Databáze Hot News 2015 September

Databáze Hot News 2015 September - 2015 January February March April May June July August September October November December

30.9.2015

Bugtraq

APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 2015-09-30
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2015-09-30-2 Safari 9 2015-09-30
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBST03502 rev.1 - HP 3PAR Service Processor (SP) SPOCC, Remote Disclosure of Information 2015-09-30
security-alert hp com

APPLE-SA-2015-09-30-01 iOS 9.0.2 2015-09-30
Apple Product Security (product-security-noreply lists apple com)

Apache James Server 2.3.2 security vulnerability fixed 2015-09-30
Eric Charles (eric apache org)

Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-30
dev rarlab com (1 replies)

RE: WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-30
Popovici, Alejo \(LATCO - Buenos Aires\) (apopovici DELOITTE com) (1 replies)

Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-30
Eugene Roshal (roshal rarlab com)

FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind 2015-09-29
FreeBSD Security Advisories (security-advisories freebsd org)

Malware

TrojanDownloader:MSIL/Malkinocci.A
TrojanDownloader:Win32/Banload.BEM
TrojanSpy:Win32/Banker.AOY
SoftwareBundler:Win32/Techsnab

TROJ_GREENDISPENSER.A

Phishing

MARK WILLIAMS	30th September 2015
Caradvert- JoB Opening
Santander	30th September 2015
IMPORTANT CUSTOMER NOTICE
Amazon Support Inc	29th September 2015
ACCOUNT VERIFICATION PROCESSES - HELP \| AMAZON PAYMENTS
Golden Charter	29th September 2015
THE SIMPLE WAY TO SECURE PEACE OF MIND.
Barclays Bank PLC.	29th September 2015
ONLINE ACCOUNT VERIFICATION
PayPal	29th September 2015
Your account has been Iimited untiI we hear from you

Vulnerebility

SANS News

Tricks for DLL analysis

Threatpost

Dyreza Trojan Targeting IT Supply Chain Credentials

Apple Goes All-In on Privacy

Exploit

29.9.2015

Bugtraq

CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
Ralf Spenneberg \(OpenSource Security\) (funktionskonto spenneberg net)

Remote privesc and RCE in Kaseya Virtual System Administrator 2015-09-29
Pedro Ribeiro (pedrib gmail com)

Vtiger CRM Authenticated Remote Code Execution (CVE-2015-6000) 2015-09-28
Benjamin Daniel Mussler (sec m

ESA-2015-151: RSA® OneStep Path Traversal Vulnerability 2015-09-29
Security Alert (Security_Alert emc com)

ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities 2015-09-29
Security Alert (Security_Alert emc com)

CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
Ralf Spenneberg \(OpenSource Security\) (funktionskonto spenneberg net) (1 replies)

Re: CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
Ralf Spenneberg (ralf os-t de)

Remote privesc and RCE in Kaseya Virtual System Administrator 2015-09-29
Pedro Ribeiro (pedrib gmail com)

Vtiger CRM Authenticated Remote Code Execution (CVE-2015-6000) 2015-09-28
Benjamin Daniel Mussler (sec ml fl7 de)

Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)

NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)

l fl7 de)

Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)

NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)

Malware

TrojanSpy:MSIL/QVKeyLogger.A
TrojanDownloader:MSIL/Suphun.A
TrojanDownloader:Win32/Jalaro.A

Win32/Hadra.A

Win32/TrojanClicker.Nex.A

Win32/TrojanClicker.Small.B

Infostealer.Centerpos

Phishing

Amazon Support Inc	29th September 2015
ACCOUNT VERIFICATION PROCESSES - HELP \| AMAZON PAYMENTS
Golden Charter	29th September 2015
THE SIMPLE WAY TO SECURE PEACE OF MIND.
Barclays Bank PLC.	29th September 2015
ONLINE ACCOUNT VERIFICATION
PayPal	29th September 2015
Your account has been Iimited untiI we hear from you
PayPal Support	29th September 2015
IMPORTANT MESSAGE FROM THE SUPPORT YOUR ACCOUNT WILL BE LIMITED.
Amazon Support Inc	28th September 2015
ACCOUNT VERIFICATION PROCESSES - HELP \| AMAZON PAYMENTS

Vulnerebility

SANS News

Threatpost

SAP Patches 12 SQL Injection, XSS Vulnerabilities in HANA

Dyreza Trojan Targeting IT Supply Chain Credentials

Exploit

ManageEngine EventLog Analyzer Remote Code Execution

Western Digital My Cloud 04.01.03-421, 04.01.04-422 - Command Injection

Kaseya Virtual System Administrator - Multiple Vulnerabilities

IconLover 5.42 - Local Buffer Overflow Exploit

Ubuntu Apport - Local Privilege Escalation

Mango Automation 2.6.0 - Multiple Vulnerabilities

PCMan FTP Server 2.0.7 - Directory Traversal Vulnerability

Watchguard XCS FixCorruptMail Local Privilege Escalation

28.9.2015

Bugtraq

Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)

NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)

WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)

Flowdock API Bug Bounty #3 - (Invite) Persistent Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)

My.WiFi USB Drive v1.0 iOS - File Include Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)

Subject mail: CVE-2015-7320 - Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
ibemed gmail com

CVE-2015-7320 - Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
ibemed gmail com

CVE-2015-7319 - SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
ibemed gmail com

Malware

TrojanDropper:Win32/Soloniti.A
TrojanDropper:Win32/Morblish.A
TrojanClicker:MSIL/FaceLiker
Trojan:Win32/Greeodode.A

Phishing

Amazon Support Inc	28th September 2015
ACCOUNT VERIFICATION PROCESSES - HELP \| AMAZON PAYMENTS
Lloyds Bank	27th September 2015
YOUR ACCOUNT HAS BEEN BLOCKED

Vulnerebility

SANS News

"Transport of London" Malicious E-Mail

Threatpost

JavaScript DDoS Attack Peaks at 275,000 Requests-Per-Second

Hotel Chain Hilton Worldwide Investigating Potential POS Breach

VeraCrypt Patched Against Two Critical TrueCrypt Flaws

Exploit

PCMan FTP Server 2.0.7 - Directory Traversal Vulnerability

BisonWare BisonFTP Server 3.5 - Directory Traversal Vulnerability

Mango Automation 2.6.0 - Multiple Vulnerabilities

Centreon 2.6.1 - Multiple Vulnerabilities

My.WiFi USB Drive 1.0 iOS - File Include Vulnerability

Photos in Wifi 1.0.1 iOS - Arbitrary File Upload Vulnerability

Git-1.9.5 ssh-agent.exe Buffer Overflow

Telegram 3.2 - Input Length Handling Crash PoC

27.9.2015

Bugtraq

Malware

Worm:Win32/Codbot
TrojanDownloader:MSIL/Getete.A

WORM_KASIDET.NM

BKDR_KASIDET.FD

Phishing

Lloyds Bank	27th September 2015
YOUR ACCOUNT HAS BEEN BLOCKED
Amazon	27th September 2015
Hi You Have [1] New Message
PayPal Support	26th September 2015
IMPORTANT MESSAGE FROM THE SUPPORT YOUR ACCOUNT WILL BE LIMITED.
æ‹?æ‹?è´·	26th September 2015
å¿«å¿«åŠ å…¥å½©è™¹è®¡åˆ’ï¼Œç™¾ åˆ†ç™¾æœ¬é‡‘ä¿?éšœ
Online Survey	26th September 2015
Is your Online Banking Secure?

Vulnerebility

SANS News

Threatpost

Exploit

25.9.2015

Bugtraq

[SECURITY] [DSA 3368-1] cyrus-sasl2 security update 2015-09-25
Salvatore Bonaccorso (carnil debian org)

CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine 2015-09-25
Portcullis Advisories (advisories portcullis-security com)

CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine 2015-09-25
Portcullis Advisories (advisories portcullis-security com)

CVE-2015-5076 - Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine 2015-09-25
Portcullis Advisories (advisories portcullis-security com)

Insecure application-coupling in Good Authentication Delegation [MZ-15-03] 2015-09-25
modzero (security modzero ch)

Malware

Trojan.Greendispenser

Trojan.Tinba.C!gm

WORM_KASIDET.SC

Phishing

Online Survey	26th September 2015
Is your Online Banking Secure?
Virgin Media	25th September 2015
Your latest Virgin Media Bill cannot be processed
bigfoot.com	23rd September 2015
[ howiem@bigfoot.com ] Upgrade Notice
å?å“æŠ˜æ‰£	22nd September 2015
é¦™æ¸¯ä»£è´ï¼Œä¸€æŠ˜é’œæƒ

Vulnerebility

SANS News

Threatpost

Exploit

FortiManager 5.2.2 - Persistent XSS Vulnerabilities

X2Engine 4.2 - CSRF Vulnerability

X2Engine 4.2 - Arbitrary File Upload

24.9.2015

Bugtraq

Insecure application-coupling in Good Authentication Delegation [MZ-15-03] 2015-09-25
modzero (security modzero ch)

FortiManager v5.2.2 Multiple XSS Vulnerabilities 2015-09-25
apparitionsec gmail com

Re: CVE-2015-5204: HTTP header injection vulnerability in Apache Cordova File Transfer Plugin for Android 2015-09-24
Shazron (shazron apache org)

[SECURITY] [DSA 3367-1] wireshark security update 2015-09-24
Moritz Muehlenhoff (jmm debian org)

BMC-2015-0006: File inclusion vulnerability in "BIRT Engine" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)

BMC-2015-0005: File inclusion vulnerability in "BIRT Viewer" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)

[SECURITY] [DSA 3366-1] rpcbind security update 2015-09-23
Salvatore Bonaccorso (carnil debian org)

Malware

Trojan.Greendispenser

Phishing

Virgin Media	25th September 2015
Your latest Virgin Media Bill cannot be processed
bigfoot.com	23rd September 2015
[ howiem@bigfoot.com ] Upgrade Notice
å?å“æŠ˜æ‰£	22nd September 2015
é¦™æ¸¯ä»£è´ï¼Œä¸€æŠ˜é’œæƒ

Vulnerebility

SANS News

Mozilla Foundation Security Advisory 2015-112

Threatpost

Naikon APT Group Tied to China’s PLA Unit 78020

Microsoft Revokes Trust for Certificates Leaked by D-Link

Curbing the For-Profit Cybercrime Food Chain

Exploit

Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)

FortiManager 5.2.2 - Persistent XSS Vulnerabilities

X2Engine 4.2 - CSRF Vulnerability

X2Engine 4.2 - Arbitrary File Upload

SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit

WinRar 5.21 - SFX OLE Command Execution

FreshFTP 5.52 - .qfl Crash PoC

23.9.2015

Bugtraq

BMC-2015-0006: File inclusion vulnerability in "BIRT Engine" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)

BMC-2015-0005: File inclusion vulnerability in "BIRT Viewer" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)

[SECURITY] [DSA 3366-1] rpcbind security update 2015-09-23
Salvatore Bonaccorso (carnil debian org)

Cisco AnyConnect elevation of privileges via DMG install script 2015-09-23
Securify B.V. (lists securify nl)

[SECURITY] [DSA 3365-1] iceweasel security update 2015-09-23
Moritz Muehlenhoff (jmm debian org)

ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities 2015-09-23
Security Alert (Security_Alert emc com)

Cisco Security Advisory: Cisco IOS XE Software Network Address Translation Denial of Service Vulnerability 2015-09-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability 2015-09-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities 2015-09-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

Infostealer.Bebloh

Trojan.Mentono

Win32 / Agent.RKC

Win32 / Filecoder.NDS

Phishing

bigfoot.com	23rd September 2015
[ howiem@bigfoot.com ] Upgrade Notice

Vulnerebility

SANS News

Tracking Privileged Accounts in Windows Environments

Cisco IOS / IOS XE security advisories

Threatpost

5.6 Million Fingerprints Stolen In OPM Hack

Exploit

SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit

w3tw0rk / Pitbul IRC Bot Remote Code Execution

refbase <= 0.9.6 - Multiple Vulnerabilities

Cisco AnyConnect 3.1.08009 - Privilege Escalation via DMG Install Script

22.9.2015

Bugtraq

UltraEdit v22.20 - Buffer Overflow Vulnerability 2015-09-23
Vulnerability Lab (research vulnerability-lab com)

WiFi Drive CR v1.0 iOS - Persistent Filename Dir List Vulnerability 2015-09-23
Vulnerability Lab (research vulnerability-lab com)

Flowdock API Bug Bounty #1 - (Description) Persistent Web Vulnerability 2015-09-23
Vulnerability Lab (research vulnerability-lab com)

Reflected Cross-Site Scripting (XSS) in iTop 2015-09-23
High-Tech Bridge Security Research (advisory htbridge ch)

Open-Xchange Security Advisory 2015-09-23 2015-09-23
Martin Heiland (martin heiland lists open-xchange com)

[slackware-security] mozilla-firefox (SSA:2015-265-01) 2015-09-23
Slackware Security Team (security slackware com)

Cisco AnyConnect elevation of privileges via DLL side loading 2015-09-22
Securify B.V. (lists securify nl)

Malware

Infostealer.Bebloh

Phishing

bigfoot.com	23rd September 2015
[ howiem@bigfoot.com ] Upgrade Notice
å?å“æŠ˜æ‰£	22nd September 2015
é¦™æ¸¯ä»£è´ï¼Œä¸€æŠ˜é’œæƒ
PayPal Service	22nd September 2015
Account status limited
Applec	22nd September 2015
Your Apple account has been disabled !
Tesco Bank	22nd September 2015
Important account security information

Vulnerebility

SANS News

Making our users unlearn what we taught them

Threatpost

Bypass Developed for Microsoft Memory Protection, Control Flow Guard

Federal CISOs Propose New Efforts to Shore Up Cybersecurity

Exploit

SAP Netweaver < 7.01 - XML External Entity Injection

Kaspersky Antivirus ThinApp Parser Stack Buffer Overflow

Cisco AnyConnect Secure Mobility Client 3.1.08009 - Privilege Escalation

MASM32 11R - Crash POC

OS X Regex Engine (TRE) - Integer Signedness and Overflow Issues

OS X Regex Engine (TRE) - Stack Buffer Overflow

Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow

Window Kernel - Bitmap Handling Use-After-Free (MS15-061) #2

Windows Kernel - DeferWindowPos Use-After-Free (MS15-073)

Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073)

Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)

Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061)

Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061)

Windows Kernel - SURFOBJ NULL Pointer Dereference (MS15-061)

Windows Kernel - Brush Object Use-After-Free Vulnerability (MS15-061)

Windows Kernel - WindowStation Use-After-Free (MS15-061)

Windows Kernel - NULL Pointer Dereference with Window Station and Clipboard (MS15-061)

Windows Kernel - Bitmap Handling Use-After-Free (MS15-061)

Windows Kernel - FlashWindowEx Memory Corruption (MS15-097)

Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097)

Windows Kernel - Use-After-Free with Cursor Object (MS15-097)

Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)

Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097)

Kaspersky Antivirus VB6 Parsing Integer Overflow

Kaspersky Antivirus ExeCryptor Parsing Memory Corruption

Kaspersky Antivirus PE Unpacking Integer Overflow

Kaspersky Antivirus DEX File Format Parsing Memory Corruption

Kaspersky Antivirus CHM Parsing Stack Buffer Overflow

Kaspersky Antivirus UPX Parsing Memory Corruption

Kaspersky Antivirus "Yoda's Protector" Unpacking Memory Corruption

22.9.2015

Bugtraq

UDID v1.0 iOS - Persistent Mail Encode Vulnerability 2015-09-22
Vulnerability Lab (research vulnerability-lab com)

Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability 2015-09-22
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3364-1] linux security update 2015-09-21
Ben Hutchings (benh debian org)

APPLE-SA-2015-09-21-1 watchOS 2 2015-09-21
Apple Product Security (product-security-noreply lists apple com)

Jasig CAS server vulnerabilities 2015-09-21
Antoni Klajn (antoni d klajn pwr edu pl)

Advisory: Insufficient Parameter Sanitization in login.live.com (Microsoft) 2015-09-21
securityresearch shaftek biz

CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth 2015-09-21
Antoine Neuenschwander (Antoine Neuenschwander csnc ch)

[SECURITY] [DSA 3363-1] owncloud-client security update 2015-09-20
Luciano Bello (luciano debian org)

Malware

Trojan.Tinba.C

Trojan.Ranscrypt.U!gm

Trojan.Ransomcrypt.U

Phishing

PayPal Service	22nd September 2015
Account status limited
Apple	22nd September 2015
Your Apple account has been disabled !
Tesco Bank	22nd September 2015
Important account security information
FROM MRS MICHELLE OBAMA	21st September 2015
FROM MRS,MICHELLE OBAMA LAST NOTICE
Chase	21st September 2015
ALERT: SUSPICIOUS ACTIVITY
PayPal	21st September 2015
account under review.

Vulnerebility

SANS News

Threatpost

South Korean Child Monitoring App Beset by Vulnerabilities, Privacy Issues - See more at: https://threatpost.com/#sthash.dJZUKlne.dpuf

South Korean Child Monitoring App Beset by Vulnerabilities, Privacy Issues

Apple watchOS2 Includes Host of Code-Execution Patches

Model Assesses Readiness to Accept Outside Vulnerability Reports

Exploit

Konica Minolta FTP Utility 1.0 - Directory Traversal Vulnerability

Kirby CMS <= 2.1.0 - CSRF Content Upload and PHP Script Execution

h5ai < 0.25.0 - Unrestricted File Upload

Air Drive Plus 2.4 - Arbitrary File Upload Vulnerability

Kirby CMS <= 2.1.0 - Authentication Bypass

MASM32 11R - Crash POC

21.9.2015

Bugtraq

Jasig CAS server vulnerabilities 2015-09-21
Antoni Klajn (antoni d klajn pwr edu pl)

Advisory: Insufficient Parameter Sanitization in login.live.com (Microsoft) 2015-09-21
securityresearch shaftek biz

CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth 2015-09-21
Antoine Neuenschwander (Antoine Neuenschwander csnc ch)

[SECURITY] [DSA 3363-1] owncloud-client security update 2015-09-20
Luciano Bello (luciano debian org)

Defense in depth -- the Microsoft way (part 35): Windows Explorer ignores "Run as administrator" ... 2015-09-19
Stefan Kanthak (stefan kanthak nexgo de)

SAP Netwaver - XML External Entity Injection 2015-09-21
Lukasz Miedzinski (lukasz miedzinski gmail com)

[SECURITY] [DSA 3362-1] qemu-kvm security update 2015-09-18
Salvatore Bonaccorso (carnil debian org)

Malware

Infostealer.Odlanor

Trojan.Glupteba

Win32 / Agent.RKC

Phishing

Chase	21st September 2015
ALERT: SUSPICIOUS ACTIVITY
PayPal	21st September 2015
account under review.
Chase Update	21st September 2015
NEW UPDATE IS REQUIRED #5509
PayPaI Service	21st September 2015
Account status limited
Apple ID	21st September 2015
YOUR APPIE ID HAS BEEN DISABLED FOR SECURITY REASONS !
qq	21st September 2015
ATTENTION: DEAR CUSTOMER
Service PaypaI	20th September 2015
YOUR ACCOUNT HAS BEEN IIMITED UNTII WE HEAR FROM YOU
Credit Union	20th September 2015
Navy Federal Credit Union : Account Verification Alert!

Vulnerebility

SANS News

Detecting XCodeGhost Activity

Threatpost

Adobe Patches 23 Critical Vulnerabilities in Flash Player

XcodeGhost iOS Malware Contained

Exploit

ADH-Web Server IP-Cameras - Multiple Vulnerabilities

Konica Minolta FTP Utility 1.0 - Remote Command Execution

Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow

20.9.2015

Bugtraq

KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
KoreLogic Disclosures (disclosures korelogic com)

[security bulletin] HPSBST03418 rev.1 - HP P6000 Command View Software, Remote Disclosure of Information 2015-09-17
security-alert hp com

Malware

OSX.Codgost

Phishing

Credit Union	20th September 2015
Navy Federal Credit Union : Account Verification Alert!
VIRGIN MEDIA	20th September 2015
Your Virgin Media Profile Update
Amazon	19th September 2015
ACCOUNT VEREFICATION
Microsoft	19th September 2015
Re-confirm Your cPanel
Amazon	19th September 2015
UNUSUAL ACTIVITY AMAZON ACCOUNT

Vulnerebility

SANS News

Don't launch that file Adobe Reader!

Threatpost

Exploit

Thomson CableHome Gateway (DWG849) Cable Modem Gateway - Information Exposure

ADH-Web Server IP-Cameras - Multiple Vulnerabilities

Total Commander 8.52 - Buffer Overflow (Windows 10)

Total Commander 8.52 - Buffer Overflow

Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection

Wireshark 1.12.7 - Division by Zero Crash PoC

Microsoft Office 2007 - BIFFRecord Length Use-After-Free

Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion

Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097)

MS15-078 Microsoft Windows Font Driver Buffer Overflow

17.9.2015

Bugtraq

KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
KoreLogic Disclosures (disclosures korelogic com)

[security bulletin] HPSBST03418 rev.1 - HP P6000 Command View Software, Remote Disclosure of Information 2015-09-17
security-alert hp com

APPLE-SA-2015-09-16-4 OS X Server 5.0.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)

Apple Safari FTP PASV manipulation vulnerability (CVE-2015-5912) 2015-09-16
Amit Klein (aksecurity gmail com)

APPLE-SA-2015-09-16-3 iTunes 12.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)

Malware

Win32 / NopleMento.A

Phishing

Amazon	17th September 2015
ACCOUNT VEREFICATION
National	17th September 2015
YOUR PAYMENT NOTIFICATION//
Eco Experts	16th September 2015
SWITCH TO SOLAR AND CUT YOUR ENERGY BILLS BY 50% PER YEAR

Vulnerebility

SANS News

Threatpost

Apple Addresses Dozens of Vulnerabilities, Embraces Two-Factor Authentication in iOS 9

D-Link Accidentally Leaks Private Code-Signing Keys

Google Details Plans to Disable SSLv3 and RC4

Exploit

IKEView.exe R60 - .elg Local SEH Exploit

ZTE PC UI USB Modem Software - Buffer Overflow

ManageEngine OpManager Remote Code Execution

Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation

Windows NtUserGetClipboardAccessToken Token Leak

Windows Task Scheduler DeleteExpiredTaskAfter File Deletion Privilege Escalation

Windows CreateObjectTask TileUserBroker Privilege Escalation

Windows CreateObjectTask SettingsSyncDiagnostics Privilege Escalation

16.9.2015

Bugtraq

APPLE-SA-2015-09-16-3 iTunes 12.3 2015-09-16
Apple Product Security (product-security-noreply

KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
KoreLogic Disclosures (disclosures korelogic com)

[security bulletin] HPSBST03418 rev.1 - HP P6000 Command View Software, Remote Disclosure of Information 2015-09-17
security-alert hp com

APPLE-SA-2015-09-16-4 OS X Server 5.0.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)

Apple Safari FTP PASV manipulation vulnerability (CVE-2015-5912) 2015-09-16
Amit Klein (aksecurity gmail com)

APPLE-SA-2015-09-16-3 iTunes 12.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2015-09-16-2 Xcode 7.0 2015-09-16
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2015-09-16-1 iOS 9 2015-09-16
Apple Product Security (product-security-noreply lists apple com)

Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16
security-alert hp com

Fwd: [CVE-2015-6940] Pentaho GA PDI & GA BA - Improper authentication allows unauthenticated access to configuration files 2015-09-16
gregory draperi (gregory draperi gmail com)

lists apple com)

APPLE-SA-2015-09-16-2 Xcode 7.0 2015-09-16
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2015-09-16-1 iOS 9 2015-09-16
Apple Product Security (product-security-noreply lists apple com)

Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16
security-alert hp com

Malware

TrojanDropper:MSIL/Mutra
TrojanSpy:Win32/Rebhip.E
Trojan:JS/Iframeinject.AE

Exp.CVE-2015-2442

Exp.CVE-2015-2443

Exp.CVE-2015-2452

Phishing

Eco Experts	16th September 2015
SWITCH TO SOLAR AND CUT YOUR ENERGY BILLS BY 50% PER YEAR
Christy Bryant	16th September 2015
Best deep throat
PayPaI Inc	15th September 2015
WE'VE IIMITED ACCESS TO YOUR PAYPAI ACCOUNT
USAA	15th September 2015
Your USAA Savings Account Suspicious Activities

Vulnerebility

SANS News

A day in the life of a pentester, or is my job is too sexy for me?

Threatpost

Dutch Police Arrest Alleged CoinVault Ransomware Authors

Schneider Patches Plaintext Credentials Bug in Building Automation System

Dennis Fisher On Security, Journalism, and the Origins of Threatpost

Details Surface on Patched Bugzilla Privilege Escalation Flaw

Exploit

Android libstagefright - Integer Overflow Remote Code Execution

ManageEngine OpManager Remote Code Execution

ZeusCart 4.0 - CSRF Vulnerability

ZeusCart 4.0 - SQL Injection

ZTE PC UI USB Modem Software - Buffer Overflow

MS15-078 Microsoft Windows Font Driver Buffer Overflow

VBox Satellite Express 2.3.17.3 - Arbitrary Write

15.9.2015

Bugtraq

Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16
security-alert hp com

Fwd: [CVE-2015-6940] Pentaho GA PDI & GA BA - Improper authentication allows unauthenticated access to configuration files 2015-09-16
gregory draperi (gregory draperi gmail com)

Microsoft Exchange Information Disclosure 2015-09-16
apparitionsec gmail com

[SECURITY] [DSA 3360-1] icu security update 2015-09-15
Laszlo Boszormenyi (GCS) (gcs debian org)

Malware

TrojanSpy:Win32/Rebhip
TrojanDownloader:Win32/Bladabindi

Phishing

Christy Bryant	16th September 2015
Best deep throat
PayPaI Inc	15th September 2015
WE'VE IIMITED ACCESS TO YOUR PAYPAI ACCOUNT
USAA	15th September 2015
Your USAA Savings Account Suspicious Activities
ebilling@bt.com	15th September 2015
Your latest BT bill is now online

Vulnerebility

SANS News

Malicious spam with zip attachments containing .js files

Threatpost

WordPress Patches Serious Shortcodes Core Engine Vulnerability

First Let’s Encrypt Free Certificate Goes Live

Scan of IPv4 Space for ‘Implanted’ Cisco Routers Finds Fewer Than 100

Spam Campaign Continuing to Serve Up Malicious .js Files

Google Patches Latest Android Lockscreen Bypass

Exploit

Microsoft Office Excel 2007, 2010, 2013 - BIFFRecord Use-After-Free

Microsoft Office 2007 - BIFFRecord Length Use-After-Free

Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion

Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097)

WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection

FAROL - SQL Injection Vulnerability

14.9.2015

Bugtraq

[security bulletin] HPSBHF03509 rev.1 - HP ThinPro and Smart Zero Core, Remote Denial of Service, Unauthorized Access to Data 2015-09-15
security-alert hp com

Paypal Inc - Open Redirect Web Vulnerability 2015-09-15
Vulnerability Lab (research vulnerability-lab com)

Openfire 3.10.2 CSRF Vulnerabilities 2015-09-15
apparitionsec gmail com

IKEView.exe R60 Stack Buffer Overflow 2015-09-14
apparitionsec gmail com

[security bulletin] HPSBMU03392 rev.2 - HP ArcSight Logger, Remote Authorization Bypass 2015-09-14
security-alert hp com

[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting 2015-09-14
Ahrens, Julien (Julien Ahrens secunet com)

[SECURITY] [DSA 3358-1] php5 security update 2015-09-13
Salvatore Bonaccorso (carnil debian org)

Malware

TrojanDownloader:AutoIt/Gedo
TrojanDropper:MSIL/Mutra
TrojanClicker:Win32/Frosparf.H
TrojanDownloader:Win32/Frosparf.A

Downloader.Domar

Phishing

Barclays PLC	14th September 2015
YOU HAVE 3 NEW DOCUMENTS AVAILABLE
Amazon	14th September 2015
UNUSUAL ACTIVITY AMAZON ACCOUNT
PayPal	13th September 2015
Please confirm your account information .
Apple	13th September 2015
PLEASE LOGIN TO UPDATE YOUR ACCOUNT ID INFORMATIONS.
Halifax Plc	13th September 2015
IMPORTANT UPDATES

Vulnerebility

SANS News

Risk... in the most obscure places

Threatpost

DARPA Protecting Software From Reverse Engineering Through Obfuscation

Attackers Replacing Firmware on Cisco Routers

Exploit

Android Shellcode Telnetd with Parameters

Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation

Windows NtUserGetClipboardAccessToken Token Leak

Windows Task Scheduler DeleteExpiredTaskAfter File Deletion Privilege Escalation

Windows CreateObjectTask TileUserBroker Privilege Escalation

Windows CreateObjectTask SettingsSyncDiagnostics Privilege Escalation

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials

Total Commander 8.52 - SEH-Overwrite BOF

Attackers Replacing Firmware on Cisco Routers

MS15-100 Microsoft Windows Media Center MCL Vulnerability

WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection

Openfire 3.10.2 - Unrestricted File Upload

Openfire 3.10.2 - Remote File Inclusion

Openfire 3.10.2 - Privilege Escalation

Openfire 3.10.2 - Multiple XSS Vulnerabilities

Openfire 3.10.2 - CSRF Vulnerabilities

Silver Peak VXOA < 6.2.11 - Multiple Vulnerabilities

ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution

ManageEngine OpManager 11.5 - Multiple Vulnerabilities

13.9.2015

Bugtraq

[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting 2015-09-14
Ahrens, Julien (Julien Ahrens secunet com)

[SECURITY] [DSA 3358-1] php5 security update 2015-09-13
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3359-1] virtualbox security update 2015-09-13
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3357-1] vzctl security update 2015-09-13
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3356-1] openldap security update 2015-09-12
Salvatore Bonaccorso (carnil debian org)

IKEView.exe Fox beta 1 Stack Buffer Overflow 2015-09-12
apparitionsec gmail com

Malware

Hacktool.Suceful

Phishing

Barclays PLC	14th September 2015
YOU HAVE 3 NEW DOCUMENTS AVAILABLE
Amazon	14th September 2015
UNUSUAL ACTIVITY AMAZON ACCOUNT
PayPal	13th September 2015
Please confirm your account information .
Apple	13th September 2015
PLEASE LOGIN TO UPDATE YOUR ACCOUNT ID INFORMATIONS.
Halifax Plc	13th September 2015
IMPORTANT UPDATES
PAYPAI SERVICE	13th September 2015
Your account has been Iimited untiI we hear from you

Vulnerebility

SANS News

The Wordpress Plugins Playground

Threatpost

Installation of Tor Relay in Library Attracts DHS Attention

New Debian Releases Fix PHP, VirtualBox Bugs

Exploit

ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution

ManageEngine OpManager 11.5 - Multiple Vulnerabilities

EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities

IKEView.exe Fox beta 1 - Stack Buffer Overflow

IKEView.exe R60 - Stack Buffer Overflow

12.9.2015

Bugtraq

[SECURITY] [DSA 3356-1] openldap security update 2015-09-12
Salvatore Bonaccorso (carnil debian org)

IKEView.exe Fox beta 1 Stack Buffer Overflow 2015-09-12
apparitionsec gmail com

[security bulletin] HPSBHF03408 rev.2 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code 2015-09-11
security-alert hp com

[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability 2015-09-11
Egidio Romano (research karmainsecurity com)

Magento Bug Bounty #19 - Persistent Filename Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)

PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)

Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)

Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)

Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15 2015-09-10
LpSolit gmail com

Malware

Phishing

Apple	13th September 2015
PLEASE LOGIN TO UPDATE YOUR ACCOUNT ID INFORMATIONS.
Halifax Plc	13th September 2015
IMPORTANT UPDATES
PAYPAI SERVICE	13th September 2015
Your account has been Iimited untiI we hear from you
PayPal	12th September 2015
YOUR ACCOUNT HAS LIMITATION ! YOU CAN RESOLVE THIS NOW .

Vulnerebility

SANS News

Some password advice

Threatpost

Exploit

Microsoft Internet Explorer 11 - Stack Underflow Crash PoC

Windows Media Center - Command Execution (MS15-100)

Monsta FTP 1.6.2 - Multiple Vulnerabilities

11.9.2015

Bugtraq

DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
Onur Yilmaz (onur netsparker com)

[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability 2015-09-11
Egidio Romano (research karmainsecurity com)

Magento Bug Bounty #19 - Persistent Filename Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)

PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)

Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)

Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)

Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15 2015-09-10
LpSolit gmail com

Security advisory for Bugzilla 5.0, 4.4.9, and 4.2.14 2015-09-10
dkl mozilla com

DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
Onur Yilmaz (onur netsparker com)

[SECURITY] [DSA 3355-1] libvdpau security update 2015-09-10
Alessandro Ghedini (ghedo debian org)

Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
Securify B.V. (lists securify nl)

Synology Video Station command injection and multiple SQL injection vulnerabilities 2015-09-09
Securify B.V. (lists securify nl)

[SECURITY] [DSA 3355-1] libvdpau security update 2015-09-10
Alessandro Ghedini (ghedo debian org)

Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
Securify B.V. (lists securify nl)

Synology Video Station command injection and multiple SQL injection vulnerabilities 2015-09-09
Securify B.V. (lists securify nl)

[security bulletin] HPSBGN03504 rev.1 - HP UCMDB, Local Disclosure of Sensitive Information 2015-09-09
security-alert hp com

[security bulletin] HPSBOV03505 rev.1 - TCP/IP Services for OpenVMS running NTP, Remote Code Execution, Denial of Service (DoS) 2015-09-09
security-alert hp com

Malware

TrojanDownloader:Win32/Blinsload.A
PWS:Win32/Pumba.C

Phishing

alert@barclays.co.uk	11th September 2015
NEW MESSAGE
USAA	10th September 2015
Account suspension notice
APPLE	10th September 2015
ACCOUNT STATUS HAS BEEN CHANGED , INVOICE NUMBER #965221

Vulnerebility

SANS News

Feeding DShield with OSSEC Logs

Threatpost

Just Like Old Days: IOT Security Pits Regulators Against Market

Gary McGraw on Scalable Software Security and Medical Device Securityf

Series of Buffer Overflows Plague Many Yokogawa ICS Products

Exploit

OS X x64 - tcp bind shellcode, NULL byte free (144 bytes)

OS X Install.framework suid root Runner Binary Privilege Escalation

OS X Install.framework Arbitrary mkdir, unlink and chown to admin Group

OS X Install.framework suid Helper Privilege Escalation

Logitech Webcam Software 1.1 - eReg.exe SEH/Unicode Buffer Overflow

OpenLDAP 2.4.42 - ber_get_next Denial of Service

10.9.2015

Bugtraq

DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
Onur Yilmaz (onur netsparker com)

[SECURITY] [DSA 3355-1] libvdpau security update 2015-09-10
Alessandro Ghedini (ghedo debian org)

Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
Securify B.V. (lists securify nl)

Synology Video Station command injection and multiple SQL injection vulnerabilities 2015-09-09
Securify B.V. (lists securify nl)

[security bulletin] HPSBGN03504 rev.1 - HP UCMDB, Local Disclosure of Sensitive Information 2015-09-09
security-alert hp com

[security bulletin] HPSBOV03505 rev.1 - TCP/IP Services for OpenVMS running NTP, Remote Code Execution, Denial of Service (DoS) 2015-09-09
security-alert hp com

[ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials 2015-09-09
ERPScan inc (erpscan online gmail com)

[ERPSCAN-15-015] SAP NetWeaver AS ABAPâ?? Hardcoded Credentials 2015-09-09
ERPScan inc (erpscan online gmail com)

[ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE in Add Repository 2015-09-09
ERPScan inc (erpscan online gmail com)

ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-09-09
Security Alert (Security_Alert emc com)

ESA-2015-140: RSA® Identity Management & Governance Multiple Cross-Site Scripting Vulnerabilities 2015-09-09
Security Alert (Security_Alert emc com)

[security bulletin] HPSBOV03506 rev.1 - TCP/IP Services for OpenVMS running BIND, Remote Denial of Service (DoS) 2015-09-08
security-alert hp com

Defense in depth -- the Microsoft way (part 33): arbitrary code execution (and UAC bypass) via RegEdit.exe 2015-09-08
Stefan Kanthak (stefan kanthak nexgo de)

[SECURITY] [DSA 3354-1] spice security update 2015-09-08
Salvatore Bonaccorso (carnil debian org)

Malware

TrojanDownloader:MSIL/Muxtart.A

Win32 / Spy.Agent.ORM

Win32 / Wemosis.H

Win32 / Dridex.S

Win32 / Dridex.P

Phishing

APPLE	10th September 2015
ACCOUNT STATUS HAS BEEN CHANGED , INVOICE NUMBER #965221

Vulnerebility

SANS News

A look through the spam filters - examining waves of Upatre malspam

Threatpost

FTC, Experts Push Startups to Think About Security From the Beginning

NY Health Provider Excellus Discloses Data Breach Dating to 2013

Pair of Drupal Modules Patch Access Bypass Flaws

Exploit

Android Stagefright - Remote Code Execution

Qlikview <= 11.20 SR11 - Blind XXE Injection Vulnerability

Auto-Exchanger 5.1.0 - CSRF Vulnerability

9.9.2015

Bugtraq

[ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials 2015-09-09
ERPScan inc (erpscan online gmail com)

[ERPSCAN-15-015] SAP NetWeaver AS ABAPâ?? Hardcoded Credentials 2015-09-09
ERPScan inc (erpscan online gmail com)

[ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE in Add Repository 2015-09-09
ERPScan inc (erpscan online gmail com)

ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-09-09
Security Alert (Security_Alert emc com)

ESA-2015-140: RSA® Identity Management & Governance Multiple Cross-Site Scripting Vulnerabilities 2015-09-09
Security Alert (Security_Alert emc com)

[security bulletin] HPSBOV03506 rev.1 - TCP/IP Services for OpenVMS running BIND, Remote Denial of Service (DoS) 2015-09-08
security-alert hp com

Defense in depth -- the Microsoft way (part 33): arbitrary code execution (and UAC bypass) via RegEdit.exe 2015-09-08
Stefan Kanthak (stefan kanthak nexgo de)

[SECURITY] [DSA 3354-1] spice security update 2015-09-08
Salvatore Bonaccorso (carnil debian org)

Re: Oracle Hyperion password disclosure... 2015-09-08
jeff kayser jibeconsulting com

Malware

MonitoringTool:Win32/TektonIt
HackTool:Win32/Broduplo
TrojanDownloader:Win32/Dabaker.A
TrojanDownloader:Java/OpenConnection.QE

Phishing

Tesco Bank	8th September 2015
Locked out due to recent changes

Vulnerebility

SANS News

Adobe Updates Shockwave Player

September 2015 Microsoft Patch Tuesday

Threatpost

Android Stagefright Exploit Code Released to Public

Musical Chairs Campaign Found Deploying New Gh0st RAT Variant

Jessy Irwin on Password Security, Opsec and User Education

Security of iMessage System Comes to the Fore Again

Turla APT Group Abusing Satellite Internet Links

TLS Implementations Vulnerable to RSA Key Leaks

Microsoft Patches Graphics Component Flaw Under Attack

Exploit

Qlikview <= 11.20 SR11 - Blind XXE Injection Vulnerability

PHP SplDoublyLinkedList unserialize() Use-After-Free

PHP GMP unserialize() Use-After-Free

PHP SplObjectStorage unserialize() Use-After-Free

PHP Session Deserializer Use-After-Free

DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities

Linux/x86 - execve("/bin/cat", ["/bin/cat", "/etc/passwd"], NULL)

8.9.2015

Bugtraq

[CVE-2015-3623] Qlikview blind XXE Security Vulnerability 2015-09-08
alex_haynes outlook com

NETGEAR Wireless Management System - Authentication Bypass and Privilege Escalation. 2015-09-07
Elliott Lewis (elliott lewis uk gmail com)

[SECURITY] [DSA 3353-1] openslp-dfsg security update 2015-09-05
Alessandro Ghedini (ghedo debian org)

JSPMySQL Administrador CSRF & XSS Vulnerabilities 2015-09-05
apparitionsec gmail com

Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)

Malware

Backdoor:Win32/Shesmi.A
TrojanDownloader:Win32/Puflug.B
TrojanDropper:Win32/PSah.A

Win32/Spy.Agent.ORM

Win32/Wemosis.H

Phishing

Amazon	7th September 2015
Amazon account status has been changed

Vulnerebility

SANS News

September 2015 Microsoft Patch Tuesday

A Close Look at PayPal Overpayment Scams That Target Craigslist Sellers

Threatpost

Adobe Patches Two Shockwave Player Vulnerabilities

eBay Fixes XSS Flaw in Subdomain

Government Releases Policy on Vulnerability Discovery and Disclosure

Exploit

Cisco Sourcefire User Agent 2.2 - Insecure File Permissions

IBM AIX High Availability Cluster Multiprocessing (HACMP) Local Privilege Escalation 0day

Advantech WebAccess 8.0, 3.4.3 ActiveX - Multiple Vulnerabilities

VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow

7.9.2015

Bugtraq

NETGEAR Wireless Management System - Authentication Bypass and Privilege Escalation. 2015-09-07
Elliott Lewis (elliott lewis uk gmail com)

[SECURITY] [DSA 3353-1] openslp-dfsg security update 2015-09-05
Alessandro Ghedini (ghedo debian org)

JSPMySQL Administrador CSRF & XSS Vulnerabilities 2015-09-05
apparitionsec gmail com

Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)

Avira Mobile Security iOS Application - Cleartext Credentials Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)

Defense in depth -- the Microsoft way (part 32): yet another (trivial) UAC bypass resp. privilege escalation 2015-09-04
Stefan Kanthak (stefan kanthak nexgo de)

Oracle Hyperion password disclosure... 2015-09-04
Jeff Kayser (jeff kayser jibeconsulting com)

Malware

TrojanSpy:Win32/Banker.AOT
TrojanSpy:Win32/Banker.AOS
TrojanSpy:Win32/Banker.AOP

Phishing

Nobel Trust Ltd.	3rd September 2015
International Escrow Agent

Vulnerebility

SANS News

Security Awareness and Collaboration

Hunting for IOC's with ioc-parser

Threatpost

Exploit

Endian Firewall Proxy Password Change Command Injection

NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation

JSPMySQL Administrador - Multiple Vulnerabilities

Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities

WordPress Contact Form Generator <= 2.0.1 - Multiple CSRF Vulnerabilities

FireEye Appliance Unauthorized File Disclosure

Elastix < 2.5 , PHP Code Injection Exploit

AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow

Disconnect.me Mac OS X Client <= 2.0 - Local Privilege Escalation

ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC

5.9.2015

Bugtraq

Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)

Avira Mobile Security iOS Application - Cleartext Credentials Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)

Defense in depth -- the Microsoft way (part 32): yet another (trivial) UAC bypass resp. privilege escalation 2015-09-04
Stefan Kanthak (stefan kanthak nexgo de)

Oracle Hyperion password disclosure... 2015-09-04
Jeff Kayser (jeff kayser jibeconsulting com)

[SECURITY] [DSA 3352-1] screen security update 2015-09-04
Laszlo Boszormenyi (gcs debian org)

Malware

BKDR_CARBANAK.C

BKDR_CARBANAK.B

VBA / TrojanDownloader.Agent.AAV

VBA / TrojanDownloader.Agent.AAL

VBA / TrojanDownloader.Agent.AAK

Win32 / Dridex.S

VBA / TrojanDownloader.Agent.AAZ

Phishing

Vulnerebility

SANS News

Threatpost

Attacker Compromised Mozilla Bug System, Stole Private Vulnerability Data - See more at: https://threatpost.com/attacker-compromised-mozilla-bug-system-stole-private-vulnerability-data/114552/#sthash.0WvwhP3t.dpuf

Attacker Compromised Mozilla Bug System, Stole Private Vulnerability Data

Exploit

4.9.2015

Bugtraq

[SECURITY] [DSA 3352-1] screen security update 2015-09-04
Laszlo Boszormenyi (gcs debian org)

[slackware-security] seamonkey (SSA:2015-246-01) 2015-09-03
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3351-1] chromium-browser security update 2015-09-03
Michael Gilbert (mgilbert debian org)

[CVE-2014-7216] Yahoo! Messenger emoticons.xml Multiple Key Value Handling Local Buffer Overflow 2015-09-03
Julien Ahrens (info rcesecurity com)

ESA-2015-144: EMC Documentum Content Server Privilege Escalation Vulnerability 2015-09-03
Security Alert (Security_Alert emc com)

Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities 2015-09-03
Vulnerability Lab (research vulnerability-lab com)

Checkmarx CxQL Sandbox bypass (CVE-2014-8778) 2015-09-03
hdau deloitte fr

[SYSS-2015-016] Avaya one-X® Agent - Hard-coded Cryptographic Key 2015-09-03
sven freund syss de

[slackware-security] bind (SSA:2015-245-01) 2015-09-02
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3350-1] bind9 security update 2015-09-02
Moritz Muehlenhoff (jmm debian org)

FreeBSD Security Advisory FreeBSD-SA-15:23.bind 2015-09-02
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 3348-1] qemu security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3349-1] qemu-kvm security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)

Malware

Phishing

Vulnerebility

SANS News

Port Scanners: The Good and The Bad

Threatpost

Citovat Wassenaar, HP vytáhne z Mobile Pwn2Own

Federálové Change Policy vyžadovat rozkaz k použití Stingrays

Exploit

3.9.2015

Bugtraq

[SECURITY] [DSA 3348-1] qemu security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3349-1] qemu-kvm security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)

Cisco Security Advisory: Cisco Integrated Management Controller Supervisor and Cisco UCS Director Remote File Overwrite Vulnerability 2015-09-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)

ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability 2015-09-02
Security Alert (Security_Alert emc com)

Malware

TrojanDownloader:Win32/Contaskitar.B
TrojanDownloader:Win32/Retkwark.A
TrojanDownloader:Win32/Qulkonwi.D
TrojanDownloader:Win32/Lophistdol.A
Backdoor:Win32/NetWiredRC.D

TrojanSpy:Win32/Banker.AOO
Backdoor:Win32/Farfli.BJ
TrojanDownloader:Win32/Upatre.BY
TrojanDownloader:Win32/Upatre.BX
TrojanDownloader:Win32/Scadmacs.A
SoftwareBundler:Win32/Owsair
SoftwareBundler:Win32/LoadArcher.A
SoftwareBundler:Win32/LoadArcher
TrojanDownloader:Win32/Upatre.CB

Phishing

Service 2015	2nd September 2015
PLEASE LOGIN TO UPDATE YOUR ACCOUNT INFORMATIONS
Administrator OnlineÂ®	2nd September 2015
âœ”VIEW MAIL!!
Yvonne Perry	2nd September 2015
ONENIGHTSEX NOTICE IS PENDING
Tesco Bank	1st September 2015
Tesco Account suspended due to TOS violations
Mohamed Abdel	1st September 2015
URGENT !!!
email update	1st September 2015
INFO
Mona Yates	1st September 2015
YOU'VE 1 F#CK REQUEST

Vulnerebility

SANS News

Querying the DShield API from RTIR

Threatpost

New Versions of Carbanak Banking Malware Seen Hitting Targets in U.S. and Europe

New Android Ransomware Communicates over XMPP

Cisco Patches File Overwrite Bug in IMC Supervisor and UCS Director

Exploit

SphereFTP Server 2.0 - Crash PoC

Mainframe/System Z Bind Shell

2.9.2015

Bugtraq

ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability 2015-09-02
Security Alert (Security_Alert emc com)

Cross-Site Request Forgery in Cerb 2015-09-02
High-Tech Bridge Security Research (advisory htbridge ch)

[slackware-security] gdk-pixbuf2 (SSA:2015-244-01) 2015-09-01
Slackware Security Team (security slackware com)

CVE-2015-5603: JIRA and the HipChat For JIRA plugin - Velocity Template Injection 2015-09-02
David Black (dblack atlassian com)

KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation 2015-09-01
KoreLogic Disclosures (disclosures korelogic com)

KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation 2015-09-01
KoreLogic Disclosures (disclosures korelogic com)

[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities 2015-09-01
CORE Advisories Team (advisories coresecurity com)

Malware

Phishing

Tesco Bank	1st September 2015
Tesco Account suspended due to TOS violations
Mohamed Abdel	1st September 2015
URGENT !!!
email update	1st September 2015
INFO
Mona Yates	1st September 2015
YOU'VE 1 F#CK REQUEST
ITç®¡ç†ä¸å¿ƒ	1st September 2015
ã€ç½‘ç»œè¿è¥éƒ¨ã€‘å…³äºŽEMI Sé‚®ä»¶æœ?åŠ¡å?‡çº§çš„é€šçŸ¥ï¼ ï¼ˆè¯·å?Šæ—¶æŸ¥çœ‹ï¼‰
Wells Fargo Bank	1st September 2015
WELLS FARGO NOTIFICATION- MESSAGE ID : 9876123

Vulnerebility

SANS News

What's the situation this week for Neutrino and Angler EK?

Threatpost

Encryption, Lock Mechanism Vulnerabilities Plague AppLock

Google Patches Critical Vulnerabilities in Chrome 45

Victims of June OPM Hack Still Haven’t Been Notified

Netflix Sleepy Puppy Awakens XSS Vulnerabilities in Secondary Applications

Exploit

Bedita 3.5.1 - XSS Vulnerabilities

Edimax BR6228nS/BR6228nC - Multiple Vulnerabilities

Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow

SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where PoC

XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write PoC

Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow

SphereFTP Server 2.0 - Crash PoC

OS X x64 /bin/sh Shellcode, NULL Byte Free, 34 bytes

Cerb 7.0.3 - CSRF Vulnerability

GPON Home Router FTP G-93RG1 - CSRF Command Execution Vulnerability

Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass

1.9.2015

Bugtraq

[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities 2015-09-01
CORE Advisories Team (advisories coresecurity com)

[security bulletin] HPSBMU03339 rev.1 - HP LoadRunner Controller, Local Execution of Arbitrary Code 2015-09-01
security-alert hp com

[security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information 2015-08-31
security-alert hp com

[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information 2015-08-31
security-alert hp com

Malware

Worm:VBS/Tibni.A

Phishing

Mohamed Abdel	1st September 2015
URGENT !!!
email update	1st September 2015
INFO
Mona Yates	1st September 2015
YOU'VE 1 F#CK REQUEST
ITç®¡ç†ä¸å¿ƒ	1st September 2015
ã€ç½‘ç»œè¿è¥éƒ¨ã€‘å…³äºŽEMI Sé‚®ä»¶æœ?åŠ¡å?‡çº§çš„é€šçŸ¥ï¼ ï¼ˆè¯·å?Šæ—¶æŸ¥çœ‹ï¼‰
Wells Fargo Bank	1st September 2015
WELLS FARGO NOTIFICATION- MESSAGE ID : 9876123
PayPol Services	31st August 2015
CASE ID : 1389795465 \| PLEASE CHECK YOUR PAYPOL ACCOUNT INFORMATION
PayPal - Customer	31st August 2015
IMPORTANT UPDATE REQUIRED IN YOUR PAYPAL ACCOUNT âœ”
Natwest	29th August 2015
Natwest Notice

Vulnerebility

SANS News

Gift card from Marriott?

Encryption of "data at rest" in servers

How to hack

Threatpost

Exploit

Bedita 3.5.1 - XSS Vulnerabilities

Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow