	13th August 2015
WON PRIZE TICKETS NO. ILOTTO/2015/ATM
iLOTTO INTERNET LOTTERY	12th August 2015
GET BACK FOR CLAIMS/TICKETS NO. ILOTTO/2015/ATM
Alexandra Smith	12th August 2015
ONENIGHTSEX NOTICE IS PENDING

Vulnerebility

WordPress Prior to 4.2.4 Multiple Security Vulnerabilities
2015-08-13
http://www.securityfocus.com/bid/76160

WordPress Prior to 4.2.3 Multiple Security Vulnerabilities
2015-08-13
http://www.securityfocus.com/bid/76011

Mozilla Firefox CVE-2015-4492 Use After Free Memory Corruption Vulnerability
2015-08-13
http://www.securityfocus.com/bid/76297

Mozilla Firefox Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-08-13
http://www.securityfocus.com/bid/76294

SANS News

Yes Virginia, Stored XSS's Do Exist!

Threatpost

Facebook Awards $100,000 for New Class of Vulnerabilities and Detection Tool

Exploit

Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability (MS15-079)

Windows 8.1 DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076)

Linux x86 - /bin/sh ROL/ROR Encoded Shellcode

12.8.2015

Bugtraq

[slackware-security] mozilla-firefox (SSA:2015-219-01) 2015-08-08
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3330-1] activemq security update 2015-08-07
Moritz Muehlenhoff (jmm debian org)

QNAP crypto keys logged on unencrypted disk partition in world accessible files 2015-08-07
Andreas Steinmetz (ast domdv de)

[slackware-security] mozilla-nss (SSA:2015-219-02) 2015-08-08
Slackware Security Team (security slackware com)

Device Inspector v1.5 iOS - Command Inject Vulnerabilities 2015-08-07
Vulnerability Lab (research vulnerability-lab com)

Ferrari - PHP CGI Argument Injection (RCE) Vulnerability 2015-08-07
Vulnerability Lab (research vulnerability-lab com)

Malware

VBA / TrojanDownloader.Agent.ZH

VBA / TrojanDownloader.Agent.ZC

VBA / TrojanDownloader.Agent.YX

VBA / TrojanDownloader.Agent.YW

Phishing

noreply@intipaypal	12th August 2015
UPDATE REQUIRED !!
PayPal	12th August 2015
IMPORTANT MESSAGE FROM PAYPAL TEAM .
Mail Delivery Service	11th August 2015
DELIVERY STATUS NOTIFICATION
Wells Fargo	11th August 2015
NOTICE : SIGN-IN TO ONLINE BANKING LOCKED
MS linda	11th August 2015
BEAT EGG MACHINE-æ¬§æ´²-5
linda lin	11th August 2015
BEAT EGG MACHINE-æ¬§æ´²-4
USAA	11th August 2015
YOUR USAA ONLINE CONFIRMATION ALERT

Vulnerebility

SANS News

Windows Service Accounts - Why They're Evil and Why Pentesters Love them!

More patch tuesday: adobe released security update for adobe flash player

August 2015 Microsoft Patch Tuesday

Threatpost

Huge Flash Update Patches More Than 30 Vulnerabilities

Sen. Warren Worried About Banks’ New Encrypted Messaging Platform

Patched Android ‘Serialization’ Vulnerability Affects 55 Percent of Devices

Oracle CSO: You ‘Must Not Reverse Engineer Our Code’

Hack-Fueled ‘Unprecedented’ Insider Trading Ring Nets $100M

Microsoft Patches Critical Vulnerabilities in New Edge Browser

Exploit

Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability (MS15-079)

11.8.2015

Bugtraq

[slackware-security] mozilla-firefox (SSA:2015-219-01) 2015-08-08
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3330-1] activemq security update 2015-08-07
Moritz Muehlenhoff (jmm debian org)

QNAP crypto keys logged on unencrypted disk partition in world accessible files 2015-08-07
Andreas Steinmetz (ast domdv de)

[slackware-security] mozilla-nss (SSA:2015-219-02) 2015-08-08
Slackware Security Team (security slackware com)

Device Inspector v1.5 iOS - Command Inject Vulnerabilities 2015-08-07
Vulnerability Lab (research vulnerability-lab com)

Ferrari - PHP CGI Argument Injection (RCE) Vulnerability 2015-08-07
Vulnerability Lab (research vulnerability-lab com)

Thomson Reuters FATCA - Arbitrary File Upload 2015-08-07
jakub palaczynski ingservicespolska pl

[SECURITY] [DSA 3329-1] linux security update 2015-08-07
Salvatore Bonaccorso (carnil debian org)

Malware

Trojan:Win32/Hucnak.D!plock
Trojan:Win32/Hucnak.C!plock
Trojan:Win32/Hucnak.B!plock
Trojan:Win32/Hucnak.A!plock

Trojan.Tapaoux.C

Phishing

United Arab	11th August 2015
You Have (1) New Message
USAA.Web.Services	11th August 2015
Your Account Computer/Device Preference System Update
Barclays Online	10th August 2015
Important Customer Message
PayPal Inc	10th August 2015
DEAR PAYPAL USER , UPDATE OF YOUR ACCOUNT INFORMATIONS
PayPal Inc	10th August 2015
Your Account will be Limited âœ”
Account Notification	9th August 2015
DEAR MEMBER YOUR ACCOUNT HAS BEEN LIMITED âœ”

Vulnerebility

SANS News

.COM.COM Used For Malicious Typo Squatting

Threatpost

Exploit

10.8.2015

Bugtraq

Malware

TrojanDownloader:Win32/Zeagle.G
TrojanDownloader:Win32/Upatre.BW

Trojan.Aniralia

Phishing

Account Notification	9th August 2015
DEAR MEMBER YOUR ACCOUNT HAS BEEN LIMITED âœ”
@aol.com	8th August 2015
EMAIL UPDATE
Apple Inc	8th August 2015
ACCOUNT TEMPORARILY SUSPENDED - YOUR APPLE ID REQUIRES VERIFICATION
NatWest	8th August 2015
ACCOUNT LOCKED

Vulnerebility

SANS News

What Was Old is New Again: Honeypots!

Threatpost

Mozilla Patches Bug Used in Active Attacks

Privacy Badger 1.0 Released With Support For EFF Do Not Track Policy

Darkhotel APT Latest to Use Hacking Team Zero Day

Exploit

WordPress Video Gallery 2.7 SQL Injection

Havij Pro - Crash POC

WordPress WPTF Image Gallery 1.03 - Aribtrary File Download

WordPress Recent Backups Plugin 0.7 - Arbitrary File Download

WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download

WordPress Video Gallery 2.7 SQL Injection

WDS CMS - SQL Injection

WordPress Candidate Application Form Plugin 1.0 - Arbitrary File Download

Havij Pro - Crash POC ,Linux x86 Egg Hunter Shellcode (19 bytes)

8.8.2015

Bugtraq

Thomson Reuters FATCA - Arbitrary File Upload 2015-08-07
jakub palaczynski ingservicespolska pl

[SECURITY] [DSA 3329-1] linux security update 2015-08-07
Salvatore Bonaccorso (carnil debian org)

Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de) (2 replies)

Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Reindl Harald (h reindl thelounge net)

RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Steve Friedl (steve unixwiz net) (1 replies)

RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Frank Waarsenburg (fwaarsenburg ram-it nl) (1 replies)

Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Jakob Holderbaum (hi jakob io) (1 replies)

Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Teddy A PURWADI (teddyap access net id)

Malware

Trojan.Cozer.B

Java/AlienSpy.A

Win32/FakeTC

VBA/TrojanDownloader.Agent.YP

VBA/TrojanDownloader.Agent.YL

VBA/TrojanDownloader.Agent.YK

VBA/TrojanDownloader.Agent.YJ

VBA/TrojanDownloader.Agent.YI

Win32/Bhottle.B

Phishing

NatWest	7th August 2015
ACCOUNT LOCKED
MBNA Limited	6th August 2015
YOUR ACCOUNT HAVE BEEN ACCESSED FROM AN UNAUTHORIZED COMPUTER
Account Support	6th August 2015
WE'VE IIMITED ACCESS TO YOUR PAYPAI ACCOUNT
TD Bank via Me	6th August 2015
YOUR ACCOUNT IS TEMPORARILY LOCKED

Vulnerebility

SANS News

Critical Firefox Update Today

Threatpost

Manipulating WSUS to Own Enterprises

Exploit

PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow

Froxlor Server Management Panel 0.9.33.1 - MySQL Login Information Disclosure

PHP News Script 4.0.0 - SQL Injection

Microweber 1.0.3 - Stored XSS And CSRF Add Admin Exploit

Microweber 1.0.3 File Upload Filter Bypass Remote PHP Code Execution

WordPress Job Manager Plugin 0.7.22 - Persistent XSS

Heroes of Might and Magic III .h3m Map file Buffer Overflow

Linux x86 Memory Sinkhole Privilege Escalation PoC

Windows NDProxy Privilege Escalation XP SP3 x86 and 2003 SP2 x86 (MS14-002)

Dell Netvault Backup 10.0.1.24 - Denial of Service

7.8.2015

Bugtraq

Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de) (2 replies)

Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Reindl Harald (h reindl thelounge net)

RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Steve Friedl (steve unixwiz net) (1 replies)

RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Frank Waarsenburg (fwaarsenburg ram-it nl) (1 replies)

Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Jakob Holderbaum (hi jakob io)

Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de)

Malware

TrojanDownloader:Win32/Tembatch.A
TrojanDownloader:MSIL/Beldex.A
TrojanDownloader:MSIL/Golomak.A
TrojanDropper:Win32/Dexel.A
TrojanSpy:MSIL/Golroted.D

Trojan.Patchbrowse

Phishing

MBNA Limited	6th August 2015
YOUR ACCOUNT HAVE BEEN ACCESSED FROM AN UNAUTHORIZED COMPUTER
Account Support	6th August 2015
WE'VE IIMITED ACCESS TO YOUR PAYPAI ACCOUNT

Vulnerebility

SANS News

Sigcheck and virustotal-search

Threatpost

Feasible ‘Going Dark’ Crypto Solution Nowhere to be Found

Gone in Less Than a Second

Updated DGA Changer Malware Generates Fake Domain Stream

BLEKey Device Breaks RFID Physical Access Controls

‘Prohibition Era’ Of Security Research May Be Ahead

Exploit

6.8.2015

Bugtraq

[security bulletin] HPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of Information 2015-08-05
security-alert hp com

Re: [FD] Mozilla extensions: a security nightmare 2015-08-05
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)

Re: [FD] Mozilla extensions: a security nightmare 2015-08-05
Ansgar Wiechers (bugtraq planetcobalt net)

SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network 2015-08-05
SEC Consult Vulnerability Lab (research sec-consult com)

[SECURITY] [DSA 3328-2] wordpress regression update 2015-08-04
Thijs Kinkhorst (thijs debian org)

Malware

TrojanDropper:Win32/Dexel.A
TrojanSpy:MSIL/Golroted.D
TrojanDownloader:MSIL/Bladabindi.I
Adware:Win32/Peapoon
TrojanDownloader:Win32/Paxer.A
TrojanDownloader:Win32/Upatre.BS
TrojanDownloader:Win32/Syten.A
Worm:Win32/Gamarue.AU

OSX.Sudoprint

Infostealer.Atimpo

Phishing

TD Bank via Me	6th August 2015
YOUR ACCOUNT IS TEMPORARILY LOCKED
@aol.com	5th August 2015
EMAIL UPDATE

Vulnerebility

SANS News

Nuclear EK traffic patterns in August 2015

Threatpost

Feasible ‘Going Dark’ Crypto Solution Nowhere to be Found

Google Plans Monthly Security Updates for Nexus Phones

APT Group Gets Selective About Data it Steals

Government Asks for Security Community’s Help on Technical Issues

Granick: Dream of Internet Freedom ‘Dying’

‘Software Liability Is Inevitable’

Exploit

Linux Privilege Escalation Due to Nested NMIs Interrupting espfix64

ISC BIND9 TKEY Remote DoS PoC

5.8.2015

Bugtraq

[SECURITY] [DSA 3328-2] wordpress regression update 2015-08-04
Thijs Kinkhorst (thijs debian org)

Mozilla extensions: a security nightmare 2015-08-04
Stefan Kanthak (stefan kanthak nexgo de)

[SECURITY] [DSA 3328-1] wordpress security update 2015-08-04
Thijs Kinkhorst (thijs debian org)

[SECURITY] [DSA 3327-1] squid3 security update 2015-08-03
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3326-1] ghostscript security update 2015-08-02
Salvatore Bonaccorso (carnil debian org)

Malware

Adware:Win32/Peapoon
TrojanDownloader:Win32/Paxer.A
TrojanDownloader:Win32/Upatre.BS
TrojanDownloader:Win32/Syten.A
Worm:Win32/Gamarue.AU
TrojanDownloader:Win32/Mavradoi.C
TrojanDropper:Win32/Banload.BAX
TrojanSpy:Win32/Banker.VCW
TrojanDownloader:Win32/Banload.BCV
TrojanDownloader:Win32/Banload.ZEQ

Phishing

Pamela Hicks	4th August 2015
THE MOST PLEASURABLE BLOWJOB EVER
Chase	4th August 2015
Notice : Sign-in to Online Banking Locked
å…¨å›½æ¥¼å‡¤å°?å§å…¼èŒè‰¯å®¶	4th August 2015
å…¨å›½å…¼èŒå°?å§å¦å¦¹æ¥¼å‡¤
Natwest	4th August 2015
SERVICE ANNOUNCEMENT
Smtpmercantile.in	4th August 2015
WE SELL EARTHLINK RDP NO SMTP NEEDED
Melanie Clark	4th August 2015
GET OVER HERE AND F%CK ME
Apple	3rd August 2015
ACCOUNT STATUS HAS BEEN CHANGED , INVOICE NUMBER 655675
USAA	3rd August 2015
YOUR USAA ONLINE CONFIRMATION ALERT

Vulnerebility

SANS News

Nuclear EK traffic patterns in August 2015

Whatever Happened to tmUnblock.cgi ("Moon Worm")

Threatpost

Researchers Uncover ‘Terracotta’ Chinese VPN Service Used by APT Crews for Cover

Updated Rig Exploit Kit Closing in on 1 Million Victims

Exploit

4.8.2015

Bugtraq

[SECURITY] [DSA 3326-1] ghostscript security update 2015-08-02
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3325-1] apache2 security update 2015-08-01
Stefan Fritsch (sf debian org)

[SECURITY] [DSA 3324-1] icedove security update 2015-08-01
Alessandro Ghedini (ghedo debian org)

[SECURITY] [DSA 3323-1] icu security update 2015-08-01
Laszlo Boszormenyi (gcs debian org)

Multiple XSS vulnerabilities in FortiSandbox WebUI 2015-08-01
hyp3rlinx lycos com

Malware

Exp.CVE-2015-0339

Exp.CVE-2015-0338

TrojanDropper:Win32/Banload.BAX
TrojanSpy:Win32/Banker.VCW
TrojanDownloader:Win32/Banload.BCV
TrojanDownloader:Win32/Banload.ZEQ

Phishing

Melanie Clark	4th August 2015
GET OVER HERE AND F%CK ME
Apple	3rd August 2015
ACCOUNT STATUS HAS BEEN CHANGED , INVOICE NUMBER 655675
USAA	3rd August 2015
YOUR USAA ONLINE CONFIRMATION ALERT
Discover	2nd August 2015
Disney Cruise Line Employment Offer 2015

Vulnerebility

SANS News

Your SSH Server On Port 8080 Is No Longer "Hidden" Or "Safe"

Whatever Happened to tmUnblock.cgi ("Moon Worm")

Threatpost

Windows 10 Upgrade Spam Carries CTB-Locker Ransomware

EFF, AdBlock and Others Launch New Do Not Track Standard

Thunderstrike 2 OS X Firmware Attack Self-Replicates to Peripherals

DHS Raises Privacy Concerns With Senate Cyber Threat Sharing Bill

Exploit

3.8.2015

Bugtraq

phpFileManager 0.9.8 Remote Command Execution 2015-07-31
hyp3rlinx lycos com

HP ArcSight Logger provides incorrect/invalid/incomplete results for queries with boolean operators 2015-07-31
roberto logsat com

[SECURITY] [DSA 3321-1] xmltooling security update 2015-07-30
Alessandro Ghedini (ghedo debian org)

viagra generic singapore 2015-07-30
info fast-isotretinoin com

Malware

Worm:Win32/NeksMiner.A
TrojanDropper:Win32/Bunitu.G
TrojanSpy:MSIL/Irstil.A
Worm:Win32/Xtrat.D
Worm:Win32/Xtrat.C

Phishing

USAA	3rd August 2015
YOUR USAA ONLINE CONFIRMATION ALERT
Discover	2nd August 2015
Disney Cruise Line Employment Offer 2015
Microsoft	2nd August 2015
Security: Login Notification
Nancy Morales	2nd August 2015
One New SexCall From a Stranger
Paypal Support	2nd August 2015
ACCESS TO YOUR PAYPAL ACCOUNT IS LIMITED
Service Account	2nd August 2015
UPDATE REQUIRED !!
SUPPORT	2nd August 2015
Your account has been Iimited untiI we hear from you! âœ”
Ashok Tools	2nd August 2015
FRESH TOOLS / ONLINE LIVE SUPPORT, VISIT US: HTTP://ASHOKTOOLS.NET
Chase Online	1st August 2015
Kindly Update Your Chase Account.

Vulnerebility

SANS News

Your Security Policy Is So Lame

Your SSH Server On Port 8080 Is No Longer "Hidden" Or "Safe"

Threatpost

Exploit

1.8.2015

Bugtraq

phpFileManager 0.9.8 Remote Command Execution 2015-07-31
hyp3rlinx lycos com

HP ArcSight Logger provides incorrect/invalid/incomplete results for queries with boolean operators 2015-07-31
roberto logsat com

[SECURITY] [DSA 3321-1] xmltooling security update 2015-07-30
Alessandro Ghedini (ghedo debian org)

Malware

Phishing

PayPal	31st July 2015
Early Notice
iTunes	31st July 2015
ITUNES ACCOUNT HAS BEEN FROZEN ID5548A4E824576650D6D4

Vulnerebility

SANS News

Tech tip follow-up: Using the data Invoked with R's system command

Threatpost

Xen Patches VM Escape Flaw

FBI Warns of Increase in DDoS Extortion Scams

Unusual Re-Do of US Wassenaar Rules Applauded

Exploit

KMPlayer 3.9.x - .srt Crash PoC

T-Mobile Internet Manager - Contact Name Crash PoC

31.7.2015

Bugtraq

viagra generic singapore 2015-07-30
info fast-isotretinoin com

[SECURITY] [DSA 3320-1] openafs security update 2015-07-30
Sebastien Delafond (seb debian org)

Cisco Security Advisory: Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability 2015-07-30
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Dell Netvault Backup Remote Denial of Service 2015-07-30
epoide gmail com

FreeBSD Security Advisory FreeBSD-SA-15:16.openssh [REVISED] 2015-07-30
FreeBSD Security Advisories (security-advisories freebsd org)

[security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29
security-alert hp com

Malware

Exp.CVE-2015-2590

Win32/Bedep.D

Win32/TrojanDownloader.Nymaim.AY

Win32/Mooze

Win32/TrojanDownloader.Small.CBA

Win32/Spy.Ranbyus.M

Win32/Filecoder.EQ

VBA/TrojanDownloader.Agent.YA

VBA/TrojanDownloader.Agent.XZ

Java/AlienSpy.A

Win32/FakeTC

Phishing

Microsoft	31st July 2015
Dear Sir/Madam,
Apple	30th July 2015
Validating your Apple ID.
Verified by	29th July 2015
YOUR VERIFIED BY VISA PASSWORD HAS BEEN DEACTIVATED

Vulnerebility

Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533

Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74111

Debian OpenJDK CVE-2014-8873 Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/76019

Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75823

Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74072

Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75867

Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75890

SANS News

Tech tip: Invoke a system command in R

Threatpost

Cisco Fixes DoS Vulnerability in ASR 1000 Routers

Writing Advanced OS X Malware an ‘Elegant’ Solution to Improving Detection

Moonpig Warns Customers of ‘Security Issue’

Exploit