hotnewsobsah13

Databáze Hot News - Rok - Úvod 2018 2017 2016 2015 2014 2013 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 List - 2018 2017 2016 2015 2014 2013
Poslední aktualizace v 08.10.2016 14:19:38

26.11.2014

Bugtraq

[SECURITY] [DSA 3076-1] wireshark security update 2014-11-25
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBUX03166 SSRT101489 rev.1 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass 2014-11-25
security-alert hp com

[security bulletin] HPSBGN03203 rev.1 - HP CMS: UCMDB Browser running OpenSSL, Remote Disclosure of Information 2014-11-25
security-alert hp com

[security bulletin] HPSBGN03201 rev.1 - HP Asset Manager running SSLv3, Remote Disclosure of Information 2014-11-25
security-alert hp com

Slider Revolution/Showbiz Pro shell upload exploit 2014-11-25
simo morxploit com

[security bulletin] HPSBST03148 rev.1 - HP StoreOnce Gen 2 Backup Systems running Bash Shell, Remote Code Execution 2014-11-25
security-alert hp com

[security bulletin] HPSBMU03214 rev.1 - HP Systinet running SSLv3, Remote Disclosure of Information 2014-11-25
security-alert hp com

[ MDVSA-2014:227 ] ffmpeg 2014-11-25
security mandriva com

Malware

RDN/DNSChanger.bfr!e!3E9F61659DCB
RDN/Generic.bfr!hx!F4E8EC8F6309
RDN/Generic.hra!54EBADE7CF2B
RDN/Generic BackDoor!b2q!3E26C9130541
RDN/BackDoor-FBSA!a!3BCCD237AB2C
RDN/Generic BackDoor!b2q!3C68CACEE00E
RDN/Generic BackDoor!b2q!3E0A2AE85E72
RDN/DNSChanger.bfr!e!3D3C0EFC2DE7
RDN/Generic BackDoor!b2q!3BF93A3DAAD3
RDN/Generic PUP.x!0F459E5BD7C1
Generic PUP.x!3B1681C874D6
Generic PUP.x!12CCBF422212
RDN/Generic.bfr!hx!5616D309BA0F
Generic PUP.x!25B1AB701DF1
Downloader-FSH!45156A1B0E47
Generic PUP.x!1EDCABA72F1C
Generic PUP.x!15E78B32E575
Generic PUP.x!16EC4694985C
Generic PUP.x!2A3F75A57A32
Generic PUP.x!250DCD90C6CC
Generic PUP.x!20FF94C3E22D
Generic PUP.x!02FC3AAB13C3
Generic PUP.x!20B559EF0186
Generic PUP.x!0C9BFB83CF7B
Generic PUP.x!257BD3076C95
Generic PUP.x!0996CF63237C
Generic PUP.x!1842A04A903B
Generic PUP.x!13116166AE13
Generic PUP.x!084F3EDA5016
Generic PUP.x!1241B8A5C49A

Phishing

PayPal	26th November 2014
Now check the account
BT at home	26th November 2014
BT.com Important Account Notice
Halifax UK	26th November 2014
Secure Online Banking
BT	26th November 2014
BT Internet unable to process your recent payment of bill
Tom Holder	25th November 2014
Important Document
Citibank	25th November 2014
ACCOUNT VERIFICATION REQUIRED
PayPal	25th November 2014
Suspicious Activity on Your Paypal Account
Apple INC	25th November 2014
YOUR APPLE ACCOUNT WILL BE BLOCKED
Apple Inc	25th November 2014
YOUR ACCOUNT HAS BEEN LIMITED
PayPal Service	25th November 2014
[PAYPAL] : ATTENTION YOUR ACCOUNT HAS BEEN LIMITED
Bank of America	25th November 2014
Bank of America Corporate Office Headquarters

Vulnerebility

Exploit

25.11.2014

Bugtraq

Docker 1.3.2 - Security Advisory [24 Nov 2014] 2014-11-24
Eric Windisch (eric windisch docker com)

CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
ajs swordshield com

Malware

RDN/Generic PUP.x!68E6CB96092C
Generic PUP.x!4B8614FC56A2
RDN/Generic.dx!dhb!E4FDF7A92038
RDN/BackDoor-FCHE!74921DBFB53D
RDN/BackDoor-FCHE!a!74921DBFB53D
RDN/Generic PWS.y!bbw!B8B75CD22E5F
Generic PUP.x!160315555D9D
RDN/Spybot.bfr!o!747D1E4FF39B
Generic PUP.x!ED1C78A75799
Generic PUP.x!D09E31965F28
RDN/Generic PUP.x!6D3A2517A3CE
RDN/Generic PUP.x!cq3!CB2B1FAC503D
Generic PUP.x!91B7CAECDF13
Generic PUP.x!21696A4F70F5
RDN/Generic PWS.y!bbw!A62FE923B60A
RDN/Generic.bfr!hx!3E9B9EE55A1E
RDN/Generic PUP.x!cq3!679D7548E8E8
RDN/Generic BackDoor!b2q!3B270C750FBA
Generic PUP.x!1919958A59A5
RDN/Generic.bfr!hr!B24F790C4B44
Generic PUP.x!842D1BA62C84
RDN/Generic PUP.x!4AF7ABF320D3
Generic PUP.x!8D6CF81600D6
4shared!0A602BBB4668
RDN/Generic PWS.y!F0176D398E81
RDN/Generic PWS.y!bbw!F0176D398E81
RDN/Generic Downloader.x!19AF237871AC
RDN/Generic Dropper!vp!210783CD493C
RDN/Ransom!57A9939F36E8
Generic PUP.x!556DBE53EBFC

Phishing

Bank of America	25th November 2014
Bank of America Corporate Office Headquarters
Paypal Service	24th November 2014
Your Paypal Account Has Been Limited !
service	24th November 2014
[PAYPAL]: PLEASE LOG IN TO CONFIRM YOUR DEBIT CARD âœ”

Vulnerebility

Exploit

Hikvision DVR RTSP Request Remote Code Execution

TP-Link TL-WR740N - Denial Of Service

Advantech EKI-6340 Command Injection

PHP 5.5.12 Locale::parseLocale Memory Corruption

tcpdump 4.6.2 Geonet Decoder Denial of Service

24.11.2014

Bugtraq

CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
ajs swordshield com

Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin 2014-11-22
Larry W. Cashdollar (larry0 me com)

Malware

RDN/Generic PUP.x!cqd!C8D962B308E8
RDN/Generic BackDoor!b2q!13997EBF7AF8
RDN/Generic Downloader.x!lv!2B6EA49E4802
Generic PUP.x!33B33A1DA754
RDN/Generic PUP.x!cqd!72E78A73398F
Generic PUP.x!6BDC4A2981BE
RDN/DNSChanger.bfr!e!6A1705927EAD
GenericR-CKW!69774702E587
RDN/Generic.bfr!96C068552410
RDN/Generic Downloader.x!6FA662C964DB
W32/Induc!0C1714266C7A
RDN/Spybot.bfr!22CD07F148C8
RDN/Generic.tfr!ef!00825BF9C1A6
RDN/Generic.bfr!hx!CB58A6F1E3EE
Generic.bfr!5A607C45A622
RDN/Generic.bfr!hr!9DD4A253378C
RDN/Generic.dx!dhb!872814BF341F
RDN/Generic.bfr!9841DE5752DF
RDN/Generic.bfr!803AE36DDB2A
RDN/Generic Dropper!7707641D90D8
RDN/Generic-FAOD!a!48DBADBBC0C5
RDN/Generic.dx!dhb!6A84FDCB104A
Generic PUP.x!426A93A6CC1C
RDN/Generic BackDoor!8FE6305DE375
RDN/Generic PUP.x!cqd!1BFC976390CE
RDN/Spybot.bfr!11AB0D51D563
Generic PUP.x!409A5AF57850
Generic PUP.x!2AA0461C4B1C
RDN/Generic PWS.y!bbw!DE0063FBD398
RDN/Generic.bfr!097D46CCB3BB

Phishing

Paypal Service	24th November 2014
Your Paypal Account Has Been Limited !
service	24th November 2014
[PAYPAL]: PLEASE LOG IN TO CONFIRM YOUR DEBIT CARD âœ”
Halifax	23rd November 2014
Your Internet Banking is temporarily suspended
PAYPAL	23rd November 2014
UPDATE YOUR LEGAL AGREEMENTS WITH PAYPAL IN 24 HOURS ! âœ”
PAYPAL	22nd November 2014
UPDATE YOUR LEGAL AGREEMENTS WITH PAYPAL IN 24 HOURS ! âœ”
PayPal Team	22nd November 2014
[PAYPAL ] :YOUR ACCOUNT HAS BEEN LIMITED PAYPAL ID PP-658-119-347 âœ”

Vulnerebility

Exploit

TP-Link TL-WR740N - Denial Of Service

22.11.2014

Bugtraq

[security bulletin] HPSBUX03087 SSRT101413 rev.2 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-11-21
security-alert hp com

[ MDVSA-2014:224 ] krb5 2014-11-21
security mandriva com

[ MDVSA-2014:223 ] wireshark 2014-11-21
security mandriva com

[ MDVSA-2014:222 ] libvirt 2014-11-21
security mandriva com

[ MDVSA-2014:221 ] php-smarty 2014-11-21
security mandriva com

[ MDVSA-2014:220 ] qemu 2014-11-21
security mandriva com

[ MDVSA-2014:219 ] srtp 2014-11-21
security mandriva com

[security bulletin] HPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote Vulnerabilities 2014-11-21
security-alert hp com

[ MDVSA-2014:218 ] asterisk 2014-11-21
security mandriva com

WordPress 3 persistent script injection 2014-11-20
Jouko Pynnonen (jouko iki fi)

AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic. 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-013: PJSIP ACLs are not loaded on startup 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-017: <font size="3" style="font-size: 12pt">Permission escalation through ConfBridge actions/dialplan functions</font> 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-018: AMI permission escalation through DB dialplan function 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-014: High call load may result in hung channels in ConfBridge. 2014-11-21
Asterisk Security Team (security asterisk org)

Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21
thai q dang itas vn

[SECURITY] [DSA 3075-1] drupal7 security update 2014-11-20
Salvatore Bonaccorso (carnil debian org)

Malware

RDN/Generic.bfr!hx!DE77DB689C43
RDN/Generic BackDoor!b2q!116F9AB018BB
RDN/Generic PUP.x!2EE636D7DE87
RDN/Ransom!el!3CD2F0C9379C
RDN/PWS-Zbot.hb!c!35FAC154FDDD
Generic.bfr!1E9EA8318DCC
RDN/Generic.bfr!hx!C6C2E2091D28
RDN/Generic PWS.y!bb3!8835A343D366
RDN/Generic.dx!dhb!A2B500DC573E
RDN/Generic BackDoor!b2q!2FDA5C7CF103
RDN/Generic PWS.y!E97826126A08
RDN/Generic BackDoor!b2q!6F6CE5127F89
RDN/Autorun.worm!dn!E81883C389B9
RDN/Downloader.a!tv!7937975B19A9
RDN/Generic.dx!dhb!32BDDB37D59F
RDN/Generic Dropper!AC950393D2F9
RDN/Generic PUP.x!D9385F078EA7
Generic.dx!2F360CCBD8A9
RDN/Generic PWS.y!bb3!B96A0757211E
RDN/Generic BackDoor!b2q!84DC4973574D
RDN/Generic.bfr!hx!1063CF236C5F
RDN/Generic BackDoor!b2q!DEECA3CA1A81
RDN/Generic.bfr!hr!7BE47BDC8A07
RDN/YahLover.worm!bd!19EB37A8572E
RDN/Generic PUP.x!42FE0F510450
RDN/Generic PUP.x!B22CD680399B
RDN/Generic PUP.x!2346B92DA18D
RDN/Generic PUP.x!E80738336190
RDN/Generic.dx!dhb!732985B672C3
RDN/Generic BackDoor!b2q!D889ED70D6E2

Phishing

Natwest	21st November 2014
Important Update Alert.
Scotia OnLine	21st November 2014
You Have 1 New Epost...
Joey	21st November 2014
DISCUSSANT SINGING COLIN

Vulnerebility

Exploit

Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation

Supr Shopsystem 5.1.0 - Persistent UI Vulnerability

Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit

MyBB <= 1.8.2 - unset_globals() Function Bypass and Remote Code Execution Vulnerability

21.11.2014

Bugtraq

WordPress 3 persistent script injection 2014-11-20
Jouko Pynnonen (jouko iki fi)

AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic. 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-013: PJSIP ACLs are not loaded on startup 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-017: <font size="3" style="font-size: 12pt">Permission escalation through ConfBridge actions/dialplan functions</font> 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-018: AMI permission escalation through DB dialplan function 2014-11-21
Asterisk Security Team (security asterisk org)

AST-2014-014: High call load may result in hung channels in ConfBridge. 2014-11-21
Asterisk Security Team (security asterisk org)

Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21
thai q dang itas vn

[SECURITY] [DSA 3075-1] drupal7 security update 2014-11-20
Salvatore Bonaccorso (carnil debian org)

CVE-2014-8877 - Code Injection in Wordpress CM Download Manager plugin 2014-11-20
phi n le itas vn

[ MDVSA-2014:217 ] clamav 2014-11-20
security mandriva com

[ MDVSA-2014:216 ] php-ZendFramework 2014-11-20
security mandriva com

Malware

RDN/Generic BackDoor!b2p!1D6ED7BEE3DB
RDN/Generic PWS.y!bb3!D5AA95CE380A
RDN/Generic PUP.x!70CE98FA89DC
Generic Downloader.x!8C6EC0F674E4
Generic.dx!9D484F261123
Generic.bfr!2667860FB3DD
RDN/Generic BackDoor!0A0BE53DD9C5
RDN/Generic BackDoor!A5D97019D2E4
Generic PUP.x!437DEAB95D62
Generic.dx!10C8A14931D8
Generic.dx!7F8F7DAC959D
Generic PUP.x!99F252EBB5C1
GenericR-CKP!7C4FDFDAE278
RDN/Generic PUP.x!cqd!2C22C901CA8D
Generic PUP.x!BEE5CAE8CBA8
RDN/Generic PUP.x!cqd!A9CB0EEBF9D5
RDN/Generic PWS.y!bb3!3C297D200E03
Generic PUP.x!BABE8DADF9A7
GenericR-CKP!9C57878AA16B
Generic Downloader.x!9A83F9899DA2
RDN/Generic.bfr!hr!5371303446AE
RDN/Generic.dx!59804F31512F
RDN/Generic.dx!dhb!808239345AE2
RDN/Generic Dropper!vo!7054F85973C1
RDN/Generic BackDoor!b2p!6ED00D41A654
RDN/Downloader.a!tv!19D3C953FC04
Generic PUP.x!CFCE5945D560
Generic PUP.x!6A8C414E3775
RDN/Generic PUP.x!621C771FC00D
RDN/Generic Dropper!5F8801C95507

Phishing

Halifax UK	20th November 2014
Get Halifax Alert now
AT&T	19th November 2014
Please DocuSign this document: Contract_changes_11_19_2014.pd f

Vulnerebility

Exploit

Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)

20.11.2014

Bugtraq

[ MDVSA-2014:216 ] php-ZendFramework 2014-11-20
security mandriva com

[CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow 2014-11-19
CORE Advisories Team (advisories coresecurity com)

[CORE-2014-0008] - Advantech AdamView Buffer Overflow 2014-11-19
CORE Advisories Team (advisories coresecurity com)

[CORE-2014-0009] - Advantech EKI-6340 Command Injection 2014-11-19
CORE Advisories Team (advisories coresecurity com)

CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM 2014-11-19
Portcullis Advisories (advisories portcullis-security com)

[SECURITY] [DSA 3074-2] php5 regression update 2014-11-19
Yves-Alexis Perez (corsac debian org)

Malware

RDN/Generic Dropper!vo!1F69DB677B1B
Generic PUP.x!017F99BEB30E
RDN/Generic PUP.x!cqd!6448A5D577DB
RDN/Spybot.bfr!o!A77EC13EF601
RDN/Generic Downloader.x!lu!F6CFF1FACC4F
RDN/Generic PUP.x!C13415D7FAEF
RDN/Generic PUP.x!BBE3C05E1FBC
RDN/Generic PUP.x!728B2BBB499A
RDN/Generic BackDoor!b2p!E1DBFC8C732E
RDN/Generic PUP.x!0A327B130FCA
RDN/Spybot.bfr!o!3061729CF360
RDN/Generic PUP.x!8B7ECB1317B1
RDN/Generic PUP.x!7681E9022688
RDN/Generic PUP.x!E6107BBCB280
RDN/Generic PUP.x!cqd!24FE3E91A7B8
RDN/Generic.dx!dh3!FDEA9C47CAF8
RDN/Generic Dropper!565A3E8E6459
RDN/Generic PUP.x!cqd!9913DD4EBAFA
Generic PUP.x!A9EB68E8D0BB
Generic PUP.x!5DCAD3946C61
RDN/Generic PUP.x!6FB4C030F2D8
RDN/Generic PUP.x!E23BB0087414
RDN/Generic PWS.y!bb3!FBEBBA09EBE0
RDN/Generic Dropper!vo!EEA7B3E0F0EB
RDN/Generic Dropper!vo!376CBD9B0DB6
RDN/Generic PUP.x!cqd!C7CC58BCEDBD
RDN/Generic PUP.x!E28CE449C0AA
RDN/Downloader.a!tv!85874AAFE4AE
RDN/Generic PUP.z!eh!BB4B332BFDEB
RDN/Generic PUP.x!D171756F3DD9

Phishing

AT&T	19th November 2014
Please DocuSign this document: Contract_changes_11_19_2014.pd f

Vulnerebility

Exploit

Snowfox CMS 1.0 - CSRF Add Admin Exploit

Paid Memberships Pro 1.7.14.2 Path Traversal

MINIX 3.3.0 Remote TCP/IP Stack DoS

19.11.2014

Bugtraq

[SECURITY] [DSA 3074-1] php5 security update 2014-11-18
Yves-Alexis Perez (corsac debian org)

[ MDVSA-2014:213 ] curl 2014-11-18
security mandriva com

[ MDVSA-2014:214 ] dbus 2014-11-18
security mandriva com

CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

Malware

Generic PUP.x!00C13E6E3EB6
Generic PUP.x!00E98E712C2B
FakeAV-M.bfr!BBDC8C713DFB
FakeAV-M.bfr!B5282F5794C1
RDN/Generic.bfr!hx!8C5310EB2E21
RDN/Generic.bfr!hx!C5756F00BDEB
RDN/Generic.bfr!hx!B4FCFF992CF8
RDN/Generic PWS.y!bb3!1ADE20F7B5F4
RDN/Generic BackDoor!b2p!85361CC6DD21
Generic PUP.x!90A7DFCCE751
RDN/Generic BackDoor!b2p!56BF59B841E7
Generic PUP.x!00EDDDCA1644
RDN/Generic.dx!dh3!BC5E4A946D40
RDN/Generic.dx!dh3!E6B330038EA9
RDN/Generic.dx!dh3!47FA264B5895
RDN/Generic.dx!dh3!D32D20350F81
FakeAV-M.bfr!2E4D3FC856E0
Generic PUP.x!68E73B576E5E
Generic PUP.x!00C17DE6F67A
RDN/Generic PWS.y!3C1C7216FE9D
RDN/BackDoor-FBSA!a!4B5361C834F3
Obfuscated-FBU!hb!B4643A3414B5
RDN/Generic PWS.y!bb3!E20307B2950B
Generic PUP.x!56433CD98571
RDN/Generic PWS.y!bb3!451CA4734C60
DNSChanger.bfr!AC72E79583DC
Generic PUP.x!1752930D7B78
RDN/Generic.dx!dh3!3B674035143B
RDN/Generic Dropper!vo!AA27627CC4B9
RDN/Generic.dx!2AF9CF345324

Phishing

Vulnerebility

Exploit

18.11.2014

Bugtraq

CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload 2014-11-18
Steffen Bauch (mail steffenbauch de)

[security bulletin] HPSBMU03183 rev.2 - HP Server Automation and Server Automation Virtual Appliance, running SSL, Remote Disclosure of Information 2014-11-17
security-alert hp com

[security bulletin] HPSBMU03072 rev.3 - HP Data Protector, Remote Execution of Arbitrary Code 2014-11-17
security-alert hp com

APPLE-SA-2014-11-17-3 Apple TV 7.0.2 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-11-17-1 iOS 8.1.1 2014-11-17
Apple Product Security (product-security-noreply lists apple com)

Malware

RDN/Generic PUP.x!0724FAB97D94
RDN/Generic.dx!99F84BDE0439
Generic PUP.x!0D44B7CC3FDA
RDN/Generic BackDoor!b2p!FB35705B76B7
RDN/Ransom!0F2AA697E6C7
RDN/Generic PUP.x!017E325AE31C
Generic PUP.x!A76715CB62E6
RDN/Generic.bfr!EBF9B5B0A914
RDN/Generic Dropper!vo!F42597D96562
RDN/Downloader.a!tv!1CD17EABF047
Generic Downloader.x!B56032E405E7
RDN/Generic.dx!39E5F9EA79E1
RDN/Generic.bfr!hx!083DBCADB6C9
Generic Downloader.x!55B31F5F7567
RDN/Ransom!el!136B380E0367
Generic PUP.x!2852EBD71AC8
RDN/Generic PUP.x!F1D8CCA4256F
RDN/Generic PUP.x!1F1B3D50E79A
RDN/Generic PUP.x!011528B058B0
RDN/Generic BackDoor!b2p!29AAF121B6A9
RDN/Generic BackDoor!b2p!1D1187A13387
Generic PUP.x!83C9CE7AA253
RDN/Downloader.gen.a!BBE4A3B1BF31
RDN/Downloader.a!tv!BBE4A3B1BF31
Generic Downloader.x!CF714E4D1863
Generic Downloader.x!EF9B764AB59F
Downloader.gen.a!19ED8B3721C2
Generic PUP.x!1ED584B8EA9D
RDN/Generic.bfr!hx!A39B0C7102C2
Generic Downloader.x!11CABFCE85F1

Phishing

Paypal SecurityÂ™	18th November 2014
YOUR ACCOUNT WILL BE LIMITED , UPDATE YOUR INFORMATION PLEASE âœ”
bt.comms@bt.com	17th November 2014
Your account will be close

Vulnerebility

Exploit

Samsung Galaxy KNOX Android Browser RCE

MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass (MS12-037)

.NET Remoting Services Remote Command Execution

Safari 8.0 / OS X 10.10 - Crash PoC

17.11.2014

Bugtraq

[slackware-security] mozilla-thunderbird (SSA:2014-320-01) 2014-11-16
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3073-1] libgcrypt11 security update 2014-11-16
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information 2014-11-14

Malware

RDN/Generic PWS.y!bb3!0C767EFD8AD1
RDN/Generic.dx!dh3!784B4F0BC132
RDN/Generic.bfr!hx!5CADD3B00653
RDN/Generic.dx!dh3!31C058EB8CF6
RDN/Generic PUP.x!31199323BE81
RDN/Generic Dropper!3229D4A847A2
RDN/Generic BackDoor!314F6AD2D31F
RDN/Generic Dropper!3130D9D07ADD
4shared!30FD3C935734
RDN/Generic Dropper!7D98EBC1E088
RDN/Generic PWS.y!30A7F429ADA2
RDN/Generic PUP.x!cqb!25CE2EC1C9AC
RDN/Generic.bfr!hx!85E7BA4BC94D
RDN/Generic BackDoor!93DD14696152
RDN/Generic.hra!679EEB69B111
RDN/Generic.hra!cc!0C4BB97365B1
RDN/Generic Downloader.x!696FD446F1CA
RDN/Generic PWS.y!bb3!2AF80852D4DD
RDN/Downloader.gen.a!5EBC6CF2959F
Generic Downloader.x!2A22B66D0F63
RDN/Generic PWS.y!bb3!9338B94C3CE0
RDN/Generic.bfr!hx!313665A1810B
RDN/Generic.bfr!hx!7EF69D4C3CEF
RDN/Generic PUP.x!cqb!E0B91352F321
RDN/Generic.bfr!hx!D9F3F471FD03
RDN/Generic PUP.x!cqb!18559D61F448
Generic PUP.x!5064F4DC27CE
Generic PUP.x!2F7873AEA257
RDN/Generic PUP.x!30653FB57520
Generic PUP.x!2F8492DA5598

Phishing

bt.comms@bt.com	17th November 2014
Your account will be close
Paypa1 Online	16th November 2014
Customer Alert
PayPal	16th November 2014
âœ” ALERT ! YOUR PAYPAL ACCOUNT WILL BE LIMITED PP1366
PAYPAL	16th November 2014
UPDATE YOUR LEGAL AGREEMENTS WITH PAYPAL IN 24 HOURS ! âœ”

Vulnerebility

Exploit

Internet Explorer < 11 - OLE Automation Array Remote Code Execution

Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)

MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python

MS14-064 Microsoft Windows OLE Package Manager Code Execution

13.11.2014

Bugtraq

[security bulletin] HPSBMU03182 rev.1 - HP Server Automation running Bash Shell, Remote Code Execution 2014-11-12
security-alert hp com

[SECURITY] [DSA 3050-3] iceweasel security update 2014-11-12
Salvatore Bonaccorso (carnil debian org)

Prey Anti-Theft for Android missing SSL certificate validation [STIC-2014-0731] 2014-11-12
Programa STIC (stic fundacionsadosky org ar)

CVE-2014-8732 2014-11-12
cert it nrw de

CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2 2014-11-12
cert it nrw de

[SECURITY] [DSA 3072-1] file security update 2014-11-12
Thijs Kinkhorst (thijs debian org)

Malware

RDN/Generic.dx!dg3!6E42BE034646
RDN/Generic BackDoor!b2o!A4BA201D27B5
RDN/Generic BackDoor!b2o!B4658D758474
RDN/Generic BackDoor!b2o!D2B0B9F0AE02
RDN/Generic.grp!hq!F4B9ACE7817D
Generic.dx!EB4C797737EF
Generic.dx!FFDBE01BB517
Generic.bfr!427D2EADE182
RDN/Generic BackDoor!b2o!CE91FF247A01
RDN/DNSChanger.bfr!e!8700C0248915
RDN/Generic BackDoor!b2o!5F2C1341E91D
RDN/Generic BackDoor!b2o!8A63EA13713B
RDN/Generic.tfr!ee!7D2C265886AD
RDN/Generic BackDoor!b2o!8C8D2210B359
Generic.dx!DA02991D936A
RDN/Generic.tfr!ee!854420D74AED
RDN/Generic.tfr!ee!6F16E05E3F85
Generic.dx!F23366DAEA88
RDN/DNSChanger.bfr!e!8754E0E82C98
RDN/Generic BackDoor!B1AFF2085375
Generic BackDoor!8F04A34A41B1
Generic.dx!EDD3AF94B508
RDN/Generic PUP.x!331E6FEC610C
Generic PUP.x!001F1D55F1AC
Generic.dx!DF7FF20FAF37
Generic.dx!ACBE550995B0
RDN/Generic Dropper!vo!B6805B88BA9D
Generic.dx!9E45067133F4
Generic BackDoor!3BFA4ADAB672
RDN/Generic.grp!hq!DE8D4CF6F2DD

Phishing

Customer service	13th November 2014
IMPORTANT : WE NOTICED AN UNUSUAL ACTIVITY IN YOUR PAYPAL ACCOUNT
PayPal	13th November 2014
UPDATE YOUR ACCOUNT WHEN YOU ARE READY !
PayPal	12th November 2014
* CACTUS * Your account access is limited

Vulnerebility

Exploit

MS Office 2007 and 2010 - OLE Arbitrary Command Execution

WordPress SupportEzzy Ticket System Plugin 1.2.5 - Stored XSS Vulnerability

CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability

12.11.2014

Bugtraq

[security bulletin] HPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL, Remote Disclosure of Information 2014-11-11
security-alert hp com

[security bulletin] HPSBST03154 rev.1 - HP StoreFabric C-series MDS switches and HP C-series Nexus 5K switches running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBST03181 rev.1 - HP StoreEver ESL G3 Tape Library running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBHF03124 rev.2 - HP Thin Clients running Bash Shell, Remote Execution of Code 2014-11-11
security-alert hp com

[security bulletin] HPSBMU03165 rev.1 - HP Propel running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBMU03184 rev.1 - HP SiteScope running SSL, Remote Disclosure of Information 2014-11-11
security-alert hp com

[security bulletin] HPSBMU03190 rev.1 - HP Helion Cloud Development Platform Community and Commercial Editions, Remote Unauthenticated Access 2014-11-11
security-alert hp com

[security bulletin] HPSBUX03188 SSRT101487 rev.1 - HP-UX running HP Secure Shell, Remote Denial of Service (DoS) and other Vulnerabilities 2014-11-11
security-alert hp com

[SECURITY] [DSA 3071-1] nss security update 2014-11-11
Sebastien Delafond (seb debian org)

Missing SSL certificate validation in MercadoLibre app for Android [STIC-2014-0211] 2014-11-11
Programa STIC (stic fundacionsadosky org ar)

[security bulletin] HPSBGN03191 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running lighttpd, Remote Disclosure of Information and other Vulnerabilities 2014-11-11
security-alert hp com

[security bulletin] HPSBGN03117 rev.2 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

[security bulletin] HPSBST03155 rev.1 - HP StoreFabric H-series switches running Bash Shell, Remote Code Execution 2014-11-11
security-alert hp com

Malware

Downloader.gen.a!9A9A0A560D95
Generic PUP.x!FDD86F1C0E6B
Generic PUP.x!607E046CE594
RDN/Generic Downloader.x!lt!2C8EF96F4FC3
W32/Sdbot.worm!65EAE3A21DE9
W32/Sdbot.worm!4B529E07B886
W32/Sdbot.worm!2A3D30F65D53
Generic Downloader.x!0BD80CC44851
RDN/Generic PUP.x!cp3!75B65B579167
RDN/Generic.bfr!C6720E1E9494
Generic PUP.x!0D2D3AF4334E
Generic Dropper!A36B970EDA1C
Generic PUP.x!ED60892ABA47
Generic PUP.x!224A09A3D3E8
RDN/Generic PUP.x!819BF6C432A3
MultiPlug-FSK!A282AAECDC28
RDN/BackDoor-AWQ!bw!8987988169A0
Generic PUP.x!184C1107422D
Generic PUP.x!ABBC83F26ED7
RDN/Generic Dropper!01EFED3EF44C
RDN/Generic.dx!32C4BCE630B0
Generic PUP.x!0065227B53E7
Generic PUP.x!0C936568EE1B
Generic PUP.x!870B8C5A9F35
Generic PUP.x!EAF0C7B79361
Generic PUP.x!CE2C0055D146
Generic PUP.x!5F268E75C653
Generic PUP.x!48E4BC25D438
Generic PUP.x!3865BCCEE8C6
Generic PUP.x!B3EEB86211E1

Phishing

Vulnerebility

Exploit

11.11.2014

Bugtraq

Malware

RDN/Generic PUP.x!cpx!B98A2BB33AEE
RDN/DNSChanger.bfr!e!4F562A3D6907
Generic PUP.x!3B56DBFF8AEE
W32/Sality.gen!30CDECF71F7B
Generic PUP.x!702B32F54DC3
RDN/Generic PUP.x!9A55406ED224
Generic PUP.x!8D216C9D2AAC
RDN/Generic PUP.x!1BD910E77E40
RDN/Generic PUP.x!cpx!C66429526D3E
RDN/Generic.dx!5F04B665934C
RDN/Generic.tfr!ee!AF1DFAADEA0A
RDN/Generic PUP.x!cpx!2745C32D1106
RDN/Generic BackDoor!b2n!C3499199DBE7
Downloader.gen.a!28AB8AB1F217
RDN/Generic.grp!17949BFB7F23
Generic Downloader.x!45EB4AB85539
Generic PUP.x!3B09DAF519E0
RDN/Generic PUP.x!6C786F48F361
RDN/Generic PUP.x!cpx!267B86155BC2
RDN/Generic PUP.x!cpx!D6D91456AF29
RDN/Downloader.a!tu!D7CCD914E707
Generic PUP.x!6E61548B53BD
Generic Downloader.x!1FD0548CAF4A
RDN/Generic PUP.z!eh!7DEDDE778EEC
RDN/Generic PUP.x!FF76273A129F
FakeAV-Y.bfr!13B886DCFEDF
RDN/Generic BackDoor!b2n!982F0752F66A
RDN/Generic.bfr!hr!73254EE8B930
RDN/Generic Downloader.x!lt!F51CC82B81C8
Generic PUP.x!37E1B4ACAFB4

Phishing

Vulnerebility

Exploit

Visual Mining NetCharts Server Remote Code Execution

Internet Explorer 8 MS14-035 Use-After-Free Exploit

ManageEngine OpManager, Social IT Plus and IT360 - Multiple Vulnerabilities

XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities

Password Manager Pro / Pro MSP - Blind SQL Injection

ZTE ZXDSL 831CII - Insecure Direct Object Reference

Another Wordpress Classifieds Plugin - SQL Injection

PHP-Fusion 7.02.07 - SQL Injection

Progress OpenEdge 11.2 - Directory Traversal

Position independent & Alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); (87 bytes)

10.11.2014

Bugtraq

[The ManageOwnage series, part VIII]: Remote code execution and blind SQLi in OpManager, Social IT and IT360 2014-11-09
Pedro Ribeiro (pedrib gmail com)

[The ManageOwnage Series, part VII]: Super admin privesc + password DB dump in Password Manager Pro 2014-11-08
Pedro Ribeiro (pedrib gmail com)

[SECURITY] [DSA 3070-1] kfreebsd-9 security update 2014-11-07
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!390A7B209C4C
Generic PUP.x!3976D1F0551C
RDN/Generic PUP.x!cpw!CDC4C41E879A
RDN/Generic PUP.x!7681D3CB0430
RDN/Generic BackDoor!b2n!0E21CAB444D9
RDN/Generic BackDoor!b2n!B4FF01CA197E
RDN/Generic.dx!dgw!BD0E64FF6788
RDN/Generic BackDoor!b2n!3EDE0B30BD80
Generic PUP.x!8F62DAEF371E
RDN/Generic BackDoor!b2n!6F65362784B7
RDN/PWS-Banker!53E970CD53D9
RDN/Generic.bfr!hw!F8028E0F82A3
Generic PUP.x!C2C74207F67C
RDN/Generic PUP.x!cpw!EAD09547746C
Generic PUP.x!367196387990
Generic PUP.x!3449CD8E9D43
RDN/Generic PUP.x!5A14A83BA6E3
Generic PUP.x!A648051FCC48
Generic PUP.x!624A08BCE653
Generic PUP.x!6401C93461F8
Generic PUP.x!8C32DE63995E
Generic PUP.x!51BEEDDB0BE9
Generic PUP.x!40BFD8A54A80
Generic PUP.x!53FEF6C835DC
Generic PUP.x!69C6B1BBBF02
Generic PUP.x!5223BAD0C954
Generic PUP.x!5C5A2E52A181
Generic PUP.x!3CA49AE44383
Generic PUP.x!6271A41FBB30
Generic PUP.x!3D37F5D3E78B

Phishing

PayPal	10th November 2014
YOUR PAYPAL ACCOUNT WAS LIMITED

Vulnerebility

Exploit

9.11.2014

Bugtraq

Open-Xchange Security Advisory 2014-11-07 2014-11-07
Martin Heiland (martin heiland open-xchange com)

[SECURITY] [DSA 3068-1] konversation security update 2014-11-07
Moritz Muehlenhoff (jmm debian org)

FreeBSD Security Advisory FreeBSD-SA-14:24.sshd [REVISED] 2014-11-06
FreeBSD Security Advisories (security-advisories freebsd org)

Insecure management of login credentials in PicsArt Photo Studio for Android [STIC-2014-0426] 2014-11-06
Programa STIC (stic fundacionsadosky org ar)

XCloner Wordpress/Joomla! backup Plugin v3.1.1 (Wordpress) v3.5.1 (Joomla!) Vulnerabilities 2014-11-06
Larry W. Cashdollar (larry0 me com)

ZTE ZXDSL 831 Multiple Cross Site Scripting 2014-11-06
habte yibelo gmail com

ZTE 831CII Multiple Vulnerablities 2014-11-06
habte yibelo gmail com

ZTE ZXDSL 831CII Direct Object Reference 2014-11-06
habte yibelo gmail com

CA20141103-01: Security Notice for CA Cloud Service Management 2014-11-06
Kotas, Kevin J (Kevin Kotas ca com)

[SECURITY] [DSA 3067-1] qemu-kvm security update 2014-11-06
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3066-1] qemu security update 2014-11-06
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3065-1] libxml-security-java security update 2014-11-06
Sebastien Delafond (seb debian org)

[CVE-2014-8338] Cross Site Scripting (XSS) vulnerability in videowhisper 2014-11-06
mdgh9 yahoo com

i-FTP Buffer Overflow SEH 2014-11-05
metacom27 gmail com

i.Mage Local Crash Poc 2014-11-05
metacom27 gmail com

SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection 2014-11-06
SEC Consult Vulnerability Lab (research sec-consult com)

Cisco RV Series multiple vulnerabilities 2014-11-06
Securify B.V. (lists securify nl)

[The ManageOwnage Series, part VI]: 0day database info and superuser credential disclosure in EventLog Analyser 2014-11-05
Pedro Ribeiro (pedrib gmail com)

i.Hex Local Crash Poc 2014-11-05
metacom27 gmail com

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Small Business RV Series Routers 2014-11-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)

ESA-2014-135: RSA® Web Threat Detection SQL Injection Vulnerability 2014-11-05
Security Alert (Security_Alert emc com)

WordPress Wordfence Firewall 5.1.2 Cross Site Scripting 2014-11-05
bhati contact gmail com

Arbitrary File Upload in HelpDEZk 2014-11-05
High-Tech Bridge Security Research (advisory htbridge com)

Two Reflected Cross-Site Scripting (XSS) Vulnerabilities in Forma Lms 2014-11-05
High-Tech Bridge Security Research (advisory htbridge com)

Wordpress bulletproof-security <=.51 multiple vulnerabilities 2014-11-05
Pietro Oliva (pietroliva gmail com)

CVE-2014-6616 Softing FG-100 Webui XSS 2014-11-05
Ingmar Rosenhagen (ingmar rosenhagen csnc de)

CVE-2014-6617 Softing FG-100 Backdoor Account 2014-11-05
Ingmar Rosenhagen (ingmar rosenhagen csnc de)

KL-001-2014-004 : VMWare vmx86.sys Arbitrary Kernel Read 2014-11-05
KoreLogic Disclosures (disclosures korelogic com)

FreeBSD Security Advisory FreeBSD-SA-14:26.ftp 2014-11-05
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-14:25.setlogin 2014-11-05
FreeBSD Security Advisories (security-advisories freebsd org)

Malware

RDN/Generic BackDoor!53BA2EED2CFD
RDN/Generic BackDoor!rk!D4A43FE2F61F
RDN/Generic.bfr!4E7A9B5491F1
RDN/Generic PUP.x!7034064E0C8C
Generic PUP.x!00DBCBE8558E
RDN/Generic.bfr!hw!B4CEB6CD7A85
Generic PUP.x!EF4651C00D5A
Generic PUP.x!F4E5063CCCD6
MultiPlug-FSH!FC1C00D40D21
RDN/YahLover.bfr!c!C1BCBB16CFEC
RDN/Generic PUP.x!2091A0627947
RDN/Generic PUP.x!F9AE42387356
RDN/Generic PUP.x!cpv!6A6832509096
RDN/Generic PUP.x!A1247904002D
RDN/Generic PUP.x!C710130A57FB
RDN/Generic PUP.x!6F5B12EAEA6B
MultiPlug-FSH!F7AEA47FEA3B
RDN/Generic BackDoor!b2n!13C84B531D90
MultiPlug-FSH!ED30767898A1
RDN/Generic PUP.x!9837156B41BE
RDN/Generic PUP.x!5F96171DEABD
RDN/Generic PUP.x!EF65A9DD8A58
RDN/Generic PUP.x!F9ED62A264D1
Generic PUP.x!C69EE71F1FA6
RDN/Generic PUP.x!cpv!7B830701B70A
RDN/Generic PUP.x!3B503988D563
RDN/Generic PUP.x!67E843E1C725
RDN/Generic PUP.x!9B34B1079CDF
RDN/Generic PUP.x!4B0F0C6BB720
RDN/Generic PUP.x!4F3C4C8D026D

Phishing

AMAZON.COM.AU	8th November 2014
Revision to Your Amazon.com.au Account

Vulnerebility

Exploit

Citrix NetScaler SOAP Handler Remote Code Execution

Belkin n750 jump login Parameter Buffer Overflow

Linux Local Root => 2.6.39 (32-bit & 64-bit) - Mempodipper #2

IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation

Windows TrackPopupMenu Win32k NULL Pointer Dereference

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Stored XSS Vulnerability

Drupal < 7.32 Pre Auth SQL Injection

MINIX 3.3.0 Local Denial of Service PoC

9.10.2014

Bugtraq

[security bulletin] HPSBMU03110 rev.1 - HP Sprinter, Remote Execution of Code 2014-10-08
security-alert hp com

[security bulletin] HPSBMU03127 rev.1 - HP Operations Manager for UNIX, Remote Code Execution 2014-10-08
security-alert hp com

[SECURITY] [DSA 3048-1] apt security update 2014-10-08
Thijs Kinkhorst (thijs debian org)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2014-10-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[Onapsis Security Advisory 2014-032] SAP BusinessObjects Persistent Cross Site Scripting 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-031] SAP Business Objects Information Disclosure via CORBA 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-029] SAP Business Objects Information Disclosure 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-030] SAP Business Objects Denial of Service via CORBA 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-027] SAP HANA Multiple Reflected Cross Site Scripting Vulnerabilities 2014-10-08
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-028] SAP HANA Web-based Development Workbench Code Injection 2014-10-08
Onapsis Research Labs (research onapsis com)

Two XSS in Contact Form DB WordPress plugin 2014-10-08
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in EWWW Image Optimizer WordPress Plugin 2014-10-08
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in Google Calendar Events WordPress Plugin 2014-10-08
High-Tech Bridge Security Research (advisory htbridge com)

[SECURITY] [DSA 3047-1] rsyslog security update 2014-10-08
Luciano Bello (luciano debian org)

Malware

Generic.tfr!1715C76BF414
RDN/Generic PUP.x!c2p!AA0FE7943C19
RDN/Generic PUP.x!c2p!89574B6ABF73
MultiPlug-FQW!147D7CF9FA31
RDN/Generic Dropper!vj!A2D133395EF0
Generic PUP.x!18461F0BD58F
RDN/Generic BackDoor!b2e!E34CE66EBDC8
Generic PUP.x!15A35161B1E0
RDN/Generic Downloader.x!BC02E3C81391
MultiPlug-FQW!78DB74984278
RDN/Generic PUP.x!92D947F01284
RDN/Generic PUP.x!2EE9751C294D
RDN/Generic.dx!dgc!970F0D7CED5D
MultiPlug-FQW!34EDE0F9E391
Generic PUP.x!0189948082D0
RDN/Generic PUP.x!c2p!D1AF7E5BF016
Generic Dropper!051E39446DB3
RDN/Generic Downloader.x!6CAD536B5306
RDN/Generic BackDoor!b2e!E427901B9DD7
RDN/YahLover.worm!bd!15786BA4420F
RDN/Generic PUP.x!CED1CCA74072
RDN/Generic Dropper!vj!4F680869ED18
MultiPlug-FQW!766349EC78F6
RDN/Generic PUP.x!8B5D6304D4A9
RDN/Generic PUP.x!c2p!A4390EDE5858
Generic PWS.y!E75350CEC4D3
RDN/Generic PUP.x!c2p!EAC71C0E0861
RDN/Generic PUP.x!c2p!A8E925DF477D
Generic Downloader.x!79B7CA61C02F
RDN/Generic PWS.y!bbj!4824E2738799

Phishing

Natwest	9th October 2014
NatWest Secure Activation Confirmation
Chase Online	9th October 2014
Verify Your Account

Vulnerebility

Exploit

Wordpress InfusionSoft Plugin Upload Vulnerability

Rejetto HttpFileServer Remote Command Execution

F5 iControl Remote Root Command Execution

Linux Kernel remount FUSE Exploit

BMC Track-It! - Multiple Vulnerabilities

DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities

Nessus Web UI 2.3.3 - Stored XSS

8.10.2014

Bugtraq

OWTF 1.0 "Lionheart" released! 2014-10-06
Abraham Aranguren (abraham aranguren owasp org)

Security advisory for Bugzilla 4.5.6, 4.4.6, 4.2.11, and 4.0.15 2014-10-06
dkl mozilla com

CA20141001-01: Security Notice for Bash Shellshock Vulnerability 2014-10-06
Williams, James K (Ken Williams ca com)

Multiple Vulnerabilities in Draytek Vigor 2130 2014-10-06
Erik-Paul Dittmer (epdittmer digitalmisfits com)

PayPal Inc Bug Bounty #53 - Multiple Persistent Vulnerabilities 2014-10-06
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #30 - Filter Bypass & Persistent Vulnerabilities 2014-10-06
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic BackDoor!b2d!A6E5EE456D96
Generic BackDoor!BBD17B5C81EA
RDN/Generic PUP.x!c2m!9C08A79B5445
RDN/Generic PUP.x!c2m!045D129AAC8A
Generic PUP.x!FA05ED28873A
Generic PUP.x!9D85176AEC0B
Generic PUP.x!C1A0A23B36EA
RDN/Generic.bfr!29E90097C981
RDN/Generic PUP.x!DA4A4F1D70E4
RDN/Generic PUP.x!c2m!AD76E2853B18
RDN/Generic.bfr!hs!BB89DA673353
RDN/Generic PUP.x!97D22CCB9485
RDN/Generic Dropper!vi!98C1595083B5
RDN/Generic.bfr!hs!AFB8BB49B823
RDN/Generic BackDoor!2AC7ACB21151
RDN/Generic PUP.x!c2m!202125C7C7A8
RDN/Generic.bfr!hs!FE5713E831AF
Generic.dx!1584676FD155
RDN/Generic Dropper!vi!64B92F10158C
Generic Dropper!98EA33E2CDFD
RDN/Generic Dropper!AB0B0F62FA57
RDN/Generic.bfr!617EF7B58A2C
Generic.tfr!48B80FF03562
RDN/Generic PUP.x!c2m!379DBBF74E5C
RDN/Generic BackDoor!b2d!2E4A64BA2D10
RDN/Generic PUP.x!c2m!15F95766298C
RDN/Generic PUP.x!c2m!703F1BAA8C6B
RDN/Generic.tfr!ed!736FF5FB294D
RDN/Generic PUP.x!2617B4FCE46F
Generic.bfr!21CFBDCE784A

Phishing

no-reply@bt.com	7th October 2014
Account Verification
NatWest	7th October 2014
NatWest YourPoints Online
E-ZPass Customer Service Cente	7th October 2014
Indebtedness for driving on toll road
Account	6th October 2014
NOTICE:UPDATE YOUR INFORMATION
Dun & BradStreet	6th October 2014
FW: Case - 6393394696

Vulnerebility

Exploit

Asx to Mp3 2.7.5 - Stack Overflow

7.10.2014

Bugtraq

[SECURITY] [DSA 3046-1] mediawiki security update 2014-10-05
Salvatore Bonaccorso (carnil debian org)

Malware

PUP-FMK!2F218975826E
PUP-FMK!029CCAB6569C
Generic Downloader.x!F77D362082C1
RDN/Generic PUP.x!0011BF22D66C
MultiPlug-FQW!E7351D4BC208
PUP-FMK!BCA3D65CB17C
PUP-FMK!67076CEA7629
PUP-FMK!58969671BF50
RDN/Generic.bfr!hs!5554CA6BA99C
RDN/Generic.bfr!B6A04A798D5B
RDN/Generic.dx!dgb!6B774BEA33D2
RDN/Generic.tfr!ed!6906F155B8EC
PUP-FMK!0E6263B69EDA
PUP-FMK!6E93CE76F4A2
RDN/Generic.bfr!hs!B6A04A798D5B
PUP-FMS!EAFB42D5B89A
Generic PUP.x!00CE66ED87ED
RDN/Generic.bfr!hs!80FDB733C5F2
MultiPlug-FQW!D24B5AE91B2A
MultiPlug-FQW!42A538D69465
RDN/Generic BackDoor!8B57F53EF2F1
RDN/Generic.bfr!hs!E68D82ABD118
RDN/Generic PUP.x!0DE9A77000C3
Generic PUP.x!4D60D8DC2380
RDN/Generic PUP.x!003B95B2F6C6
MultiPlug-FQW!7DABDC9149AA
MultiPlug-FQW!0DB61BA6D2D3
RDN/Generic PUP.x!583D85840F93
RDN/Generic PUP.x!c2k!C2E8E5AE5809
RDN/Generic.dx!dgb!6EF3CDDDE2D0

Phishing

Account	6th October 2014
NOTICE:UPDATE YOUR INFORMATION
Dun & BradStreet	6th October 2014
FW: Case - 6393394696
PayPal	6th October 2014
Your Account is Limited !
Halifax UK	6th October 2014
Halifax Online Banking SecureForm.
PayPal	6th October 2014
Security Measure

Vulnerebility

Exploit

6.10.2014

Bugtraq

[SECURITY] [DSA 3045-1] qemu security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3046-1] mediawiki security update 2014-10-05
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3044-1] qemu-kvm security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3042-1] exuberant-ctags security update 2014-10-04
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic PUP.x!DD9B5DAA1F08
RDN/Downloader.a!tl!2E12C5EFE738
RDN/Generic.tfr!ed!D2143D5457E7
RDN/Generic.dx!dg3!0AFC5FADAFDF
RDN/Generic.bfr!hs!84A57FBE4098
RDN/Generic PUP.x!c2i!5C76A69B7978
RDN/DNSChanger.bfr!d!5C0381600E5D
RDN/Generic.dx!dg3!BB3EB3D7F24B
Generic PUP.x!51634A2B0BCD
RDN/DNSChanger.bfr!d!2949C8721183
RDN/DNSChanger.bfr!d!E8D4382B2A34
RDN/PWS-Mmorpg.gen!37168FCED0BF
RDN/Generic PWS.y!bb3!FD3072619AF6
Generic PUP.x!ED3ABE79CDA9
Generic PUP.x!20F65FFE3324
RDN/Generic PUP.x!CFB02A2F2A49
RDN/Generic.dx!dg3!5A32D3C65223
RDN/Downloader.a!tl!1E08A8034DB7
Generic Downloader.x!CAC0C16AC2F0
RDN/Generic PUP.x!c2i!B4800B6D913F
RDN/Generic.bfr!BE8656A8046E
RDN/Generic.bfr!hs!AB8A3DB2596A
RDN/Generic.dx!dg3!D6A4D106DDD2
RDN/Generic.dx!dg3!11563BD7E0B0
RDN/Generic.bfr!A65091F3961A
RDN/Generic Downloader.x!lc!EF75FE4F30EF
RDN/Generic PUP.x!c2i!D40B3A89D19E
RDN/Generic PWS.y!bb3!AE7421D7D1E6
RDN/Sdbot.worm!cb!40F81B74B6B5
RDN/Generic PUP.x!c2i!8ABDA107250E

Phishing

PayPal	6th October 2014
Security Measure

Vulnerebility

Exploit

Postfix SMTP - Shellshock Exploit

Apache mod_cgi - Remote Exploit (Shellshock)

Bash - CGI RCE (MSF) Shellshock Exploit

AutoWeb 3.0 - (noticias.php id_cat) SQL Injection Exploit

4.10.2014

Bugtraq

[security bulletin] HPSBHF03124 rev.1 - HP Thin Clients running Bash, Remote Execution of Code 2014-10-03
security-alert hp com

PayPal Inc Bug Bounty Issue #70 France - Persistent (Escape Shopping) Mail Vulnerability 2014-10-03
Vulnerability Lab (research vulnerability-lab com)

HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability 2014-10-03
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic PUP.x!c2h!9964B78F2FE2
Generic PUP.x!2CC475DA3312
RDN/Generic.dx!dfz!BFFFBBB9A3F6
RDN/Autorun.worm!dm!A8FFF76CDF07
RDN/Generic Downloader.x!lc!A8F76130BF79
RDN/Generic.dx!dfz!A8BB0DFC284B
Generic Downloader.x!C30454F3132A
RDN/Generic PUP.x!188701D0F4F9
RDN/Generic PWS.y!0B31DB8353AA
RDN/Generic PUP.x!c2h!C2E1E344313F
RDN/Downloader.a!tl!C2D3F33E43C6
RDN/Downloader.a!tl!C2D26C26446A
RDN/Downloader.a!tl!C2C1B1C96667
RDN/Generic PUP.x!c2h!E03E04DAB267
RDN/Generic.bfr!hs!D6DEF94FF064
RDN/Generic PUP.x!C80C016BF30B
W32/Virus.gen!7F1A038D1464
W32/Sality.gen!0323E943A80B
Generic PUP.x!691B663C872D
Generic PUP.x!5A41C6A2C66C
Generic.bfr!B7E1B3CEA37B
RDN/Generic PUP.x!43A30C12480B
RDN/Generic PUP.x!2A74E54A6BDD
Generic PUP.x!45A0D344D5F9
Generic PUP.x!C88167B3BA2A
Generic PUP.x!B1E07A40B5E7
RDN/Generic PUP.x!c2h!BF123E880141
Generic.bfr!7A91B76599CB
W32/Sality.gen!74A57025FAD5
RDN/Generic BackDoor!b2b!F516EB22C48A

Phishing

Paypal Inc	4th October 2014
YOUR ACCOUNT WILL BE LIMITED !
Paypal Help	4th October 2014
PAYPAL : UPDATE YOUR PAYPAL ACCOUNT ! âœ”
PayPal	4th October 2014
[PAYPAL] : UPDATE YOUR PAYPAL ACCOUNT ! âœ”
Paypal.Inc	4th October 2014
YOUR ACCOUNT HAS LIMITATION! YOU CAN RESOLVE THIS NOW.?
PayPal	4th October 2014
Account Suspended

Vulnerebility

Exploit

3.10.2014

Bugtraq

[ MDVSA-2014:195 ] libvirt 2014-10-03
security mandriva com

[security bulletin] HPSBMU02895 SSRT101253 rev.3 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code 2014-10-02
security-alert hp com

[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2014-10-02
security-alert hp com

Ultra Electronics / AEP Networks - SSL VPN (Netilla / Series A / Ultra Protect) Vulnerabilities 2014-10-02
Patrick Webster (patrick osisecurity com au)

[security bulletin] HPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution 2014-10-01
security-alert hp com

[ MDVSA-2014:194 ] phpmyadmin 2014-10-03
security mandriva com

Elasticsearch vulnerability CVE-2014-6439 2014-10-02
Jordan Sissel (jordan sissel elasticsearch com)

Malware

Generic PUP.x!52C1A906E781
Generic PUP.x!51BE26245F83
Generic PUP.x!53CBB4CB70BC
Generic PUP.x!54DA64B562F5
RDN/Generic PUP.x!c2f!54E05A203165
Generic PUP.z!52EC75639A69
RDN/Generic Downloader.x!lc!57E21B5B733B
Generic PUP.x!5185C59E1736
RDN/Generic Downloader.x!lc!54FD5B4358E9
RDN/Generic.bfr!55FB6858CAD5
RDN/Generic Downloader.x!lc!55B00BFF1C7A
RDN/Generic.dx!dfz!566E7D17FE51
Generic PUP.x!5274D807B402
Generic PUP.x!55825DF93872
RDN/Generic.bfr!hs!50F5C164E1A2
Generic PUP.x!56CC85EF7591
RDN/Generic.dx!dfz!53B406EEDF8E
RDN/Generic.dx!dfz!53844C48AEB2
RDN/Generic.bfr!54530D6295C5
Generic PUP.x!51B929AC8DCE
RDN/Generic BackDoor!b2b!5421ECA29BA8
Generic PUP.x!4F9A14ED4674
RDN/Generic.dx!52A511B7E971
Generic.bfr!5336AC7C99BC
RDN/Generic PWS.y!bbg!5160010240B2
RDN/Generic Downloader.x!lc!507F125364B7
Generic PUP.x!49FEFD6E0BDE
RDN/Generic.bfr!hs!50A61E31E20C
Generic PUP.x!521C513CAA2E
RDN/Generic.dx!dfz!4F2414829594

Phishing

Paypal Inc	2nd October 2014
YOUR ACCOUNT WILL BE LIMITED !

Vulnerebility

Exploit

2.10.2014

Bugtraq

[SECURITY] [DSA 3041-1] xen security update 2014-10-01
Moritz Muehlenhoff (jmm debian org)

Reflected Cross-Site Scripting (XSS) in Textpattern 2014-10-01
High-Tech Bridge Security Research (advisory htbridge com)

Cross-Site Scripting (XSS) in Photo Gallery WordPress plugin 2014-10-01
High-Tech Bridge Security Research (advisory htbridge com)

FreePBX (All Versions) RCE 2014-10-01
rob thomas schmoozecom com

NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities 2014-10-01
VMware Security Response Center (security vmware com)

[security bulletin] HPSBHF03119 rev.1 - HP DreamColor Display running Bash Shell, Remote Code Execution 2014-10-01
security-alert hp com

[SECURITY] [DSA 3040-1] rsyslog security update 2014-09-30
Luciano Bello (luciano debian org)

Malware

Generic Downloader.x!91B14B967DD3
Generic PUP.x!15C5A3EF3DE3
Generic.bfr!432180388155
Generic.dx!27620747E668
RDN/Spybot.bfr!n!5E23DA9E75F0
Generic Downloader.x!76431649CAFA
RDN/Generic PWS.y!bbf!5596879AC298
RDN/Generic.bfr!hs!AADAF7941CE9
Generic PUP.x!9AE3200A5329
RDN/PWS-Mmorpg!mh!41D2C78A1EE5
RDN/Spybot.bfr!n!6B1D2F768778
RDN/Generic Dropper!vh!DFB5BA034E9E
RDN/Spybot.bfr!1D5448452A7A
RDN/Spybot.bfr!62D008711AE1
RDN/Spybot.bfr!AB9C87511C9F
RDN/Generic BackDoor!b2b!9095AA6D11A4
RDN/Generic.dx!df3!902F5E576DE6
RDN/Generic Downloader.x!la!884100F78D31
RDN/Ransom!ek!501F42A5DEED
BackDoor-FAJ!15BACEFCD98A
Generic PUP.x!47B7895C349B
RDN/Generic.bfr!8D32EA888C5C
RDN/Generic Dropper!vh!095BF0E5BC7D
Generic PUP.x!91C2866C46E1
Generic.dx!911B87AD568A
RDN/Ransom!ek!BB8FD766348F
RDN/Autorun.worm!dm!8FCB9DB26327
RDN/Autorun.worm!dm!8ED6B07BCD88
RDN/Generic.dx!df3!DA26C1B6428E
RDN/Generic PWS.y!bbf!5F46F598CC97

Phishing

Vulnerebility

Exploit

Kolibri Webserver 2.0 Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass

GNU bash 4.3.11 Environment Variable dhclient Exploit

Pure-FTPd External Authentication Bash Environment Variable Code Injection

HP Network Node Manager I PMD Buffer Overflow

ManageEngine OpManager / Social IT Arbitrary File Upload

HTTP File Server 2.3a, 2.3b, 2.3c - Remote Command Execution

All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability

RBS Change Complet Open Source 3.6.8 - CSRF Vulnerability

PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution

TestLink 1.9.11 - Multiple SQL Injection Vulnerabilities

Epicor Enterprise 7.4 - Multiple Vulnerabilities

Moab < 7.2.9 - Authorization Bypass

TeamSpeak Client 3.0.14 - Buffer Overflow Vulnerability

1.10.2014

Bugtraq

London DEFCON - September 30th 2014 2014-09-30
Major Malfunction (majormal pirate-radio org)

[slackware-security] bash (SSA:2014-272-01) 2014-09-29
Slackware Security Team (security slackware com)

Malware

RDN/Generic FakeAlert!fe!91ACCED88EC4
Generic PUP.x!165FCB5E97B0
RDN/Downloader.a!tl!47D0AD41F5AB
Generic PUP.x!8DE422768627
RDN/Ransom!ek!FCE8A87FF1BB
RDN/Generic PUP.x!A27E4A674CB8
RDN/Generic.dx!df3!A0ADFEF1DEE6
RDN/Generic PUP.x!c2b!A0610BD60EB9
RDN/Generic PUP.x!c2b!281488DEB6EE
RDN/Generic.tfr!ed!BAAB1F3F8329
Generic PUP.x!D8DFB01D2F04
RDN/Generic.dx!df3!A03839463A9B
RDN/Generic.grp!55D74D8FF0ED
RDN/Generic.dx!df3!242831B991BB
RDN/Generic PWS.y!bbf!DE2DA82F410B
Generic Downloader.x!D2173B0911B4
RDN/Generic.dx!df3!07DF1E790A95
RDN/YahLover.worm!u!DFD93FE1D70C
RDN/Generic.dx!D77DE4696FAF
RDN/Generic.bfr!hs!D2D6D550BC16
RDN/Generic.bfr!hs!F5344F4CC8F8
RDN/Generic BackDoor!b2b!D70D03F2E9D6
RDN/Autorun.bfr!d!BB6AC2AD74F2
RDN/Generic Dropper!vh!7B9DEB304D66
Trojan-FAUE!E49A113A2800
RDN/Generic.bfr!hs!4F358BB80348
RDN/Generic.dx!df3!02BFB2EE9ED9
RDN/Generic BackDoor!b2b!C9A2D2BC7116
Generic PWS.y!006B817BA13F
RDN/Generic BackDoor!b2b!E3CF23CAED95

Phishing

Vulnerebility

Exploit

30.9.2014

Bugtraq

Moab Authentication Bypass (insecure message signing) [CVE-2014-5376] 2014-09-29
john fitzpatrick mwrinfosecurity com

Moab User Impersonation [CVE-2014-5375] 2014-09-29
john fitzpatrick mwrinfosecurity com

Moab Authentication Bypass [CVE-2014-5300] 2014-09-29
john fitzpatrick mwrinfosecurity com

[slackware-security] mozilla-firefox (SSA:2014-271-01) 2014-09-29
Slackware Security Team (security slackware com)

[The ManageOwnage Series, part V]: RCE / file upload / arbitrary file deletion in OpManager, Social IT and IT360 2014-09-27
Pedro Ribeiro (pedrib gmail com)

Malware

Generic PUP.x!4259AC93E310
RDN/Generic BackDoor!b2a!423A0C05F700
Generic PUP.x!41861CA2DD3E
Generic PUP.x!41320CDCDD9D
RDN/Generic BackDoor!b2a!401C87402E41
Generic PUP.x!404A2480FC05
RDN/Spybot.bfr!n!C1064CE985A9
RDN/Generic PUP.x!cnz!96C8B548547C
RDN/DNSChanger.bfr!d!96BE64AB6B48
Generic PUP.x!9684124BFA52
RDN/YahLover.worm!FFCD4B330607
RDN/Generic.dx!df3!A0A88A90DE40
RDN/Spybot.bfr!6F2F76BF6B5E
Generic PUP.x!331DE5886CFB
RDN/Generic Dropper!vh!2B87A45B9E4A
RDN/Generic BackDoor!b2a!36A21B2A9BC4
RDN/Spybot.bfr!C3130A742BE9
RDN/Generic PUP.x!cnz!9CAE837AA884
Generic PUP.x!2E8A270EDC33
Generic PUP.x!4A425B5DF504
Generic PUP.x!24DF01A1C821
Generic PUP.x!682AB5CD1A56
Generic PUP.x!09ACAE7FAD31
RDN/Generic PUP.x!cnz!12DA5505939C
Generic PUP.x!09D64E8FC6AD
Generic PUP.x!4785A4A37F5D
Generic PUP.x!DB981CE6541C
Generic PUP.x!3DABBAD83C41
Generic PUP.x!373EC41B9233
Generic PUP.x!37438A3D16D6

Phishing

Paypal.inc	29th September 2014
NOTICE OF POLICY UPDATES
Tesco Credit Card	28th September 2014
Win A Free Tesco Voucher

Vulnerebility

Exploit

29.9.2014

Bugtraq

[SECURITY] [DSA 3039-1] chromium-browser security update 2014-09-28
Michael Gilbert (mgilbert debian org)

Hands-on Mobile (Android & iOS) + ARM Exploitation Training at Toorcon 2014-09-27
Aditya Gupta (adi0x90 gmail com)

WorldCIST 2015 - 3rd World Conference on Information Systems and Technologies 2014-09-27
ML (marialemos72 gmail com)

Malware

RDN/Generic.dx!df3!37CEC03CD0E8
PUP-FMH!9A3B2295E20B
RDN/Generic Dropper!8EA8A248DC69
RDN/Generic PUP.x!cnz!9639ADD3933B
PUP-FMK!9A3D74C33071
iBryte!9A3D23BDCEA4
PUP-FLT!9A3D6D057CA2
PUP-FIC!9A3C51024E74
Generic PWS.y!E0B0D8817DF7
Generic PUP.x!7D26A223361A
PUP-FMU!9A3A4A29FFFF
PUP-FLT!9A39EBEF850A
RDN/Spybot.bfr!n!AFC9017456C5
PUP-FMK!9A39AFF43FBB
Generic Downloader.x!0B65EFF2AB60
Generic Downloader.x!4DF20D6B82D0
PUP-FHQ!9A3818B0DA20
RDN/Generic PUP.x!cnz!139E23B72501
PUP-FHQ!9A391E622383
PUP-FLN!9A3704954742
iBryte!9A33D83E17E1
CryptDomaIQ!9A303BDCFB7C
MultiPlug!9A2DDC4A929F
PUP-FLN!9A295E4BB4A1
PUP-FHQ!9A2EAB1D4EF0
MultiPlug!9A23B8F86C64
Midia!9A2B6E8C2C20
PUP-FLN!9A2282ACC367
SoftDropper!9A21F16FC93B
iBryte!9A1F5C649587

Phishing

Paypal.inc	29th September 2014
NOTICE OF POLICY UPDATES
Tesco Credit Card	28th September 2014
Win A Free Tesco Voucher
PayPal	27th September 2014
[PAYPAL] : UPDATE YOUR PAYPAL ACCOUNT !! âœ”
Natwest	27th September 2014
Last notice regarding your account.
E-ZPass Service Center	27th September 2014
INDEBTEDNESS FOR DRIVING ON TOLL ROAD

Vulnerebility

Exploit

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.0 Bypass (MS12-037)

Microsoft Exchange IIS HTTP Internal IP Address Disclosure

OpenFiler 2.99.1 - CSRF Vulnerability

GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability

26.9.2014

Bugtraq

SmarterTools Smarter Track 6-10 - Information Disclosure Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

Oracle Corporation MyOracle - Persistent Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #16 - Persistent Mail Encoding Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #32 - Multiple Persistent Vulnerabilities 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability 2014-09-26
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:190 ] bash 2014-09-26
security mandriva com

[slackware-security] bash (SSA:2014-268-01) 2014-09-25
Slackware Security Team (security slackware com)

[SECURITY] [DSA 3036-1] mediawiki security update 2014-09-26
Thijs Kinkhorst (thijs debian org)

[SECURITY] [DSA 3035-1] bash security update 2014-09-25
Salvatore Bonaccorso (carnil debian org)

Cisco Security Advisory: GNU Bash Environmental Variable Command Injection Vulnerability 2014-09-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[slackware-security] bash (rebuild for Slackware 13.0 only) (SSA:2014-268-02) 2014-09-25
Slackware Security Team (security slackware com)

[slackware-security] bash (SSA:2014-267-01) 2014-09-24
Slackware Security Team (security slackware com)

[oCERT-2014-007] libvncserver multiple issues 2014-09-25
Andrea Barisani (lcars ocert org)

Malware

PUP-FMU!9073DA400D01
Generic PUP.x!0B0EC1675C6A
Generic PUP.x!2F40DB35B9BA
PUP-FMU!9073D956919E
MultiPlug!90717E75E8DE
PUP-FLN!9071D20DC8D5
Generic PUP.x!308A6FCACC4A
Generic PUP.x!3954FC148F61
iBryte!907AA4F594F5
Downloader.gen.a!33CBD18917DF
PUP-FLN!90746C879E96
PUP-FLN!906C07C07175
RDN/Generic Downloader.x!la!121ECBD3DE9F
RDN/Generic PUP.x!cnt!28F4A167AD8A
Generic PUP.x!30C0F778F48D
RDN/Generic BackDoor!zz!3884ED3E06E0
RDN/Generic.bfr!hs!23BDAE8EB2CD
iBryte!906F27C124BD
RDN/Generic BackDoor!zz!D9106D08BC03
BackDoor-FAUP!B1321B21E39D
PUP-FMK!907B46ADFBA0
RDN/Generic BackDoor!zz!DE8EFCC8DBFD
RDN/Generic.dx!dfv!6C6D287996D0
RDN/Generic BackDoor!zz!C850FD8E8008
RDN/Generic.dx!dfv!24C1CA47B4BC
PUP-FHQ!906C4600EF41
Generic PUP.x!3910D13767F7
RDN/Generic BackDoor!zz!7C00386DDA8C
Generic PUP.x!A411D1377230
Generic PUP.x!15FBF03A282A

Phishing

USAA	26th September 2014
USAA ACCESS
NATWEST	25th September 2014
Activate Your Natwest Account
Paypal Service	25th September 2014
YOUR ACCOUNT WILL BE LIMITED , UNTIL WE HERE FROM YOU .TO UPDATE YOUR INFO

Vulnerebility

Exploit

25.9.2014

Bugtraq

Malware

Generic PUP.x!3468D6469DD2
Generic PUP.x!33C02FB82FB5
Generic PUP.x!32BDB8F8FF95
Generic PUP.x!7E7975B5AA06
Generic PUP.x!3278E7102DF9
RDN/Generic PUP.x!6EB51997FFF9
RDN/Generic PUP.x!cnq!D024EF258852
RDN/Downloader.a!ti!AA876C064952
RDN/Generic PUP.x!cnq!2EF7525B77AC
RDN/Generic PUP.x!cnq!0AFBDF6DB9BD
RDN/Generic Downloader.x!la!348C8E09F697
RDN/Downloader.a!ti!AFD76B7814B1
Downloader.gen.a!368782188826
Generic PUP.x!B7489C30E26D
Generic PUP.x!2F7DA9AB1BFD
Generic PUP.x!24989C3CC516
RDN/Generic PUP.x!cnq!D3626ECF7C78
RDN/Generic PUP.x!cnq!2C8F941AC167
Generic PUP.x!35571782C2AF
RDN/Generic PUP.x!cnq!BB215EA77B06
Generic PUP.x!30F6B93F22F1
RDN/Generic.bfr!28CB746C4BD5
Generic PUP.x!2F6DBB3760B2
Generic PUP.x!83B179F1BF7C
Generic PUP.x!39AC53C34C49
RDN/Generic.bfr!hs!28CB746C4BD5
RDN/Generic PUP.x!8AF35DD42ABF
Downloader.gen.a!D31AAF367077
Generic PUP.x!78F39A86F59A
RDN/Generic.bfr!hs!D0280E33A251

Phishing

Service Paypal	24th September 2014
YOUR ACCOUNT HAS BEEN LIMITED !
Natwest Bank Plc	24th September 2014
Natwest: Review Your Message
Natwest	24th September 2014
Activate Your Natwest Account

Vulnerebility

Exploit

GNU bash Environment Variable Command Injection

Bash Environment Variables Code Injection Exploit

EMC AlphaStor Device Manager Opcode 0x75 Command Injection

Advantech WebAccess dvs.ocx GetColor Buffer Overflow

Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities

OsClass 3.4.1 (index.php, file param) - Local File Inclusion

Cart Engine 3.0 - Multiple Vulnerabilities

24.9.2014

Bugtraq

Glype proxy local address filter bypass 2014-09-22
Securify B.V. (lists securify nl)

[security bulletin] HPSBPI03107 rev.1 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access 2014-09-22
security-alert hp com

Glype proxy privacy settings can be disabled via CSRF 2014-09-22
Securify B.V. (lists securify nl)

Glype proxy cookie jar path traversal allows code execution 2014-09-22
Securify B.V. (lists securify nl)

[ MDVSA-2014:180 ] gnupg 2014-09-22
security mandriva com

Malware

PUP-FNL!552FE7216F70
RDN/Generic.bfr!8A512B7C74BA
RDN/Generic PUP.x!cnp!B2968A96A192
RDN/Generic PUP.x!cnp!1F4AA336D919
RDN/Generic PUP.x!cnp!05373CD3FEEE
RDN/Generic PUP.x!cnp!078A1CED3BBB
Generic PUP.x!91844DAAA314
Generic PUP.x!C51139D5C2BC
RDN/Generic PUP.x!cnp!1F692AEFA280
Generic PUP.x!2ACDF24AFD73
Generic PUP.x!14EBD47D7BC3
Generic PUP.x!DBB6B487A63A
RDN/Generic PUP.x!cnp!A3221796A439
PUP-FNL!6B49A13255BD
Generic PUP.x!2318C07CF44A
Generic.bfr!D98D7A8D0EBD
RDN/Generic PUP.x!cnp!12906963C9D3
Generic PUP.x!1FD1AAC7B928
PUP-FNL!DC039EBDF8DA
RDN/Generic BackDoor!zy!B62ED9989323
PUP-FNL!C454FB97340A
PUP-FNL!AF3C031AB9D2
RDN/Generic PUP.x!cnp!2E76503C2D31
Generic PUP.x!E4C3A651968A
Generic PUP.x!8C3B6DFC4142
Generic PUP.x!75017FE64C95
Generic PUP.x!51DC408CBA6B
Generic PUP.x!5ABF1DDF15C3
RDN/Generic PUP.x!cnp!94F1341D575D
RDN/Generic PUP.x!cnp!34B51CFE1CDE

Phishing

iTunes	23rd September 2014
ITUNES ACCOUNT WAS BEEN FROZEN
Pay.Pal Inc	23rd September 2014
YOUR ACCOUNT IS NOW LOCKED, YOU HAVE TO UPDATE YOUR INFORMATION

Vulnerebility

Exploit

ZyXEL Prestig P-660HNU-T1 ISP Credentials Disclosure

Onlineon E-Ticaret Database Disclosure Exploit

Joomla Face Gallery 1.0 - Multiple vulnerabilities

Joomla Mac Gallery 1.5 - Arbitrary File Download

LittleSite 0.1 'file' Parameter Local File Include Vulnerability

WS10 Data Server SCADA Exploit Overflow PoC

23.9.2014

Bugtraq

Malware

PUP-FHQ!82BFF84ECB4C
Generic PUP.x!F4A939528BAB
Generic PUP.x!FB1D2B5DD44E
Generic PUP.x!DF78B204FB36
Generic PUP.x!A1C6D3E7287C
Generic PUP.x!F8E16FF43E7E
Generic PUP.x!12C32FCC2CD5
Generic PUP.x!485B7F1245AE
Generic PUP.x!BC41DB953C0B
Generic.bfr!D5A6C41B68CE
Generic PUP.x!0D2EB688E0A9
Generic PUP.x!E958BABC09C3
Generic PUP.x!EADA679A8295
Generic PUP.x!24AFFD286FDB
Generic PUP.x!BD125AF56CFA
Generic PUP.x!0296C3D5442B
Generic PUP.x!D38C567B76F6
Generic PUP.x!51099C6B531A
Generic PUP.x!E5CDEBA015E8
RDN/Generic BackDoor!zx!E46AC2E58EE7
Midia!82BFC5AE6B91
Generic PUP.x!F2735C2ED6E8
Generic PUP.x!D2DECF423B5D
Generic PUP.x!E4BAF2D51993
Generic PUP.x!E19CAB882805
Generic PUP.x!DF064BFFEBE6
Generic.dx!59A8E0740021
Generic PUP.x!DECBA8C6F115
Generic PUP.x!DE0D023DB797
Generic PUP.x!ED5B8B65DA66

Phishing

Pay.Pal Inc	23rd September 2014
YOUR ACCOUNT IS NOW LOCKED, YOU HAVE TO UPDATE YOUR INFORMATION
Apple Support	22nd September 2014
WARNING ACCOUNT DISABLED

Vulnerebility

Exploit

LittleSite 0.1 'file' Parameter Local File Include Vulnerability

22.9.2014

Bugtraq

TP-LINK WDR4300 - Stored XSS & DoS 2014-09-21
ozelisyan gmail com

Strength and Weakness of Methods to Confirm SSH Host Key 2014-09-22
John Leo (johnleo checkssh com)

[SECURITY] [DSA 3030-1] mantis security update 2014-09-20
Moritz Muehlenhoff (jmm debian org)

CVE-2014-5516 CSRF protection bypass in "KonaKart" Java eCommerce product 2014-09-20
Christian Schneider (mail Christian-Schneider net)

[SECURITY] [DSA 3029-1] nginx security update 2014-09-20
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3025-2] apt regression update 2014-09-18
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!D439688CE220
Generic PUP.x!925229B36035
Generic PUP.x!48834C474B72
Generic PUP.x!6F018DA23DEA
Generic PUP.x!E9EE75D24D52
RDN/Generic PUP.x!cnn!B39BB440970E
RDN/Generic PUP.x!25E66595D9E1
Generic PUP.x!59FB3C30596B
RDN/Generic PUP.x!88CAC4302C68
Generic PUP.x!57A374F328BF
Generic PUP.x!590C4AB489CB
Generic PUP.x!0CCA3A6CC33A
Generic PUP.x!42EF3656EC27
RDN/Generic PUP.x!CAAF2948A411
RDN/Generic PUP.x!F61631C712F4
RDN/Generic PUP.x!D170B2F5A2D3
RDN/Generic PUP.x!4179CB2002A0
Downloader.gen.a!4AE9451E802C
Generic PUP.x!A44822C0E471
RDN/Generic PUP.x!49F2A6088C1D
RDN/Generic PUP.x!6784B4CB9855
RDN/Generic PUP.x!F6E74DB6C0A6
RDN/Generic PUP.x!BDAAB6F0049C
Generic PUP.x!D95B00D5F264
Generic PUP.x!96265C3AC125
Generic PUP.x!571DB3DF3159
iBryte!81D46AA9E72C
RDN/Generic.bfr!hs!1AF343800DAF
RDN/Generic PUP.x!21D4307440AF
RDN/Generic.dx!dfq!9F8138C7A436

Phishing

Pay.Pal Inc	22nd September 2014
YOUR ACCOUNT IS NOW LOCKED, YOU HAVE TO UPDATE YOUR INFORMATION
USAA	21st September 2014
Important Message from USAA Online Security
PayPal	20th September 2014
Your Account is Limited

Vulnerebility

Exploit

20.9.2014

Bugtraq

Malware

RDN/Generic Downloader.x!kz!051398B2779B
RDN/Generic PUP.x!cnk!CC7F9174424A
RDN/Generic PWS.y!bbd!8EF2750F6F44
Generic PUP.x!9F63F8ECBC6A
RDN/Generic.bfr!2D3F3CE26704
RDN/Generic PUP.x!cnk!292ADFCDAA72
Generic PUP.x!F1F61C7761A1
Generic PUP.x!9269FC12E583
Generic PUP.x!8E2B99EDF1AC
Generic PUP.x!8EB05008256E
Generic PUP.x!7B0F2EAB0471
RDN/Generic PUP.x!cnk!1B798BF0B147
RDN/Generic PUP.x!509FDA5C4E8E
Generic FakeAlert!8F6616BAFCD3
RDN/Generic PUP.x!cnk!AF573CDAF35F
RDN/Generic PUP.x!cnk!5C576AA08513
RDN/Generic PUP.x!cnk!76B470619E75
RDN/Generic PUP.x!cnk!AC159211F2F4
RDN/Generic PUP.x!cnk!3D4453209870
RDN/Generic PUP.x!cnk!A2AF95FBF814
RDN/Generic PUP.x!cnk!B9DBB78E13A7
RDN/Downloader.a!tf!BE675036180E
Generic PUP.x!8A9D1BDBD202
RDN/Spybot.bfr!75B706655E26
Generic.dx!7C4817BBDFAC
RDN/Generic PUP.x!cnk!1EFF4C17A151
RDN/Generic PUP.x!cnk!9B748984F16E
RDN/Generic.bfr!hs!C5B3A9C7CE43
RDN/Generic PUP.x!cnk!215D2E0FCE7E
RDN/Generic PUP.x!cnk!F6E85D095C47

Phishing

Lloyds Bank Lloyds+Tb6eUqG@smt	19th September 2014
ALERT - ONLINE BANKING SUSPENDED
Pay.Pal Inc	19th September 2014
YOUR ACCOUNT IS NOW LOCKED, YOU HAVE TO UPDATE YOUR INFORMATION

Vulnerebility

Exploit

Livefyre LiveComments Plugin - Stored XSS

ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities

Seafile-server <= 3.1.5 - Remote DoS

19.9.2014

Bugtraq

[SECURITY] [DSA 3025-2] apt regression update 2014-09-18
Salvatore Bonaccorso (carnil debian org)

AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations 2014-09-18
Asterisk Security Team (security asterisk org)

AST-2014-009: Remote crash based on malformed SIP subscription requests 2014-09-18
Asterisk Security Team (security asterisk org)

CVE ID Syntax Change - Deadline Approaching 2014-09-18
Christey, Steven M. (coley mitre org)

Oracle Corporation MyOracle - Persistent Vulnerability 2014-09-18
Vulnerability Lab (research vulnerability-lab com)

Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw 2014-09-18
VSR Advisories (advisories vsecurity com)

APPLE-SA-2014-09-17-6 OS X Server 2.2.3 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-5 OS X Server 3.2.1 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

CVE ID Syntax Change - Deadline Approaching 2014-09-17
Christey, Steven M. (coley mitre org)

APPLE-SA-2014-09-17-7 Xcode 6.0.1 2014-09-18
Apple Product Security (product-security-noreply lists apple com)

Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw 2014-09-18
VSR Advisories (advisories vsecurity com)

[SECURITY] [DSA 3028-1] icedove security update 2014-09-17
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!AED7DFEE2A8B
PUP-FHQ!7A32C39C9A9F
PUP-FLN!7A32BCD1CD27
Generic PUP.x!B085222EE39E
RDN/Generic.bfr!hs!E6A20314BA60
Generic PUP.x!B2C2EAA83DB4
PUP-FLN!7A337591D7F0
PUP-FMK!7A35C40359E2
Generic PUP.x!DB21D969ED37
Generic PUP.x!CEA79BCA12DD
PUP-FHQ!7A3765171F03
RDN/Generic PUP.x!cnj!7A2C812979A5
Generic PUP.x!A748C4C95DC6
RDN/Generic PUP.x!cnj!A66C66E0EF9C
PUP-FLT!7A2A2210D2BB
Adware-FMV!7A2DC38FC4A7
PUP-FMU!7A2FA7E92D5C
PUP-FLN!7A2A183605D3
CryptInno!7A2E492920C6
Generic PUP.x!AE0D0D4CC7EE
PUP-FHQ!7A2A225CF57B
CryptInno!7A31316FBFDA
PUP-FLN!7A2CEEA63FE1
RDN/Generic.dx!df3!A6758AF75CE9
Downloader.gen.a!7A3005896DB2
PUP-FHQ!7A2C8649F77A
Generic PWS.y!E8C264C6A0A3
Generic PUP.x!A7C7E87AEFA2
Generic PUP.x!A0215F17B19B
Generic PUP.x!AE0945C07F3A

Phishing

PayPal	18th September 2014
* CACTUS * You have added keithsandland@hotmail.com as a new email address for your PayPal account.
PayPal	18th September 2014
Notice Of Paypal.
RBC	18th September 2014
RBC Royal Bank Online Banking Important Service Message
iTunes	18th September 2014
ITUNES ACCOUNT WAS BEEN FROZEN
Lloyds Bank	17th September 2014
Online Banking and Access services!
CHARLES FEENEY	17th September 2014
Cancelled: Your Donation From Mr Charles Feeney

Vulnerebility

Exploit

18.9.2014

Bugtraq

APPLE-SA-2014-09-17-2 Apple TV 7 2014-09-17
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-09-17-1 iOS 8 2014-09-17
Apple Product Security (product-security-noreply lists apple com)

Reflected Cross-Site Scripting (XSS) in MODX Revolution 2014-09-17
High-Tech Bridge Security Research (advisory htbridge com)

Path Traversal in webEdition 2014-09-17
High-Tech Bridge Security Research (advisory htbridge com)

MIUI Torch Open Vulnerability 2014-09-17
vuln nipc org cn

MIUI Wifi Connection Message Vulnerability 2014-09-17
vuln nipc org cn

Android Bluetooth Pairing Packet Processing Vulnerability（by wangzq from NCNIPC） 2014-09-17
vuln nipc org cn

[CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow 2014-09-16
CORE Advisories Team (advisories coresecurity com)

[SECURITY] [DSA 3026-1] dbus security update 2014-09-16
Florian Weimer (fw deneb enyo de)

Malware

RDN/Generic PUP.x!cn3!58C96A11A5CB
Generic PUP.x!665D2AAE1E68
Generic.dx!E47728BC565E
Generic PUP.x!6F6CBB84AB91
Generic PUP.x!8BF4F84BAD1E
RDN/Generic PUP.x!cn3!ADD69D263EBE
RDN/Generic.grp!ho!391552FB8DE3
RDN/Generic.dx!dfn!6DECE7153719
RDN/Generic PUP.x!F48A9E2E29DC
RDN/Generic PWS.y!bbc!BD14D6DDE5EC
Generic PUP.x!AFA5DDA9B121
Generic PUP.x!CAA0F461CBEE
Generic PUP.x!411EF0A9B3C8
Generic.dx!195AC2F45DAC
RDN/Generic.dx!dfn!C4092AAB953A
RDN/Generic Dropper!vf!DDF7D1D8DDC8
Generic PUP.x!19279EACA7BF
Generic.dx!EC72881CD5F5
Generic PUP.x!82F819FD9E80
Generic PUP.x!D215562F1BDE
RDN/Downloader.a!te!1F624863074C
Generic.dx!263462C1F047
Generic PUP.x!C9CDE4EDA526
Generic PUP.x!5EA7475A199B
Generic PUP.x!FD88CFE7FA9D
Generic PUP.x!ADFFB9660FB4
Generic PUP.x!AC985F2FF9E5
Generic PUP.x!45DC19395B0C
RDN/Downloader.a!te!A95B471641AC
RDN/Generic.dx!dfn!A08089BB48B9

Phishing

Lloyds Bank	17th September 2014
Online Banking and Access services!
CHARLES FEENEY	17th September 2014
Cancelled: Your Donation From Mr Charles Feeney
PayPal	17th September 2014
Your Account is Limited

Vulnerebility

Exploit

17.9.2014

Bugtraq

ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities 2014-09-15
Security Alert (Security_Alert emc com)

Briefcase 4.0 iOS - Code Execution & File Include Vulnerability 2014-09-15
Vulnerability Lab (research vulnerability-lab com)

Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)

Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)

Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)

Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com

Malware

RDN/Generic BackDoor!zv!8272BC2F7AF3
Generic PUP.x!A4704DDDE8AE
RDN/Generic.dx!dfm!821A74834EF9
RDN/Generic PUP.x!cnh!96E7D4ABBADD
Generic PUP.x!3897DF2D2C7F
Generic PUP.x!DC6BEBB5F116
Generic PUP.x!E5ACAEE4C1E1
Generic PUP.x!3CD4BD278374
RDN/Generic PUP.x!cnh!BE70C05C0CE7
Generic PUP.x!CD11D3B276B0
Generic PUP.x!A2883DF89E60
Downloader.gen.a!814CE9BACA4F
Generic PUP.x!802D74E70A9F
Generic PUP.x!531AF24AA92D
RDN/Generic PUP.z!ef!7F2806FAC96E
RDN/Generic PUP.x!cnh!9943E3E6D98C
RDN/Generic.dx!dfm!BBD25A3C7642
Generic PUP.x!0E44F1290C41
Generic PUP.x!BB689D659B01
Generic PUP.x!16CE94CEEB77
Generic PUP.z!ACAA32B9999C
RDN/Downloader.a!te!C7C15C6B0DA3
Generic PUP.x!A2CC9ED7B918
Generic PUP.x!92C9B258E27D
Generic Downloader.x!0697E8A6F7B0
Generic PUP.x!2204DF30BA87
Generic PUP.x!2325974A9FC0
RDN/Generic.tfr!ed!B5D2ADD73496
Generic PUP.x!878FFA6889CC
Generic PUP.x!1ED0CC752A82

Phishing

Vulnerebility

Exploit

16.9.2014

Bugtraq

Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)

Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)

Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)

Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com

[security bulletin] HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS) or Disclosure of Information 2014-09-12
security-alert hp com

Malware

RDN/Generic.dx!dfl!C69B8E544EFE
RDN/Generic.dx!dfl!5D3DB0AA7A2E
RDN/Generic.dx!2C236C4B74C6
RDN/Generic.bfr!1A310E3E244F
Generic.dx!8832F4174341
Generic.dx!462DC2BD7689
Generic PUP.x!64675FD51FEE
Generic.dx!4EC01698A065
Generic PUP.x!1216AD9C1078
RDN/Generic StartPage!ca!51F50B63C13E
RDN/Downloader.gen.a!CCFF60F97184
Generic.tfr!AD0A8D81BAC8
RDN/Generic.gl!c!3654BE75A01F
RDN/Generic.hra!51ABB9AE4459
RDN/Generic.bfr!hq!CFEE47AA1A9F
RDN/Downloader.a!td!E61A3AE3C085
RDN/Generic.bfr!hr!CF0548D403BA
RDN/Generic PUP.x!cn3!82FA9D7519E7
Generic PUP.x!C077FB333F0E
RDN/Generic PUP.x!FD20628E5E6D
Generic.dx!DF7B8354F9A7
RDN/Generic PWS.y!bbb!C13641644F2A
RDN/Generic.dx!dfl!C4AD71141FA4
Generic PUP.z!5D3C6616C285
RDN/Generic Qhost!l!D3116C744237
Generic PUP.x!EF65EBF4F679
RDN/Generic StartPage!ca!5CD92665174E
RDN/Generic.bfr!hq!AEF0DAD8DC39
RDN/Generic.dx!dfl!C602737100D8
RDN/Generic StartPage!ca!575D72BAD814

Phishing

Vulnerebility

Exploit

USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability

Http File Server 2.3.x - Remote Command Execution

Railo Remote File Include

ManageEngine Eventlog Analyzer Arbitrary File Upload

SolarWinds Storage Manager Authentication Bypass

ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability

CacheGuard-OS 5.7.7 - CSRF Vulnerability

15.9.2014

Bugtraq

Passwords^14 Norway - CFP 2014-09-15
Per Thorsheim (per thorsheim net)

Open-Xchange Security Advisory 2014-09-15 2014-09-15
Martin Heiland (martin heiland open-xchange com)

Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
Federick Joe P Fajardo (fjpfajardo ph ibm com)

Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
danielelinguaglossa gmail com

[security bulletin] HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS) or Disclosure of Information 2014-09-12
security-alert hp com

Malware

RDN/Generic.dx!dfl!C69B8E544EFE
RDN/Generic.dx!dfl!5D3DB0AA7A2E
RDN/Generic.dx!2C236C4B74C6
RDN/Generic.bfr!1A310E3E244F
Generic.dx!8832F4174341
Generic.dx!462DC2BD7689
Generic PUP.x!64675FD51FEE
Generic.dx!4EC01698A065
Generic PUP.x!1216AD9C1078
RDN/Generic StartPage!ca!51F50B63C13E
RDN/Downloader.gen.a!CCFF60F97184
Generic.tfr!AD0A8D81BAC8
RDN/Generic.gl!c!3654BE75A01F
RDN/Generic.hra!51ABB9AE4459
RDN/Generic.bfr!hq!CFEE47AA1A9F
RDN/Downloader.a!td!E61A3AE3C085
RDN/Generic.bfr!hr!CF0548D403BA
RDN/Generic PUP.x!cn3!82FA9D7519E7
Generic PUP.x!C077FB333F0E
RDN/Generic PUP.x!FD20628E5E6D
Generic.dx!DF7B8354F9A7
RDN/Generic PWS.y!bbb!C13641644F2A
RDN/Generic.dx!dfl!C4AD71141FA4
Generic PUP.z!5D3C6616C285
RDN/Generic Qhost!l!D3116C744237
Generic PUP.x!EF65EBF4F679
RDN/Generic StartPage!ca!5CD92665174E
RDN/Generic.bfr!hq!AEF0DAD8DC39
RDN/Generic.dx!dfl!C602737100D8
RDN/Generic StartPage!ca!575D72BAD814

Phishing

Vulnerebility

Exploit

Http File Server 2.3.x - Remote Command Execution

Railo Remote File Include

ManageEngine Eventlog Analyzer Arbitrary File Upload

SolarWinds Storage Manager Authentication Bypass

ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability

CacheGuard-OS 5.7.7 - CSRF Vulnerability

12.9.2014

Bugtraq

Call for Participation: Semantic Web Business and Innovation (SWBI2015) * Switzerland 2014-09-11
jackie sdiwc info

ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)

Photorange v1.0 iOS - File Include Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)

PhotoSync v2.2 iOS - Command Inject Web Vulnerability 2014-09-11
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3021-2] file regression update 2014-09-10
Luciano Bello (luciano debian org)

[SECURITY] [DSA 3022-1] curl security update 2014-09-10
Yves-Alexis Perez (corsac debian org)

[SECURITY] [DSA 3020-1] acpi-support security update 2014-09-10
Raphael Geissert (geissert debian org)

[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat 2014-09-10
Mark Thomas (markt apache org)

Malware

RDN/Generic.dx!dfj!8CDECA7E38AC
RDN/Generic.dx!dfj!0BB92BEF3AD1
RDN/Generic.dx!dfj!0859FD6DFAB3
RDN/Generic PUP.x!cnb!C29FD7EA07E0
Generic.dx!9404A6065F6B
Generic PUP.x!CD12DAF786D1
Generic Downloader.x!8B56CA22AB3C
W32/Virus.gen!25ECDB78AC4D
Generic PUP.x!E3B3D44B40BC
Generic PUP.x!F0785AEDA326
Generic PUP.x!2D205A5B90CF
Generic PUP.x!60C4FD06E26D
Generic PUP.x!B95AF1CA366A
Generic PUP.x!764593985633
FakeAV-M.bfr!97014BCBEE47
RDN/Generic.dx!dfj!1EA8720A7613
Generic Downloader.x!6FBAFA22376C
Generic FakeAlert!23C2AD45666C
RDN/Generic Dropper!ve!A9C197068A73
RDN/Generic.dx!dfj!7BB6924AE4EC
RDN/Generic BackDoor!zt!88FBCC105918
FakeAV-M.bfr!B71BB097C5BB
RDN/Generic PUP.x!cnb!6FC1A32A95D6
Downloader.gen.a!C87318BABDB5
RDN/Generic PUP.x!cnb!2948DB7AA650
Generic.dx!00B90C14C811
Generic FakeAlert!2453E7290559
RDN/Generic PUP.x!cnb!51DEE98B1F87
RDN/Generic PUP.x!cnb!60037AD4F829
RDN/Generic PUP.x!cnb!5E344057EC4E

Phishing

Tesco Credit Card	12th September 2014
Win A Free Tesco Voucher
RBC Express	10th September 2014
User Roles Waiting For Approval

Vulnerebility

Exploit

OroCRM - Stored XSS Vulnerability

Joomla Spider Contacts 1.3.6 (index.php, contacts_id param) - SQL Injection

Photorange 1.0 iOS - File Inclusion Vulnerability

ChatSecure IM 2.2.4 iOS - Persistent XSS Vulnerability

11.9.2014

Bugtraq

[SECURITY] [DSA 3020-1] acpi-support security update 2014-09-10
Raphael Geissert (geissert debian org)

[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat 2014-09-10
Mark Thomas (markt apache org)

[slackware-security] seamonkey (SSA:2014-252-01) 2014-09-09
Slackware Security Team (security slackware com)

[security bulletin] HPSBMU03075 rev.1 - HP Network Node Manager I (NNMi) for Windows and Linux, Remote Execution of Arbitrary Code 2014-09-09
security-alert hp com

NEW VMSA-2014-0008 VMware vSphere product updates to third party libraries 2014-09-09
VMware Security Response Center (security vmware com)

Re: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-09-09
sales prochatrooms com

[SECURITY] [DSA 3021-1] file security update 2014-09-09
Luciano Bello (luciano debian org)

Malware

Generic PUP.x!0C6745A27CC3
Generic PUP.x!0F019216AA9B
RDN/Generic PUP.x!cn3!50D6DB8D39FB
Generic PUP.x!CCEC238202E2
Generic.bfr!8B140379E0EA
Generic PUP.x!DADBCD3C0F53
RDN/Generic.dx!dfh!F2E45BAB5E28
Generic PUP.x!E81B8055827C
RDN/Generic PUP.x!AE417D382B73
Generic PUP.x!074BC2472DDE
RDN/Downloader.gen.a!FE6B84A9D0F9
RDN/Generic.bfr!hq!CF8E86542807
Generic PUP.x!10CB0929203D
iBryte!54AA3342AC94
GenericR-CAO!0619055DD67B
Generic PUP.x!654CF63E97AF
RDN/PWS-Banker!dk!2813572919D5
Generic PUP.x!4B33A593A3C0
RDN/Generic.bfr!0DB3A7BC548C
Generic BackDoor!53281A425D44
RDN/Generic PUP.x!474083FCD01D
RDN/Ransom!ek!7BFBE32E73C8
RDN/Generic.dx!dfh!DA8122BE2C69
RDN/Generic PUP.x!cn3!2746E07E861D
RDN/Generic.bfr!hq!AA1BB243E202
Generic PUP.x!84181677726C
Generic PUP.x!A5520BEC7921
Generic PUP.x!ECCC6461ABDB
RDN/Generic PUP.x!cn3!6106B6BA6492
Generic PUP.x!240914DC6025

Phishing

RBC Express	10th September 2014
User Roles Waiting For Approval

Vulnerebility

Exploit

10.9.2014

Bugtraq

[SECURITY] [DSA 3021-1] file security update 2014-09-09
Luciano Bello (luciano debian org)

FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 2014-09-09
FreeBSD Security Advisories (security-advisories freebsd org)

Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability 2014-09-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic PWS.bfr!e!D52EBA8C38F9
RDN/Generic PWS.bfr!e!593A55D19F8A
Generic PUP.x!9F2D2B65341F
Generic PUP.x!68FC775C0C58
RDN/BackDoor-FBSA!a!6F4A5D6950E3
Generic PUP.x!9C8F485EF7A5
Generic PUP.x!9D3D0EBCF49B
Generic PUP.x!9B06B380FD72
Dropper-FLV!F1AEFC1A6DE4
Generic PUP.x!924150BB06D8
Generic PUP.x!9268DE306E1E
RDN/Generic PUP.x!49EBC7D22F40
RDN/Generic BackDoor!zt!59FD76A1BAF2
RDN/Generic PWS.y!bb3!6D6138EB28EB
RDN/Generic PWS.y!bb3!4A3E98397F45
Generic PUP.x!93B480CF3027
RDN/Generic.dx!dfg!DB67E30BA659
Generic PUP.x!9B86D1558050
RDN/Generic PWS.y!bb3!D53B14B79C34
Downloader.gen.a!3D00B1307A98
RDN/Generic.dx!095C7462CC57
Generic PUP.x!92F290DA65EC
Generic PUP.x!94C9399FD167
Generic PUP.x!950215A411B5
RDN/Generic Downloader.x!ku!F99ECE93DC9C
Generic PUP.x!9A76597E9EE0
RDN/Generic PWS.bfr!e!52C7A86AF2B2
Generic PUP.x!9B759309CBE6
Generic PUP.x!960A593FE7ED
Generic PUP.x!9B47FCB6DEAB

Phishing

Vulnerebility

Exploit

9.9.2014

Bugtraq

[SECURITY] [DSA 3021-1] file security update 2014-09-09
Luciano Bello (luciano debian org)

FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 2014-09-09
FreeBSD Security Advisories (security-advisories freebsd org)

IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability 2014-09-08
main gsmcnamara com

[security bulletin] HPSBST03106 rev.1 - HP P2000 G3 MSA Array System running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-08
security-alert hp com

CVE-2014-5392 XML eXternal Entity (XXE) in "JobScheduler" 2014-09-07
Christian Schneider (mail Christian-Schneider net)

Malware

RDN/Generic PUP.x!cmx!0DA098437BAA
CryptDomaIQ!46F5A8FF5DF9
CryptDomaIQ!46F6556E15E7
RDN/Generic.dx!dfg!0142D1CA3D22
RDN/Generic.hra!ca!03E1141B265D
Generic PUP.x!00B39D8F5F89
Generic PUP.x!06DD6A6BD43E
Generic PUP.x!04F27AB1EA18
RDN/Generic PUP.x!cmx!0431AF45F4E2
CryptDomaIQ!46F4C13F4B77
W32/Virus.gen!057ACD44646B
RDN/Generic PUP.x!cmx!0D240AECFAB9
RDN/Generic.dx!dfg!0564C7AFB61C
RDN/Generic PUP.x!08D3AA6C55E1
Generic PUP.x!0C748F6AEF18
RDN/Generic PUP.x!0B6F5889EA2B
Generic.bfr!0410A7DDA9B9
RDN/Generic PUP.x!cmx!0C194144F1B3
CryptDomaIQ!46EF183005EE
RDN/Generic PUP.x!cmx!022871AE441C
CryptDomaIQ!46DDDC1EEE69
CryptDomaIQ!46E4569FF286
Generic PUP.x!0435E06A5641
Generic PUP.x!0C1EAA2C86FC
RDN/Generic PUP.x!cmx!0AE8123DF11A
RDN/Generic.dx!dfg!0A1EA71AF237
RDN/Generic PUP.x!cmx!073753DF7E09
RDN/Generic PUP.x!cmx!0808DC98AF30
RDN/Generic PUP.x!cmx!04DAA3ADF107
RDN/Generic.dx!dfg!09D8E727D98A

Phishing

PayPal	9th September 2014
[IMPORTANT] Update your paypal account information
PayPal	8th September 2014
Account Review
bt.athome@bt.com	8th September 2014
Your BT security is still not active !!!

Vulnerebility

Exploit

ManageEngine Desktop Central StatusUpdate Arbitrary File Upload

ALCASAR 2.8 Remote Root Code Execution Vulnerability

TP-LINK Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities

TP-LINK Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities

Atmail Webmail 7.2 - Multiple Vulnerabilities

PHP Stock Management System 1.02 - Multiple Vulnerabilty

Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash

8.9.2014

Bugtraq

Malware

RDN/Generic.bfr!hr!C194B0FAF154
DNSChanger.bfr!CDD2B6BFD4BE
RDN/Generic FakeAlert!fd!9D2FE51733D5
CryptDomaIQ!39E10D027527
Generic.bfr!39E0359C8E95
CryptDomaIQ!39E101177F50
DNSChanger.bfr!3E702F195EB5
RDN/Generic PUP.x!cm3!04F9EC6576DA
CryptDomaIQ!39D858C4C774
CryptDomaIQ!39D7A7BE946E
CryptDomaIQ!39E2EF0386EC
iBryte!39DBFE7883B4
CryptDomaIQ!39D79FA68B26
iBryte!63242FA7AA22
RDN/Generic BackDoor!zs!593B70359824
PUP-FMK!39DB827A19FA
iBryte!39CC12CC28EE
RDN/Generic.dx!df3!CE299FF74DC8
Generic PUP.x!28F5CDD290BA
RDN/Generic PUP.x!cm3!BB05D1A3878E
RDN/Generic Downloader.x!kx!B153C79909B0
CryptDomaIQ!39E223C329DF
W32/Worm-AAEH.g!CD240A380171
Generic.dx!866B0A34A837
RDN/Generic.dx!ECB517F25AF9
Generic PUP.x!2A683B1550E7
Generic PUP.x!C221BD481E4B
Generic PUP.x!1EE2CF2E52E2
Generic BackDoor!335D88F56E24
RDN/Generic PUP.x!cm3!BD3B74F20F79

Phishing

LogMeIn.com Auto-Mailer	7th September 2014
Verify your LogMeIn account
Paypal support	7th September 2014
PLEASE VALIDATE YOUR ACCOUNT INFORMATION
Pay-Pal...	7th September 2014
TEMPORARELY BLOCKED ACCOUNT
PayPal Service	7th September 2014
UPDATE YOUR PAYPAL INFORMATION !
PayPal	7th September 2014
PAYPAL ACCOUNT SERVICE
PayPal	6th September 2014
PAYPAL ACCOUNT SERVICE
PayPal Service	6th September 2014
UPDATE YOUR PAYPAL INFORMATION !
no_reply@bt.com	6th September 2014
Your BT security is still not active.
PayPal	6th September 2014
IMPORTANT - New Security Upgrade

Vulnerebility

Exploit

IP Board 3.x - CSRF Token hjiacking

LoadedCommerce7 - Systemic Query Factory Vulnerability

Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability

PhpOnlineChat 3.0 - XSS

WordPress Acento Theme (view-pdf.php, file param) - Arbitrary File Download

5.9.2014

Bugtraq

[ MDVSA-2014:174 ] apache 2014-09-04
security mandriva com

Avolve Software ProjectDox Multiple Vulnerability Disclosure 2014-09-03
Romano, Christian (cromano caanes com)

[security bulletin] HPSBMU03083 rev.2 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-03
security-alert hp com

Reflected Cross-Site Scripting (XSS) in MyWebSQL 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in BlackCat CMS 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

Malware

iBryte!1E2C3BEA1BF6
CryptDomaIQ!1E1222F0990C
Generic PUP.x!5CC07BAECF11
CryptDomaIQ!1E1C17FB4725
Generic PUP.x!2C1AC8A15E71
CryptDomaIQ!1E21145F551F
Generic PUP.x!EDC402DE907C
RDN/Generic PWS.y!0B2D4691DC4F
CryptDomaIQ!1E237709B855
CryptDomaIQ!1E27ABBC8C6A
Generic PUP.x!13F950C86215
Generic PUP.x!EFB503898C3D
Generic PUP.x!3050BCE94929
CryptDomaIQ!1E2740EAD3C2
Generic PUP.x!18DFFE3E7C4A
CryptDomaIQ!1E2A519D2BE6
CryptDomaIQ!1E23D4C809DE
CryptDomaIQ!1E2FE37768B4
PowerPack!1E2C4780D899
Generic PUP.x!EFCA5D01C7DD
Generic PUP.x!E79A39BE50CC
Generic PUP.x!18AF68478FFB
Generic PUP.x!F1633D7291C6
Generic PUP.x!EC8E7E172242
Generic PUP.x!EE3554461175
Generic PUP.x!2D1C0DB4F34E
RDN/Downloader.a!sx!090262D83C13
CryptDomaIQ!1E18F80FD05D
CryptDomaIQ!1E1643A0C292
CryptDomaIQ!1E0741DA982F

Phishing

Apple	5th September 2014
Unauthorised Login Attempt
Paypal Team	4th September 2014
Card Declined - Upload Your Acc
Paypal support	3rd September 2014
PLEASE VALIDATE YOUR ACCOUNT INFORMATION

Vulnerebility

Exploit

4.9.2014

Bugtraq

Reflected Cross-Site Scripting (XSS) in MyWebSQL 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

Reflected Cross-Site Scripting (XSS) in BlackCat CMS 2014-09-03
High-Tech Bridge Security Research (advisory htbridge com)

[SECURITY] [DSA 3018-1] iceweasel security update 2014-09-03
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:172 ] php 2014-09-03
security mandriva com

[ MDVSA-2014:173 ] busybox 2014-09-03
security mandriva com

Re: ntopng 1.2.0 XSS injection using monitored network traffic 2014-09-03
Steffen Bauch (mail steffenbauch de)

[CORE-2014-0005] - Advantech WebAccess Vulnerabilities 2014-09-02
CORE Advisories Team (advisories coresecurity com)

[security bulletin] HPSBGN03099 rev.1 - HP IceWall SSO Dfw, SSO Agent and MCRP running OpenSSL, Remote Disclosure of Information 2014-09-02
security-alert hp com

Malware

Generic PUP.x!8D6D3577E029
Generic Dropper!150C800758EB
RDN/Generic PUP.x!cmk!4DF5EFA5CF44
Generic PUP.x!8CA71830B547
Generic PUP.x!4E0DFD9E8528
CryptDomaIQ!0DB08989B3B7
RDN/Generic.dx!3B235027EA50
CryptDomaIQ!0DA85A07ABE6
MultiPlug!0DB0A899A230
CryptDomaIQ!0DB40F91648F
MultiPlug!0DB3B2A77EEA
MultiPlug!0DB35740B528
MultiPlug!0DA760CF9C6B
Generic PUP.x!3EE39603C136
CryptDomaIQ!0DA40740A351
PUP-FMK!0DA1CAE3AFE9
iBryte!0DA4A54F886B
PUP-FMK!0DA248DAC0CA
Downloader.gen.a!8B6095504C48
RDN/Downloader.a!sx!1FC06DEC85E7
Downloader.gen.a!8351101A2DC1
Generic PUP.x!E60A2EE92097
RDN/Downloader.a!sx!8C127169A97A
Generic PUP.x!839CB4FCF0E3
Generic PUP.x!4879AEC457A2
Generic PUP.x!110F61C06182
Generic Downloader.x!2387E22BFE7C
Generic PUP.x!A42E07AA8DDE
PUP-FMK!2F746034108F
Generic PUP.x!5668B1E53C0A

Phishing

Paypal Team	4th September 2014
Card Declined - Upload Your Acc
Paypal support	3rd September 2014
PLEASE VALIDATE YOUR ACCOUNT INFORMATION
Tesco Bank	3rd September 2014
NEW NOTIFICATION FROM TESCO BANK
Wells Fargo OnlineÐ’Â®wells._f	3rd September 2014
IMPORTANT MESSAGE FROM WELLS FARGO ONLINE

Vulnerebility

Exploit

vBulletin 4.0.x - 4.1.2 (search.php, cat param) - SQL Injection Exploit

3.9.2014

Bugtraq

[SECURITY] [DSA 3017-1] php-cas security update 2014-09-02
Thijs Kinkhorst (thijs debian org)

Apple iOS v7.1.2 - Merge Apps Service Local Bypass Vulnerability 2014-09-02
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:171 ] dhcpcd 2014-09-02
security mandriva com

[ MDVSA-2014:170 ] jakarta-commons-httpclient 2014-09-02
security mandriva com

Defense in depth -- the Microsoft way (part 18): Microsoft Office 2010 registers command lines with unquoted pathnames 2014-09-02
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:169 ] bugzilla 2014-09-02
security mandriva com

[ MDVSA-2014:168 ] libvncserver 2014-09-02
security mandriva com

[ MDVSA-2014:167 ] file 2014-09-02
security mandriva com

[ MDVSA-2014:166 ] serf 2014-09-02
security mandriva com

[ MDVSA-2014:165 ] krb5 2014-09-02
security mandriva com

[ MDVSA-2014:163 ] python-imaging 2014-09-02
security mandriva com

[ MDVSA-2014:164 ] phpmyadmin 2014-09-02
security mandriva com

[ MDVSA-2014:162 ] catfish 2014-09-02
security mandriva com

[ MDVSA-2014:161 ] subversion 2014-09-02
security mandriva com

[ MDVSA-2014:160 ] gpgme 2014-09-02
security mandriva com

Re: [FD] SSH host key fingerprint - through HTTPS 2014-09-02
John Leo (johnleo checkssh com)

Malware

Generic PUP.x!B6DB6DF7B0A2
RDN/Generic PUP.x!56851A88981C
RDN/Generic PUP.x!54D504B2C13F
RDN/Generic BackDoor!zi!55C7AA587ABB
RDN/Generic PUP.x!562E9FD93DAA
RDN/Generic PUP.x!55EE7264E9CC
Generic PUP.x!5F74B6787360
PUP-FMK!028F18FED502
RDN/Generic PUP.x!55D74DCCE734
PowerPack!0347F6AC42AE
RDN/Generic.bfr!96F93F172A61
RDN/Generic PUP.x!56271A8C70FF
Generic.tfr!D98D0013BF46
RDN/Generic PUP.x!cmj!C5F6449CB9F6
RDN/Generic.dx!dfb!5A90AB38A944
RDN/Generic PUP.x!B68E1597AA31
RDN/Generic PUP.x!551FE0FF5F7A
RDN/Generic PUP.x!54C809CE0A4A
RDN/Generic PUP.x!54B5367BF72B
RDN/Generic PUP.z!82D7D11F64B3
RDN/Generic PUP.x!cmj!C3F5A7280DD3
PowerPack!01982EDDDDD7
Generic PUP.x!011716E39BCC
RDN/Generic PUP.x!DD3122A8C2E2
RDN/Generic PUP.x!549588C99D8B
Generic PUP.x!CC3B21A0AF89
RDN/Generic.tfr!ed!55321D945486
RDN/Generic PUP.x!cmj!52FF393E8968
RDN/Generic PUP.x!cmj!C44A52856CA0
Generic PUP.x!71627BD9C797

Phishing

PayPal	3rd September 2014
your account paypal is limited
TheMailTeam	2nd September 2014
MAILACCOUNTMGMT UPDATE NOW
PayPal	2nd September 2014
NOTICE : YOUR ACCOUNT HAS BEEN LIMITED PLEASE UPDATE NOW.

Vulnerebility

Exploit

Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection

2.9.2014

Bugtraq

WWW File Share Pro v7.0 - Denial of Service Vulnerability 2014-09-01
Vulnerability Lab (research vulnerability-lab com)

Avira License Application - Cross Site Request Forgery Vulnerability 2014-09-01
Vulnerability Lab (research vulnerability-lab com)

SSH host key fingerprint - through HTTPS 2014-09-01
John Leo (johnleo checkssh com) (2 replies)

Re: SSH host key fingerprint - through HTTPS 2014-09-01
Chris Nehren cnehren+bugtraq (at) pobox (dot) com [email concealed] (cnehren+bugtraq pobox com)

Re: SSH host key fingerprint - through HTTPS 2014-09-01
Micha Borrmann (micha borrmann syss de)

[SECURITY] [DSA 2987-2] openjdk-7 regression update 2014-08-31
Florian Weimer (fw deneb enyo de)

Malware

RDN/Generic Downloader.x!kw!4DE6C6D4D137
RDN/Generic Downloader.x!kw!265B16E2EB94
RDN/Generic PUP.x!cmj!18FC067B5493
RDN/Generic.tfr!ed!9AF0DE8E8ABA
Generic PUP.x!776DF3A1BB5C
Generic PUP.x!7FB1FCB5FDE3
Generic PUP.x!EE647D4A46F9
RDN/Generic PUP.x!cmj!2469809DFF7C
Generic PUP.x!6BC576917EC0
RDN/Spybot.bfr!n!ED6F6CB346FE
Generic PUP.x!BA28D13EB801
Generic PUP.x!5E576A63D928
RDN/BackDoor-CMQ!f!01AFDFCBCCCE
RDN/Generic.bfr!hq!57063AAEE477
RDN/Generic PUP.x!cmj!1F969678AA37
Generic PUP.x!BDAA71CC4AFB
RDN/Generic PWS.y!541093E9D9C2
RDN/Generic PUP.x!cmj!50F83B024BE6
RDN/Generic PUP.x!cmj!2538973BA2BA
Generic PUP.x!02ECBD335358
Generic PUP.x!D4F6CBF8770B
Generic PUP.x!4D589DA26299
Generic PUP.x!021F70FF1F64
RDN/Spybot.worm.gen!76E874DCEC0C
Generic PUP.x!973091C75716
RDN/Generic.tfr!ed!27E9FF6D71B7
Generic PUP.x!5A83BC51B4D6
Generic PUP.x!B92492B13CBF
Generic PUP.x!92C1FDF0FF93
Generic PUP.x!7A31D8143503

Phishing

PayPal	2nd September 2014
NOTICE : YOUR ACCOUNT HAS BEEN LIMITED PLEASE UPDATE NOW.
BT	1st September 2014
Your BT Account Validation
Apple	1st September 2014
Account Suspended

Vulnerebility

Exploit

1.9.2014

Bugtraq

SSH host key fingerprint - through HTTPS 2014-09-01
John Leo (johnleo checkssh com)

[SECURITY] [DSA 2987-2] openjdk-7 regression update 2014-08-31
Florian Weimer (fw deneb enyo de)

CFP Deadline Approaching - Third International Conference on Informatics & Applications | Malaysia 2014-09-01
liezelle sdiwc info

WordPress Slideshow Gallery 1.4.6 Shell Upload Vulnerability (CVE-2014-5460) 2014-08-30
jesus ramirez pichardo gmail com

Malware

Generic.dx!F234744E5898
RDN/Spybot.bfr!9C5ABE3A3CEC
Generic PUP.x!F14E54C987BA
Downloader.gen.a!D6CD63A56713
Generic PUP.x!25C28F82CAFF
Generic BackDoor!FDE2C8167345
RDN/Generic.bfr!A237F18848CB
Generic PUP.x!33AC19768FDF
RDN/Generic PUP.x!cm3!F183510D61FC
RDN/Generic PUP.x!cm3!177F042B5CF8
RDN/Generic PUP.x!cm3!6218F23B436C
Generic PUP.x!65CE7BD22667
RDN/Generic Dropper!vc!8221E929AFB5
Generic PUP.x!8C7AB4C6D3C3
Generic PUP.x!4A163DD6E687
Generic PUP.x!C355D030F9FC
Generic PUP.x!513893B31FC1
Generic PUP.x!3572C82D1671
Generic PUP.x!09F84FB114D5
RDN/Generic Downloader.x!EE417ED73EEF
RDN/Generic PUP.x!cm3!20EE2A2B3D32
RDN/Generic Downloader.x!ku!E6A269CA1524
RDN/Generic PUP.z!D073EC0DF4D8
RDN/Generic.bfr!657281A8F68D
Generic PUP.x!6161D17566FE
RDN/Generic.bfr!A7F6F4B82D39
Generic PUP.x!F2A1A1117056
Generic PUP.x!93D6397C0525
Generic PUP.x!33167E7BAA4F
RDN/Generic PUP.x!3A6F708DF39D

Phishing

Apple	30th August 2014
EXPIRATION OF YOUR APPLE ACCOUNT.
NETFLIX	30th August 2014
Your Netflix Account Requires Validation [NFV-837]
Ñ–Tunes StÐ¾re	29th August 2014
SECURITY : Î¡LÐµASÐµ CÐ¾MPLÐµTÐµ THÐµÑ•Ðµ Ñ•TÐµPÑ• TÐ¾ RÐµÑ•TÐ¾RÐµ YÐ¾UR AÑÑÐ¾UNT

Vulnerebility

Exploit

Wing FTP Server Authenticated Command Execution

Mulitple WordPress Themes (admin-ajax.php, img param) - Arbitrary File Download

Arachni Web Application Scanner Web UI - Stored XSS Vulnerability

WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload Vulnerability

ManageEngine Desktop Central - Arbitrary File Upload / RCE

ManageEngine EventLog Analyzer Multiple Vulnerabilities

29.8.2014

Bugtraq

Re: SaaS Marketing platform Hubspot export vulnerability 2014-08-28
security hubspot com

[SECURITY] [DSA 3014-1] squid3 security update 2014-08-28
Salvatore Bonaccorso (carnil debian org)

SEC Consult SA-20140828-0 :: F5 BIG-IP Reflected Cross-Site Scripting 2014-08-28
SEC Consult Vulnerability Lab (research sec-consult com)

Aerohive Hive Manager and Hive OS Multiple Vulnerabilities 2014-08-28
Disclosure (Disclosure security-assessment com)

[The ManageOwnage Series, part II]: User credential disclosure in ManageEngine DeviceExpert 2014-08-27
Pedro Ribeiro (pedrib gmail com)

[SECURITY] [DSA 3013-1] s3ql security update 2014-08-27
Florian Weimer (fw deneb enyo de)

Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) 2014-08-27
jackie sdiwc info

[SECURITY] [DSA 3012-1] eglibc security update 2014-08-27
Florian Weimer (fw deneb enyo de)

Malware

RDN/Generic PUP.x!148DF3F2BC33
RDN/Generic PUP.x!05C6943090DC
RDN/Generic PUP.x!cmb!117932EAEA0B
RDN/PWS-Mmorpg!mb!5D53BE4FCC4F
RDN/PWS-Mmorpg!mb!5D59DAF8A72C
RDN/PWS-Mmorpg!mb!5D5E9F7B8F05
RDN/Generic BackDoor!zp!534A8DB4D9C1
RDN/PWS-Mmorpg!mb!5D5B155A404A
RDN/Generic PUP.x!cmb!068AA0D3D29E
RDN/Generic PUP.x!cmb!1BB8F0FB7EC9
RDN/PWS-Mmorpg!mb!5D2E7B78BBC3
RDN/PWS-Mmorpg!lp!5D67DA081574
Generic PUP.x!061A90EA5F76
RDN/Generic PUP.x!cmb!029EBAC414D3
RDN/Generic PUP.x!cmb!055C86BD2D55
RDN/PWS-Mmorpg!mb!5D2747EC935C
RDN/Generic PUP.x!cmb!172515A4AEFB
RDN/Generic PUP.x!cmb!117671717FCF
RDN/PWS-Mmorpg!mb!5D1D5522B81E
RDN/PWS-Mmorpg!mb!5D2006745E0B
RDN/PWS-Mmorpg!mb!5D2013414DA9
RDN/PWS-Mmorpg!mb!5D1EB5A70995
RDN/PWS-Mmorpg!mb!5D122C8FA307
RDN/PWS-Mmorpg!mb!5D1AD8031236
RDN/PWS-Mmorpg!mb!5D08BD382414
RDN/PWS-Mmorpg!mb!5D152DEBB9B0
CryptDomaIQ!6FBDE69E1C92
PUP-FLN!6FBB93EC196F
CryptInno!6FBBA52F69E5
PUP-FHQ!6FB7F8253C5C

Phishing

BT	28th August 2014
You have 1 new message
PayPal	28th August 2014
update account
PayPal Serviceâœ”	27th August 2014
Your Account Will Be Limited Until We Here From You Please Enable Protection Against Fraudulent Use Of Credit

Vulnerebility

Exploit

Internet Explorer MS14-029 Memory Corruption PoC

28.8.2014

Bugtraq

Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) 2014-08-27
jackie sdiwc info

[SECURITY] [DSA 3012-1] eglibc security update 2014-08-27
Florian Weimer (fw deneb enyo de)

SaaS Marketing platform Hubspot export vulnerability 2014-08-27
ehoward novacoast com

Fwd: RFC 7359 on Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks 2014-08-27
Fernando Gont (fgont si6networks com)

Mathematica10.0.0 on Linux /tmp/MathLink vulnerability 2014-08-27
paul szabo sydney edu au

Encore Discovery Solution Multiple Vulnerability Disclosure 2014-08-27
Romano, Christian (cromano caanes com)

Malware

RDN/PWS-Mmorpg!lw!EA3E1AE9E276
CryptDomaIQ!6C4C60262A3C
RDN/PWS-Mmorpg!lw!EA1DEEA83380
RDN/PWS-Mmorpg!lw!EA95646BA683
RDN/PWS-Mmorpg!lw!EA56234958EB
RDN/PWS-Mmorpg!lw!EA034C45DBD0
Generic PUP.x!039261261CD5
RDN/PWS-Mmorpg!lw!EA0DAFB5FB08
RDN/PWS-Mmorpg!lw!EA10A2E7CE84
RDN/PWS-Mmorpg!lw!EA061E450D76
RDN/PWS-Mmorpg!lw!E9E688EA2172
RDN/PWS-Mmorpg!lw!E9FC38AEDB33
Generic PUP.x!6C4AC5BC6AB7
Generic PUP.x!AF645A521638
RDN/PWS-Mmorpg!lw!E9E31C6AD86D
Generic PUP.x!CE7D8068F6B8
Generic PUP.x!CE5A18FF18FB
RDN/Generic PUP.x!4DF58DF1E187
Generic PUP.x!676A616F61E6
Generic PUP.x!42690469D1FC
RDN/PWS-Mmorpg!lw!EA07EC7EAAF0
Generic PUP.x!84A8AE00A9B9
RDN/DNSChanger.bfr!d!EA700A4F0150
RDN/PWS-Mmorpg!lw!E9DBAC88A099
RDN/PWS-Mmorpg!lw!E9D085D79291
RDN/PWS-Mmorpg!lw!E9C6CD287053
RDN/PWS-Mmorpg!lw!E9B2C8A986E3
RDN/PWS-Mmorpg!lw!E9CB01FC9AC7
RDN/PWS-Mmorpg!lw!E9B441FE2FBF
Generic Downloader.x!11DA4C039643

Phishing

PayPal	28th August 2014
update account
PayPal Serviceâœ”	27th August 2014
Your Account Will Be Limited Until We Here From You Please Enable Protection Against Fraudulent Use Of Credit
Apple	27th August 2014
Confirm your informations for our new system !

Vulnerebility

Exploit

glibc Off-by-One NUL Byte gconv_translit_find Exploit

WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities

Firefox WebIDL Privileged Javascript Injection

WordPress ShortCode Plugin 1.1 - Local File Inclusion Vulnerability

Plogger 1.0-RC1 - Authenticated Arbitrary File Upload

ManageEngine DeviceExpert 5.9 - User Credential Disclosure

ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution

PhpWiki - Remote Command Execution

XRMS - Blind SQL Injection and Command Execution

WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities

27.8.2014

Bugtraq

ESA-2014-081 RSA® Identity Management and Governance Authentication Bypass Vulnerability 2014-08-26
Security Alert (Security_Alert emc com)

LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification 2014-08-26
advisories (advisories lsexperts de)

ntopng 1.2.0 XSS injection using monitored network traffic 2014-08-25
Steffen Bauch (mail steffenbauch de)

[security bulletin] HPSBMU03076 rev.2 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-08-25
security-alert hp com

[WorldCIST'15]: Call for Workshops Proposals; Proceedings by Springer - Indexed by ISI, Scopus, DBLP, etc. 2014-08-25
WorldCIST (worldcist aisti eu)

MEHR Automation System Arbitrary File Download Vulnerability(persian portal) 2014-08-25
cseye_ut yahoo com

DNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

DNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

Malware

RDN/Generic PUP.x!clz!2E0947B78E50
RDN/Generic PWS.y!b2u!2CDAC0446556
RDN/Generic PUP.x!2E0402515608
Generic PUP.x!2C4526C882C6
Generic PUP.x!301C1E58CC80
RDN/Generic.bfr!583A93256C4F
Generic PUP.x!2E6151D57092
Generic PUP.x!E1EC11BC302A
RDN/Generic PUP.x!clz!2B25F317194F
Generic PUP.x!56E460B97AE4
Generic PUP.x!773F105CC847
Generic PUP.x!C7E8D3D1A993
BackDoor-FBOB!6D43FE1902BB
Generic PUP.x!AE8C10232B34
RDN/Generic PUP.x!2BA92552F15C
RDN/Generic PUP.x!clz!71D53C9FEB08
RDN/Downloader.gen.a!5116E588B250
W32/Virut.gen!B6353F3B667F
BackDoor-FBOB!FD21D2BDB7F9
RDN/Generic Dropper!vc!B7D344EDD310
RDN/Generic PUP.x!clz!607B470EB2F6
RDN/Generic.bfr!2D0A667CB4E7
RDN/Generic PUP.x!clz!5FCA14074301
W32/Sality.gen!B3C59539F803
Generic PUP.x!BA92BD64077F
Downloader.gen.a!092FAC647C70
BackDoor-FBOB!DF52F81C950C
BackDoor-FBOB!7B4F49E67EED
RDN/Generic.grp!B5754BC23A19
RDN/Generic.bfr!hp!2B4BECCD6C44

Phishing

Apple	27th August 2014
Confirm your informations for our new system !
Support	26th August 2014
[Apple] Check your information REF:56452214-IOS

Vulnerebility

Exploit

glibc Off-by-One NUL Byte gconv_translit_find Exploit

ntopng 1.2.0 - XSS Injection

VTLS Virtua InfoStation.cgi - SQL Injection

26.8.2014

Bugtraq

[WorldCIST'15]: Call for Workshops Proposals; Proceedings by Springer - Indexed by ISI, Scopus, DBLP, etc. 2014-08-25
WorldCIST (worldcist aisti eu)

MEHR Automation System Arbitrary File Download Vulnerability(persian portal) 2014-08-25
cseye_ut yahoo com

DNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

DNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config 2014-08-25
cseye_ut yahoo com

Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699) 2014-08-25
Vulnerability Lab (research vulnerability-lab com)

Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass & Persistent Vulnerabilities (BNSEC 707) 2014-08-25
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 3011-1] mediawiki security update 2014-08-23
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 3010-1] python-django security update 2014-08-22
Salvatore Bonaccorso (carnil debian org)

Malware

Generic Downloader.x!5DF28122FEB9
Generic PUP.x!8D3AF9130814
Generic Downloader.x!BEB3ACA13F38
Generic PUP.x!84AC7F327B5D
RDN/Generic PUP.x!BECF17CAB1A3
CryptDomaIQ!64050EDCE4B6
RDN/PWS-Mmorpg!lr!BE2C864B41E6
Generic PUP.x!BA9A223DAC46
RDN/Generic Downloader.x!kv!A4558BCC8F95
Generic PUP.x!B0B524DA1CFA
RDN/Downloader.a!st!D404575AA706
PUP-FMK!64083FD01A04
Generic PUP.x!01C05ED56557
Generic PUP.x!F3398D9A6D08
RDN/Generic PUP.x!cl3!C6FE804DF447
RDN/Generic.bfr!DB26A822E310
Generic PUP.x!B68CCD1BA4EC
CryptDomaIQ!640806A0912B
RDN/Downloader.a!st!1FF8AC1321F7
FakeAV-M.bfr!0DD23B0BD825
RDN/Generic BackDoor!zo!B336A06DDCA4
Generic PUP.x!268944FC49F5
Generic PUP.x!520C3B94B62C
Generic PUP.x!A9F7FAE56EC1
Generic PUP.x!D47526F4AE4D
Generic PUP.x!17C30BD32422
Downloader.gen.a!68C3509DEFCC
Generic PUP.x!E5AD8AAD4509
Generic PUP.x!4A4C65E38B4E
Generic PUP.x!D0C15F4DFD9A

Phishing

Barclays	24th August 2014
YOUR ACCOUNT IS TEMPORARILY LIMITED
Lloyds	24th August 2014
Account Limited
Barclays	23rd August 2014
Your Account Is Temporarily Limited

Vulnerebility

Exploit

Innovaphone PBX Admin-GUI - CSRF Vulnerability

ManageEngine Password Manager MetadataServlet.dat SQL Injection

ntopng 1.2.0 - XSS Injection

VTLS Virtua InfoStation.cgi - SQL Injection

Innovaphone PBX Admin-GUI - CSRF Vulnerability

ManageEngine Password Manager MetadataServlet.dat SQL Injection

25.8.2014

Bugtraq

DoS attacks (ICMPv6-based) resulting from IPv6 EH drops 2014-08-22
Fernando Gont (fgont si6networks com)

[security bulletin] HPSBST03098 rev.1 - HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-21
security-alert hp com

CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability 2014-08-21
Herbert Duerr (hdu apache org)

CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects 2014-08-21
Herbert Duerr (hdu apache org)

[SECURITY] [DSA 3009-1] python-imaging security update 2014-08-21
Moritz Muehlenhoff (jmm debian org)

Malware

Downloader.gen.a!DC7C498A9931
PUP-FMK!FF62124BFC61
Generic PUP.x!EF2EF9E27990
CryptDomaIQ!FF78A2E7A332
Generic PUP.x!FF6ACD2E6F86
Generic PUP.x!96864469C5C3
RDN/Generic BackDoor!zo!3743A5BA18BB
Generic PUP.x!77B1DB3051E4
Generic.dx!DC783727A74C
Generic PUP.x!4073F47DA8BF
Generic PUP.x!AD0A1052FD6D
CryptDomaIQ!FF6789616D45
RDN/Generic.bfr!FB73645ECE86
CryptDomaIQ!FF4A49523D5F
Generic PUP.x!CFD816B07A4D
Generic PUP.x!DBD9953F84BB
FakeAV-M.bfr!139A29AC0E05
RDN/Downloader.gen.a!E1F31008F4EC
Generic PUP.x!DC3E5838A1A8
Generic PUP.x!084CE5BFBADA
Generic PUP.x!051E959FADCF
Generic PUP.x!DDBD77184305
RDN/Generic BackDoor!zo!DEB924414335
Generic Downloader.x!E4AAEF2A2811
CryptDomaIQ!FF4C15C4DD02
RDN/Generic PUP.x!clx!857EFFE1834F
Generic Downloader.x!F9F21E3FF2DE
MultiPlug!FF4A7FAD128F
RDN/Generic.bfr!32A6DE5D44D0
PUP-FMK!FF4BB4917C84

Phishing

Barclays	24th August 2014
YOUR ACCOUNT IS TEMPORARILY LIMITED
Lloyds	24th August 2014
Account Limited
Barclays	23rd August 2014
Your Account Is Temporarily Limited

Vulnerebility

Exploit

Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities

22.8.2014

Bugtraq

[SECURITY] [DSA 2940-1] libstruts1.2-java security update 2014-08-21
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3008-1] php5 security update 2014-08-21
Salvatore Bonaccorso (carnil debian org)

ToorCon 16 Call For Papers! 2014-08-20
h1kari toorcon org

ArcGIS for Server Vulnerability Disclosure 2014-08-20
Romano, Christian (cromano caanes com)

CVE-2014-4973 - Privilege Escalation in ESET Windows Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)

Malware

CryptDomaIQ!D78A92FCE66B
CryptDomaIQ!D7B9D9617294
iBryte!7B760BAC4CB7
RDN/Generic.bfr!hp!5D8629DC6644
Generic PUP.x!40AB98A5212F
PUP-FNX!3D31CF6CE619
Generic PUP.x!AA4D882A5605
Generic PUP.x!B5CFCD0D4330
Generic PUP.x!B2F1FEDF883A
Generic PUP.x!A634162F7DAE
RDN/Generic Downloader.x!kv!4D950A3923E8
RDN/Downloader.a!sr!1C2D6D6E2FF7
Generic PUP.x!91C583C9E2CB
Generic PUP.x!8211F008ACE6
RDN/Generic BackDoor!zn!EB44359AE361
Generic PUP.x!00F243CA7407
RDN/Spybot.bfr!n!EE95DC154F8A
RDN/Generic PUP.x!clr!6FA5A54C546F
MultiPlug!D869F6259C6A
Generic PUP.x!72FF3FAB00AB
Generic PUP.x!821366AA2E77
Generic PUP.x!A8E4F772823C
Generic PUP.x!8B1DE6A55E02
Generic PUP.x!A6999089A586
CryptDomaIQ!D7F39CCCECA8
Generic PUP.x!ADA8227219D7
Generic PUP.x!79BE0E13BDC4
CryptDomaIQ!D7D9BCC242A9
Generic PUP.x!693E4F7657D9
Generic.dx!9549CD8D855E

Phishing

PayPal	22nd August 2014
Temporarely Blocked Account
Halifax	20th August 2014
[SUSPECTED ] Halifax - Monthly e-statement is ready

Vulnerebility

Exploit

HybridAuth install.php PHP Code Execution

MyBB 1.8 Beta 3 - Multiple Vulnerabilities

21.8.2014

Bugtraq

CVE-2014-4973 - Privilege Escalation in ESET Windows Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)

SQL Injection Vulnerability in ArticleFR 2014-08-20
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-5307 - Privilege Escalation in Panda Security Products 2014-08-20
Portcullis Advisories (advisories portcullis-security com)

[SECURITY] [DSA 3007-1] cacti security update 2014-08-20
Moritz Muehlenhoff (jmm debian org)

Deutsche Telekom CERT Advisory [DTC-A-20140820-001] check_mk vulnerabilities 2014-08-20
CERT telekom de

ICETC2014 - IEEE Extended Submission until Aug. 28, 2014 2014-08-20
jackie sdiwc info

[security bulletin] HPSBUX03095 SSRT101674 rev.1 - HP-UX running OpenSSL, Multiple Vulnerabilities 2014-08-19
security-alert hp com

[security bulletin] HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-08-19
security-alert hp com

Malware

Generic PUP.x!0C204FDE7B86
RDN/Generic PUP.x!clq!FF671F5AA3E5
Generic PUP.x!5C0F16FF5863
RDN/Downloader.a!sq!A3C3FD650D87
Generic PUP.x!8939F187BB57
PUP-FMK!3D9279CB2352
RDN/Generic PUP.x!8AD8A57D3C30
Generic PUP.x!8B9E18721B78
PUP-FMK!89B3A792B87A
Generic PUP.x!60503134FC5D
Generic PUP.x!89FAC80D5C6D
RDN/Generic Downloader.x!kv!64EAD1CE8C6C
RDN/Spybot.bfr!45A1E07D0A66
PUP-FMK!8974090249A0
Generic PUP.x!E99409CD2D43
RDN/Generic PUP.x!8D130A9842B1
PUP-FMK!8B0F63C711EA
PUP-FMK!8B069AE89AFA
Generic PUP.x!8B78E33964B8
Generic PUP.x!5F030CF87FCF
PUP-FMK!8B645CC4137C
Generic PUP.x!397839349DD4
Generic PUP.x!632507E475FB
Generic PUP.x!612F0BCC8106
Generic PUP.x!3C9259606529
Generic PUP.x!3C832DFC43EC
PUP-FMK!3D8111762A6F
PUP-FMK!3C019A6C6A4F
Generic PUP.x!5E44C8FB463F
Generic PUP.x!3D29C4F18403

Phishing

Halifax	20th August 2014
[SUSPECTED ] Halifax - Monthly e-statement is ready
Amazon.com	19th August 2014
Account Confirmation
Barclays Bank PLC	19th August 2014
YOUR ACCOUNT HAS BEEN FLAGGED

Vulnerebility

Exploit

MyBB 1.8 Beta 3 - Multiple Vulnerabilities

20.8.2014

Bugtraq

ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities 2014-08-19
Security Alert (Security_Alert emc com)

[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability 2014-08-19
Jacopo Cappellato (jacopoc apache org)

ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability 2014-08-18
Security Alert (Security_Alert emc com)

Malware

RDN/Generic.bfr!CC375F631A4E
Generic PUP.x!52928A444DEC
Generic PUP.x!30B7C7480C0F
Generic PUP.x!045F3825D781
Generic PUP.x!64986BE36D9C
W32/Agent!486C0E6EEADF
Generic PWS.y!A7D0D53F0F69
Generic PUP.x!3623875E6B76
W32/Agent!6C4A668450F8
RDN/Generic.tfr!ed!9C4B91425BFF
RDN/Generic PUP.x!cln!D89813CC07F9
Generic.dx!C07C67CB80BA
W32/Agent!C11E2E01CFB8
Generic PUP.x!336F42DC8711
RDN/Generic PWS.y!b2s!593869F46AE2
RDN/Generic.dx!d2t!5F5B3ED8A3D9
RDN/Generic PUP.x!cln!DFE89220324D
RDN/Generic.tfr!ed!6632B9A411C1
RDN/Generic BackDoor!zm!9875E4DB4956
RDN/Generic PUP.x!cln!0AFFA6025D26
RDN/Generic PUP.x!cln!48E06AB96DF3
W32/Agent!B0DFAA10B66E
Generic PUP.x!8D07C2A47AF4
Generic PUP.x!2146DFDBB8E5
RDN/Generic PWS.y!b2s!57C9D5C5AE94
W32/Agent!4CFBE029BDF6
Downloader.gen.a!1CACD40DA3B9
Generic PUP.x!02FA1F62876E
Generic PUP.x!02D61E35B35E
W32/Agent!F8D28E6337D8

Phishing

Amazon.com	19th August 2014
Account Confirmation
Barclays Bank PLC	19th August 2014
YOUR ACCOUNT HAS BEEN FLAGGED
HSBC Bank	19th August 2014
Your Account is Innactive
Amazon	19th August 2014
AMAZON : YOUR ACCOUNT HAS BEEN SUSPENDED .! 19/08/2014 01:46:55

Vulnerebility

Exploit

19.8.2014

Bugtraq

[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability 2014-08-19
Jacopo Cappellato (jacopoc apache org)

ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities 2014-08-18
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 3006-1] xen security update 2014-08-18
Moritz Muehlenhoff (jmm debian org)

Outlook.com for Android fails to validate server certificates 2014-08-17
Securify B.V. (lists securify nl)

CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request 2014-08-17
tekwizz123 riseup net

Beginners error: Apple's iCloudServices for Windows run rogue program C:\Program.exe (and some more) 2014-08-16
Stefan Kanthak (stefan kanthak nexgo de)

Beginners error: Windows Live Mail 2011 runs rogue C:\Program.exe when opening associated URLs 2014-08-16
Stefan Kanthak (stefan kanthak nexgo de)

Beginners error: Apple's Software Update runs rogue program C:\Program.exe (and some more) 2014-08-16
Stefan Kanthak (stefan kanthak nexgo de)

Malware

Generic PUP.x!D17D556AB2A1
RDN/Generic PWS.y!b2r!1CE828E65DA1
RDN/Generic PUP.x!13EFCA0531D6
Generic PUP.x!E5251D67DF41
Generic PUP.x!0F1539BC11C0
RDN/Spybot.bfr!n!76009EEDBFD5
RDN/Generic PUP.x!clm!F8B2336E860A
CryptDomaIQ!F31B767EC17F
Generic.dx!427351117509
Generic PUP.x!14ED09D6ACC4
W32/Virus.gen!B8115DBA7C22
Generic PUP.x!605128B8DB0E
Generic PUP.x!772235C96E34
Generic PUP.x!6A54F0010CE8
RDN/Generic.dx!d2t!BA27E95FA7FC
Generic PUP.x!0625CACA32D6
RDN/PWS-Mmorpg!le!72E0A7408FA9
Generic PUP.x!83AF022CFA43
Generic PUP.x!3A81F3F93D2C
RDN/Generic.bfr!14AF329F39B5
RDN/PWS-Mmorpg!le!7244F461E98C
Generic PUP.x!FC1EA541274C
RDN/Generic Downloader.x!kt!B223377D6A89
Generic PUP.x!A46F9AC8BA84
RDN/Generic PUP.x!clm!8CB82925E1EA
Generic PUP.x!0F84D578996A
Generic PUP.x!18618C80353F
PUP-FMK!F309D612922F
Generic PUP.x!79C39106E78C
Generic PUP.x!73AF95D35908

Phishing

Amazon	19th August 2014
AMAZON : YOUR ACCOUNT HAS BEEN SUSPENDED .! 19/08/2014 01:46:55
HSBC Bank ;	18th August 2014
Your Account is Innactive
Natwest	18th August 2014
Verify your online account
Paypal	17th August 2014
YOUR ACCOUNT HAS BEEN LIMITED
Service Paypal	17th August 2014
YOUR ACCOUNT WILL BE LIMITED !
NatWest	17th August 2014
* CACTUS * review your account activity

Vulnerebility

Exploit

Tenda A5s Router 3.02.05_CN - Authentication Bypass Vulnerability

Firefox toString console.time Privileged Javascript Injection

15.8.2014

Bugtraq

[SECURITY] [DSA 3005-1] gpgme1.0 security update 2014-08-14
Salvatore Bonaccorso (carnil debian org)

APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6 2014-08-13
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBMU03090 rev.1 - HP SiteScope, running Apache Struts, Remote Execution of Arbitrary Code 2014-08-13
security-alert hp com

[security bulletin] HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-13
security-alert hp com

Reflected Cross-Site Scripting (XSS) in Jamroom 2014-08-13
High-Tech Bridge Security Research (advisory htbridge com)

[oCERT-2014-006] Ganeti insecure archive permission 2014-08-12
Andrea Barisani (lcars ocert org)

Malware

Generic PUP.x!5EAF4DC5656F
CryptDomaIQ!613DEE1AA9E4
CryptDomaIQ!61A4606F9F7B
Generic PUP.x!D592A80D7EA3
Generic PUP.x!BD19C7D6EFB9
RDN/Generic.dx!d2r!439AC4BF6F9D
Generic PUP.x!07B47210CFA1
W32/Virut.n.gen!DDC0396D5BC6
RDN/Generic BackDoor!zl!CED420B564FF
RDN/Generic.dx!d2r!694F0B99D9DC
Generic.bfr!C4FF5021A5A1
RDN/Generic Downloader.x!kt!E7954A704FDF
RDN/Generic Downloader.x!77BC1B2BD9A3
Generic PUP.x!1E91A68167B9
Generic PUP.x!799557409014
Generic.bfr!62988F8D0E6A
iBryte!A1B03AFC72DA
Generic PUP.x!37B7E8CC72D9
Generic PUP.x!1DBAD420686C
RDN/PWS-Banker!dk!A921E6800E4E
RDN/Generic PWS.y!b2r!D57962293480
RDN/Generic.tfr!ed!577783DB7328
RDN/Generic.bfr!hp!BD1F672233F7
RDN/Generic PUP.z!ed!A9E10036ABAF
Generic PUP.x!1D2C6843FC93
CryptDomaIQ!6131045B79C3
RDN/Generic PUP.x!cl3!A83C5AFCBAC4
CryptDomaIQ!61211D33DB54
CryptDomaIQ!61B955BF39EA
RDN/Generic.bfr!hp!258D7ED949D9

Phishing

Customerservice@MBNA.co.uk	14th August 2014
MBNA - NEW ASSIGNED CREDIT LIMIT
Wells Fargo	13th August 2014
Important Notice Regarding Your Account
Apple	13th August 2014
YOU APPLE ACCOUNT HAS BEEN LIMITED

Vulnerebility

Exploit

VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution

VirtualBox 3D Acceleration Virtual Machine Escape

Disqus for Wordpress 2.7.5 Admin Stored CSRF and XSS

14.8.2014

Bugtraq

[security bulletin] HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-13
security-alert hp com

Reflected Cross-Site Scripting (XSS) in Jamroom 2014-08-13
High-Tech Bridge Security Research (advisory htbridge com)

[oCERT-2014-006] Ganeti insecure archive permission 2014-08-12
Andrea Barisani (lcars ocert org)

BlackBerry Z 10 - Storage and Access File-Exchange Authentication By-Pass [MZ-13-04] 2014-08-12
security (security modzero ch)

CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service 2014-08-12
Gregory Pickett (gpickett71 yahoo com)

Apache Cordova 3.5.1: CVE-2014-3502 update 2014-08-11
Marcel Kinard (cmarcelk gmail com)

[security bulletin] HPSBMU03089 rev.1 - HP Executive Scorecard, Running OpenSSL, Disclosure of Information 2014-08-11
security-alert hp com

[SECURITY] [DSA 2984-2] acpi-support regression update 2014-08-11
Raphael Geissert (geissert debian org)

Malware

RDN/Generic BackDoor!zl!E68B1B9A909D
RDN/Generic BackDoor!zl!D87E239269F8
RDN/Generic Downloader.x!kt!8F858D36A167
RDN/Generic Downloader.x!kt!FDC0A04B588B
Generic PUP.x!C4FB73B94C1A
Generic PUP.x!B7CEB1116131
Generic PUP.x!0020F4091EEF
Generic PUP.x!BA0E734C3E04
Generic PUP.x!1B53D9330121
RDN/Generic PUP.x!clh!C14853CF221A
DNSChanger.bfr!FCEB0BD6DC79
iBryte!6CB2A8B6B14A
Generic PUP.x!0021559049AF
PWS-Lineage!FCA0C564703B
RDN/PWS-Mmorpg!le!C708D98F6896
Generic PUP.x!BFA9B5157153
RDN/Generic PUP.x!FB0C34E2BF2A
RDN/Generic.bfr!hp!B439364F47F2
Generic PUP.x!65CB25F3A1E9
Generic Downloader.x!02DF46777E28
Generic PUP.x!D4FDA0479187
Generic PUP.x!EA909393FE47
RDN/Generic BackDoor!zl!BF2A095BCB4A
RDN/Generic PUP.x!clh!3D0A9AE977B4
RDN/Generic.tfr!eb!EAC0EAC1D114
RDN/PWS-Banker!dk!F3F4C6B45308
iBryte!230D02990BD8
Generic PUP.x!001389F978FB
RDN/Generic.bfr!hp!EAB758DEBBDC
RDN/Generic.bfr!hp!A8E17CFE73B5

Phishing

Wells Fargo	13th August 2014
Important Notice Regarding Your Account
Apple	13th August 2014
YOU APPLE ACCOUNT HAS BEEN LIMITED
PayPal	12th August 2014
Your PayPal Account Has Been Limited PP:6755

Vulnerebility

Exploit

VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation

13.8.2014

Bugtraq

CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service 2014-08-12
Gregory Pickett (gpickett71 yahoo com)

Apache Cordova 3.5.1: CVE-2014-3502 update 2014-08-11
Marcel Kinard (cmarcelk gmail com)

[security bulletin] HPSBMU03089 rev.1 - HP Executive Scorecard, Running OpenSSL, Disclosure of Information 2014-08-11
security-alert hp com

[SECURITY] [DSA 2984-2] acpi-support regression update 2014-08-11
Raphael Geissert (geissert debian org)

IBM Maximo: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0914 and -0915) 2014-08-11
Jamie Riden (jamie riden gmail com)

[SECURITY] [DSA 3004-1] kde4libs security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!9013C2196DC9
Generic PUP.x!8A9B26012124
Generic BackDoor!8626B626C1DF
RDN/Generic.bfr!33AF5259E1AA
RDN/Generic.grp!D7E433C049B0
Generic PUP.x!2C51624F9F37
Generic PUP.x!ABF910D3EC3E
Generic PUP.x!AC4406EF9CB1
RDN/Generic BackDoor!zk!D1F88DCB9459
RDN/Generic Dropper!va!8A600BDF0C66
RDN/Generic PUP.x!clg!AE7F20E9DF44
Generic PUP.x!FBEB8E96BD7F
Generic PUP.x!18628EAAAC47
RDN/Generic BackDoor!zk!F5875D99901B
RDN/Downloader.gen.a!90F26DD090E4
Generic PUP.x!641F17466338
Generic PUP.x!25CB943F21ED
Generic PUP.x!CDD46FE4F30F
Generic PUP.x!AB611FD1E3D6
Generic PUP.x!90F973E397D3
RDN/Generic BackDoor!zk!499390CC4A85
RDN/Generic PUP.x!90E0F365FA42
RDN/Generic PUP.x!clg!D8F8EFFCA3E6
RDN/Generic PUP.x!clg!65F8DF39564F
RDN/Generic.tfr!eb!EA9A3D4FDF70
RDN/Generic PUP.x!clg!906446C564FD
RDN/Generic PUP.x!clg!90C0C078D6DA
RDN/Generic PUP.x!clg!7AD6E0D0DD78
SquareNet!D5EF5196E1A8
RDN/Generic PWS.y!b2q!254185AD26BB

Phishing

PayPal	12th August 2014
Your PayPal Account Has Been Limited PP:6755
Google	11th August 2014
Important Document

Vulnerebility

Exploit

10.8.2014

Bugtraq

[SECURITY] [DSA 3004-1] kde4libs security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3003-1] libav security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3002-1] wireshark security update 2014-08-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 3001-1] wordpress security update 2014-08-09
Salvatore Bonaccorso (carnil debian org)

MITKRB5-SA-2014-001 Buffer overrun in kadmind with LDAP backend 2014-08-09
Benjamin Kaduk (kaduk MIT EDU)

[SECURITY] [DSA 3000-1] krb5 security update 2014-08-09
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2999-1] drupal7 security update 2014-08-09
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!F2448D269864
RDN/Generic PUP.x!DCCF14667FEF
CryptDomaIQ!4A4A980FED95
Somoto-BetterInstaller!4A4F6A31A839
Generic PUP.x!2F6696046CDD
Generic PUP.x!4A0472CF5447
PUP-FMK!4A575BA30588
CryptDomaIQ!4A5E3900424B
CryptDomaIQ!4ABF22512E1D
CryptDomaIQ!4A87260DDCAD
iBryte!7B039DA43CF7
CryptDomaIQ!4A956AEE49E3
Generic.bfr!F22F7C0BB929
Generic PUP.x!3044ED379E96
CryptDomaIQ!4A8B21ACD4EB
CryptDomaIQ!4A83AF88F3CA
RDN/Generic.dx!DBB650E32BE7
CryptDomaIQ!4A6462895D3E
Generic PUP.x!F3130A5AAB42
iBryte!4A96543FD9FD
CryptDomaIQ!4A4C01FABEA1
iBryte!7409EDDCBA81
Generic.tfr!D6EFDD77C0EE
Generic PUP.z!F32AC518557E
CryptDomaIQ!4A86C26015AC
CryptDomaIQ!4A8A3D903C58
CryptDomaIQ!4A4F795BFFDC
CryptDomaIQ!4A64AD6B0106
PUP-FMU!4A5B32B0B18F
CryptDomaIQ!49DA1BB2CDBB

Phishing

Google	11th August 2014
Important Document
AMAZON	10th August 2014
Amazon : Verify your account âœ”
PayPal	10th August 2014
PayPal Security & Privacy Update.

Vulnerebility

Exploit

9.8.2014

Bugtraq

[security bulletin] HPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-08-08
security-alert hp com

[ MDVSA-2014:158 ] openssl 2014-08-08
security mandriva com

[ MDVSA-2014:159 ] wireshark 2014-08-08
security mandriva com

ESA-2014-055: EMC Network Configuration Manager (NCM) Report Advisor Session Fixation Vulnerability 2014-08-08
Security Alert (Security_Alert emc com)

[WorldCIST'15]: Call for Workshops Proposals - Proceedings by Springer 2014-08-07
ML (marialemos72 gmail com)

[security bulletin] HPSBUX03087 SSRT101413 rev.1 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-08-07
security-alert hp com

Beginners error: QuickTime for Windows runs rogue program C:\Program.exe when opening associated files 2014-08-07
Stefan Kanthak (stefan kanthak nexgo de)

[security bulletin] HPSBMU03086 rev.1 - HP Operations Agent running Glance, Local Elevation of Privilege 2014-08-07
security-alert hp com

[ MDVSA-2014:157 ] ipython 2014-08-08
security mandriva com

[security bulletin] HPSBHF03084 rev.1 HP PCs with UEFI Firmware, Execution of Arbitrary Code 2014-08-07
security-alert hp com

Easy FTP Pro v4.2 iOS - Command Inject Vulnerabilities 2014-08-07
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic PUP.x!7E5E04B6DBB7
RDN/Generic PWS.y!8AD39AE900FE
Generic PUP.x!FA919C009814
RDN/Generic PUP.x!310FAE209BFD
RDN/Generic PUP.x!C1F195AFFBF0
Generic PUP.x!61FFE105D74D
Generic PUP.x!9B765B9DC201
RDN/Generic.bfr!97B290BF2888
RDN/Ransom!9086F66B397B
RDN/Generic PUP.x!974585DD7C7E
RDN/Generic.bfr!hp!2F5318283D20
Generic PUP.x!E37E8643EB0E
RDN/Generic PUP.x!E1A9A5D14805
Generic Dropper!D5705F627BAE
Generic.dx!7F9D3169E171
Downloader.gen.a!1F8DA5B5367F
Generic PUP.x!14B5B0F9EFA1
Generic PUP.x!D0C6D4C0D314
RDN/Generic.grp!hl!4CCB956FB142
Generic PUP.x!3B20DDB5566B
Generic PUP.x!0AE8332F429F
Generic PUP.x!B25FEC7B2BE3
RDN/Spybot.bfr!106F567745FB
RDN/Generic PUP.x!402C60F04680
RDN/BackDoor-CMQ!03B878E7493A
RDN/Generic PUP.x!29C660BFE681
Generic PUP.x!B2801F5F579D
Generic PUP.x!95EE3853B9F8
Generic Downloader.x!A25E15BD4F38
RDN/Generic PUP.x!442078F0D373

Phishing

AMAZON	10th August 2014
Amazon : Verify your account âœ”
PayPal	10th August 2014
PayPal Security & Privacy Update.
PayPal	10th August 2014
Your PayPal account is limited until we hear from you.
support	9th August 2014
YOU HAVE A PROBLEM IN YOUR ACCOUNT PLEASE UPDATE YOUR INFORMATION
support	8th August 2014
YOU HAVE A PROBLEM IN YOUR ACCOUNT PLEASE UPDATE YOUR INFORMATION
Amazon	8th August 2014
ACCOUNT CONFIRMATION

Vulnerebility

Exploit

8.8.2014

Bugtraq

[SECURITY] [DSA 2998-1] openssl security update 2014-08-06
Raphael Geissert (geissert debian org)

[ MDVSA-2014:152 ] glibc 2014-08-06
security mandriva com

[ MDVSA-2014:154 ] readline 2014-08-06
security mandriva com

[ MDVSA-2014:153 ] mediawiki 2014-08-06
security mandriva com

[ MDVSA-2014:151 ] cups 2014-08-06
security mandriva com

Cisco Security Advisory: Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability 2014-08-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic.bfr!3B29609A2250
Downloader.gen.a!FD5FC2EDEF54
RDN/BackDoor-CMQ!f!16E30608BBAC
RDN/Spybot.bfr!02C2333F6E4A
RDN/Generic Dropper!uz!7FD40CB71BC8
Generic PUP.x!15282FD5BCAB
RDN/Generic PUP.x!cl3!BDEAB08A6988
RDN/Generic.dx!d2q!EFA1AE2A7768
RDN/Generic PUP.x!1D09F27288D3
RDN/Generic PUP.x!cl3!062C1DB72C65
RDN/Generic.dx!d2q!6CEE7A5D0E8A
RDN/Generic PUP.x!cl3!B032210337F1
RDN/Generic Dropper!uz!E4F0C2B45294
Generic PUP.x!1F9A60626FF9
RDN/Generic PUP.x!cl3!AEAD6A2C5E6E
RDN/Generic PUP.x!cl3!43B0A1AE1E39
RDN/Generic PUP.x!cl3!02D3F09A5BD3
RDN/Generic PUP.x!cl3!D5B1F0754EEF
RDN/Generic PUP.x!cl3!9BAD0AC8F813
RDN/Generic PUP.x!cl3!5CC4E432E392
RDN/Generic.grp!hl!1593AD1449AD
RDN/Generic Dropper!uz!78897DA6D20E
RDN/Generic.bfr!hp!A992D563F820
Generic PUP.x!1FA0D800EF14
RDN/Generic Downloader.x!682944D849ED
RDN/Generic Dropper!uz!FBD1DB524D09
RDN/Generic Dropper!uz!EB9B675561F2
Downloader.gen.a!6C2DDD0FA240
Generic BackDoor!2108012364F9
RDN/BackDoor-AWQ!bv!1489F7656119

Phishing

ON BEHALF OF Customer Financ	7th August 2014
Access to your Visa card has been blocked!
NatWest	7th August 2014
Restriction On Your Account
Visa Service	6th August 2014
YOUR CREDIT CARD HAS BEEN SUSPENDED
service-customer	6th August 2014
ALERT#3245:PLEASE CHECK THE INFORMATION ASSOCIATED WITH YOUR ACCOUNT DATA
=?UTF-8?Q?PayPal?=	6th August 2014
=?UTF-8?Q?Your_account_will_be _locked_within_=32=34_hours=2e ?=
PayPal	6th August 2014
Your Credit/Debit Card expired in your account #PP-982-761-668

Vulnerebility

Exploit

7.8.2014

Bugtraq

PhotoSync v2.2 iOS - Command Inject Web Vulnerability 2014-08-06
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:149 ] php 2014-08-06
security mandriva com

[security bulletin] HPSBMU03085 rev.1 - HP Application Lifecycle Management / Quality Center, Elevation of Privilege 2014-08-05
security-alert hp com

PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability 2014-08-06
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2997-1] reportbug security update 2014-08-05
Salvatore Bonaccorso (carnil debian org)

CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java 2014-08-05
Georg Lukas (lukas rt-solutions de)

Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-08-05
mike manzotti dionach com

Apache Cordova 3.5.1 2014-08-04
Marcel Kinard (cmarcelk gmail com)

[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities] 2014-08-04
Mike Antcliffe (mikeantcliffe logicallysecure com)

SEC Consult SA-20140805-0 :: Multiple vulnerabilities in Readsoft Invoice Processing and Process Director 2014-08-05
SEC Consult Vulnerability Lab (research sec-consult com)

Malware

RDN/Generic PUP.x!clc!E8FF5FF1D3A0
RDN/Generic PUP.x!clc!5D6A09BE4670
RDN/Generic PUP.x!clc!0FBE07BF61F7
RDN/Generic.tfr!eb!D2EB83586600
RDN/Generic BackDoor!zj!E47138296721
RDN/Generic Dropper!E408F16FB487
RDN/Generic PUP.x!clc!DBC697DA98B1
RDN/Generic PUP.x!clc!1925F434586B
RDN/Generic PUP.x!clc!8D8F36CBB344
RDN/Generic.dx!d2o!7CB0F9922B61
RDN/Generic PUP.x!clc!CF0DBFAACCD3
GenericATG-FACO!138434AC9516
RDN/Generic BackDoor!zj!387339B51FA0
RDN/Downloader.gen.a!6357BB1B0377
PUP-FLT!F769AA76515D
RDN/Generic PUP.x!clc!C1B98F772ECB
RDN/Downloader.a!sl!6357BB1B0377
Generic PUP.x!84027B280340
Generic PUP.x!B8F5FC1D972F
Trojan-FEKR!7F4CCE5073AE
RDN/Generic Downloader.x!kr!34F456651A47
RDN/Generic PUP.x!D693583628C4
RDN/Generic PUP.x!4DDF6B193DE7
RDN/Generic.dx!A97AD32C01CC
RDN/Downloader.a!sl!D489B5AE4D4A
RDN/BackDoor-CMQ!f!0058849D0CAD
Trojan-FDKL!67A5766EDB6D
RDN/Generic PUP.x!clc!F2DF207A29CB
RDN/Generic Dropper!uz!339A1203649B
PUP-FLT!90EC4E499CC9

Phishing

NatWest	7th August 2014
Restriction On Your Account
Visa Service	6th August 2014
YOUR CREDIT CARD HAS BEEN SUSPENDED
service-customer	6th August 2014
ALERT#3245:PLEASE CHECK THE INFORMATION ASSOCIATED WITH YOUR ACCOUNT DATA
=?UTF-8?Q?PayPal?=	6th August 2014
=?UTF-8?Q?Your_account_will_be _locked_within_=32=34_hours=2e ?=
PayPal	6th August 2014
Your Credit/Debit Card expired in your account #PP-982-761-668

Vulnerebility

Exploit

6.8.2014

Bugtraq

CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java 2014-08-05
Georg Lukas (lukas rt-solutions de)

Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-08-05
mike manzotti dionach com

Apache Cordova 3.5.1 2014-08-04
Marcel Kinard (cmarcelk gmail com)

[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities] 2014-08-04
Mike Antcliffe (mikeantcliffe logicallysecure com)

SEC Consult SA-20140805-0 :: Multiple vulnerabilities in Readsoft Invoice Processing and Process Director 2014-08-05
SEC Consult Vulnerability Lab (research sec-consult com)

[security bulletin] HPSBMU03037 rev.2 - HP Multimedia Service Environment (MSE), (HP Network Interactive Voice Response (NIVR)), Remote Disclosure of Information 2014-08-04
security-alert hp com

CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall 2014-08-04
Portcullis Advisories (advisories portcullis-security com)

[security bulletin] HPSBMU03083 rev.1 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-04
security-alert hp com

Ebay Inc Magento ProStore CP #4 - Filter Validation Bypass & Persistent (Payment Information) Vulnerability 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

FreeDisk v1.01 iOS - Multiple Web Vulnerabilities 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

ownCloud Unencrypted Private Key Exposure 2014-08-04
Senderek Web Security (support senderek ie) (1 replies)

Re: ownCloud Unencrypted Private Key Exposure 2014-08-04
Frank Stanek (frank frank-stanek de) (2 replies)

RE: ownCloud Unencrypted Private Key Exposure - version (6.0.4) reported not vulnerable 2014-08-05
Choulat, Trace (tchoula ufl edu)

Re: ownCloud Unencrypted Private Key Exposure 2014-08-05
Anthony Dubuissez (anthony dubuissez webera fr)

Malware

Phishing

Visa Service	5th August 2014
YOUR CREDIT CARD HAS BEEN SUSPENDED
Visa Service	4th August 2014
YOUR CREDIT CARD HAS BEEN SUSPENDED
Discover Customer Service	4th August 2014
IMPORTANT MESSAGE ABOUT YOUR DISCOVERÂ®
Apple.inc	4th August 2014
YOU HAVE A PROBLEM IN YOUR ACCOUNT PLEASE UPDATE YOUR INFORMATION

Vulnerebility

Exploit

Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow

5.8.2014

Bugtraq

FreeDisk v1.01 iOS - Multiple Web Vulnerabilities 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

ownCloud Unencrypted Private Key Exposure 2014-08-04
Senderek Web Security (support senderek ie)

[SECURITY] [DSA 2996-1] icedove security update 2014-08-03
Moritz Muehlenhoff (jmm debian org)

Video WiFi Transfer 1.01 - Directory Traversal Vulnerability 2014-08-04
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2995-1] lzo2 security update 2014-08-03
Salvatore Bonaccorso (carnil debian org)

[slackware-security] dhcpcd (SSA:2014-213-02) 2014-08-01
Slackware Security Team (security slackware com)

[slackware-security] samba (SSA:2014-213-01) 2014-08-01
Slackware Security Team (security slackware com)

Microsoft Exchange Multiple Vulnerabilities 2014-08-01
np securitypentest com

Malware

Phishing

Visa Service	4th August 2014
YOUR CREDIT CARD HAS BEEN SUSPENDED
Discover Customer Service	4th August 2014
IMPORTANT MESSAGE ABOUT YOUR DISCOVERÂ®
Apple.inc	4th August 2014
YOU HAVE A PROBLEM IN YOUR ACCOUNT PLEASE UPDATE YOUR INFORMATION
NatWest Online Banking	2nd August 2014
Your Securtiy is important
BARCLAYS	2nd August 2014
ACCOUNT VALIDATION REQUIRED [#9384-BDA]

Vulnerebility

Exploit

Video WiFi Transfer 1.01 - Directory Traversal Vulnerability

FreeDisk v1.01 iOS - Multiple Vulnerabilities

Shellcode Linux x86 - chmod (777 /etc/passwd & /etc/shadow), Add New Root User (ALI/ALI) & Execute /bin/sh

4.8.2014

Bugtraq

[security bulletin] HPSBMU03081 rev.1 - HP Enterprise Maps, Remote Information Disclosure 2014-07-31
security-alert hp com

Malware

W32/Expiro!08DB7DDE3814
W32/Expiro!056E87849E07
RDN/Generic PUP.x!ckt!0A5AFC45C3A6
RDN/Generic PUP.x!ckt!CA5362C7469F
RDN/Generic PUP.x!ckt!C70525C46D4A
Generic PUP.x!159ABAC7A572
Generic PUP.x!2DBE68F6E8EB
RDN/FakeAV-M.bfr!8BBE1B37FA4B
W32/Expiro!05B2A253463C
Generic PUP.x!8C14093241EF
Generic.tfr!E44566C58343
W32/Expiro!04A09DE44611
Downloader.gen.a!FEE1BC2B60EF
Generic PUP.x!36E6DFC40F67
Generic PUP.x!0085CB177B28
Generic.tfr!2B32D9BCA821
Somoto-BetterInstaller!5655811B468F
PUP-FMH!C66C0A0C5812
CryptDomaIQ!C622A061874A
CryptDomaIQ!C6EFEDDC16C4
Generic PUP.x!E7A29C8ADAB5
Generic.dx!39F09EEDBB74
CryptDomaIQ!C64238627A2E
Downloader.gen.a!BEBDD8448060
PUP-FMU!C71617B70793
CryptDomaIQ!C662BC2AF6F9
CryptDomaIQ!C70C239C2D64
Generic PUP.x!21841B079132
Generic PUP.x!8C0FC97C4407
W32/Expiro!08FBA30FB1B1

Phishing

NatWest Online Banking	2nd August 2014
Your Securtiy is important
BARCLAYS	2nd August 2014
ACCOUNT VALIDATION REQUIRED [#9384-BDA]
Microsoft	1st August 2014
For security purposes, your online account has been locked.

Vulnerebility

Exploit

TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution

2.8.2014

Bugtraq

[security bulletin] HPSBMU03081 rev.1 - HP Enterprise Maps, Remote Information Disclosure 2014-07-31
security-alert hp com

[ MDVSA-2014:148 ] dbus 2014-07-31
security mandriva com

[ MDVSA-2014:147 ] sendmail 2014-07-31
security mandriva com

[SECURITY] [DSA 2994-1] nss security update 2014-07-31
Raphael Geissert (geissert debian org)

Malware

Generic.dx!EEDB021B4107
RDN/Downloader.a!si!FCF87BC81A5C
Generic PUP.x!C85F72BE47E0
RDN/Generic PUP.x!ckp!91718CE7DF49
RDN/Downloader.a!si!9FCE9CA3EAA1
RDN/Generic PUP.x!CF9A187C4140
RDN/Generic PUP.x!ckp!B0E0AA08AEC6
RDN/Generic PUP.x!ckp!D2907F32D3CD
RDN/Downloader.a!si!955FCDD7C6D5
RDN/Generic PUP.x!ckp!C91E19742A91
RDN/Downloader.a!si!7DFD452CD00E
RDN/Generic PUP.x!ckp!DA1442EF00B2
Generic.tfr!CD9F60E3921E
RDN/Downloader.a!si!604162E987A6
RDN/Generic Dropper!uy!9E6EB4FC4214
RDN/Generic PUP.x!ckp!A5308C29F05A
RDN/Downloader.a!si!D009C32F14E4
Generic.bfr!B0FFF36BF2B5
RDN/Downloader.a!si!402CC248306D
RDN/Downloader.a!si!C079FE18B514
Generic.dx!D9B152FE7207
RDN/Generic PUP.x!573A22EE2532
RDN/Generic PUP.x!ckp!4EE62C3F1B49
RDN/Downloader.a!si!1A37C6F758CD
RDN/Generic PUP.x!CD7A281E9FC6
Generic PUP.x!0A829E08A0A9
Generic PUP.x!BC798CE217F9
RDN/Generic PUP.x!ckp!716983CD6054
RDN/Downloader.a!si!FB52784E4A50
RDN/Generic Dropper!uy!2AD89A67786E

Phishing

BARCLAYS	2nd August 2014
ACCOUNT VALIDATION REQUIRED [#9384-BDA]
Microsoft	1st August 2014
For security purposes, your online account has been locked.

Vulnerebility

Exploit

1.8.2014

Bugtraq

[ MDVSA-2014:144 ] live 2014-07-30
security mandriva com

Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-30
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)

RE: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-30
Joe Souza (Joe Souza NetMotionWireless com) (1 replies)

Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-30
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:143 ] phpmyadmin 2014-07-30

Malware

RDN/Generic PUP.x!ckm!3E423F5F8F30
RDN/Generic.tfr!CB6A7DBABD38
RDN/Generic Downloader.x!kh!C37092056D60
RDN/Generic PUP.x!ckm!D8977D71ECB0
PUP-FMU!89B26B09C874
Generic PUP.x!6A2348DF5D07
Generic Downloader.x!11B9D320C370
Generic PUP.x!5E69780849E8
RDN/Generic PUP.x!E0D5C8BA68FC
Generic PUP.x!50988E37F4CB
PUP-FMU!FC88EAC1B034
RDN/Generic PWS.y!DBC0D4AF2723
CryptDomaIQ!9504335A721E
Generic PUP.x!4644B244F268
PUP-FMU!4576D80B3D68
PUP-FMU!25054506CF8E
RDN/Generic Dropper!uy!2AF0D9057C2D
RDN/Generic BackDoor!3DFF29FC14FC
RDN/Generic Dropper!uy!4E85CA323FF2
PUP-FMU!7ED025401F9C
RDN/Generic PUP.x!ckm!5F22DB062A0A
RDN/Generic PUP.x!0BB41C1261B0
Generic PUP.x!0B6A06193743
RDN/Generic.grp!hj!7CD8725E9561
Generic PUP.x!A556729C4351
RDN/Generic PUP.x!ckm!3D5F913DEBA1
RDN/Downloader.a!ry!E2304190B95A
RDN/Generic.dx!ddv!DB87E324A3E1
Generic PUP.x!63F3C1D81140
CryptDomaIQ!94FF124814A9

Phishing

Microsoft	1st August 2014
For security purposes, your online account has been locked.
PaypalService	1st August 2014
Update Your Account
MBNA Europe Bank Limited	31st July 2014
New Security Update.
Discover Customer Service	31st July 2014
MESSAGE ABOUT YOUR DISCOVERÂ®
Halifax	31st July 2014
1 New Halifax Account Messege

Vulnerebility

Exploit

31.7.2014

Bugtraq

Vulnerabilities in Facebook and Facebook Messenger for Android [STIC-2014-0529] 2014-07-29
Programa STIC (stic fundacionsadosky org ar)

[security bulletin] HPSBMU03078 rev.1 - HP CloudSystem Foundation and HP CloudSystem Enterprise Software running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-07-29
security-alert hp com

[ MDVSA-2014:141 ] java-1.7.0-openjdk 2014-07-29
security mandriva com

[Onapsis Security Advisory 2014-023] HTTP verb tampering issue in SAP_JTECHS 2014-07-29
Onapsis Research Labs (research onapsis com)

Malware

RDN/Generic Dropper!uy!05B9CE22C78C
Generic PUP.x!9788D5D70DAF
RDN/Generic Dropper!uy!21343AB51C9B
RDN/Generic.dx!9834CF05FE92
RDN/Generic PUP.x!BCFA4B4BAB7D
RDN/Generic.dx!4E3D06158622
RDN/Generic PUP.z!8241EF0E1E48
RDN/Generic.dx!2FAB026C650D
RDN/Generic.dx!FA0F54EFFBAD
Generic PUP.z!3186E2351D8D
Generic Downloader.x!8B6EF59B0CB9
RDN/Generic PUP.x!ck3!DEA2152247F1
Generic PUP.x!10B147851ED5
RDN/Generic PUP.x!AB422E003BF4
Generic.bfr!8E56CFC5DB68
RDN/Generic PUP.x!D975E01C91C1
RDN/Generic PUP.x!ADEFB5F6037C
RDN/Generic.bfr!9563A32F7466
Generic.dx!41BB53A4DA5E
Generic PUP.z!90339B7FFD36
Somoto-BetterInstaller!4544E05DF1EA
RDN/Generic PUP.x!ck3!3C32C76D6720
Generic PUP.x!62568192C39D
Generic PUP.x!BAF618224750
Generic PUP.x!6722FE89449E
Generic PUP.x!1DD778E673FA
RDN/Generic Dropper!uy!875D82F09673
RDN/Generic PUP.x!ck3!D12826863A13
Keylog-Ardamax.dll!96C2B9FDA079
RDN/Generic Dropper!uy!56109A3FFEB5

Phishing

Apple	31st July 2014
Update your apple account
Chase	30th July 2014
Online Notification #3281 Chase
BT	30th July 2014
We are unable to process your recent payment
Halifax	30th July 2014
Account restricted [HBOS-28734MV]

Vulnerebility

Exploit

Dlink DWR-113 Rev. Ax - CSRF Denial of Service

SkaDate Lite 2.0 - Multiple CSRF And Persistent XSS Vulnerabilities

SkaDate Lite 2.0 - Remote Code Execution Exploit

D-Link AP 3200 Multiple Vulnerabilities

30.7.2014

Bugtraq

[Onapsis Security Advisory 2014-024] Hard-coded Username in SAP FI Manager Self-Service 2014-07-29
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-022] SAP HANA IU5 SDK Authentication Bypass 2014-07-29
Onapsis Research Labs (research onapsis com)

[ MDVSA-2014:139 ] nss 2014-07-29
security mandriva com

[Onapsis Security Advisory 2014-026] Missing authorization check in function modules of BW-SYS-DB-DB4 2014-07-29
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-025] Multiple Cross Site Scripting Vulnerabilities in SAP HANA XS Administration Tool 2014-07-29
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication 2014-07-29
Onapsis Research Labs (research onapsis com)

Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 #37 - Filter Bypass & Multiple Vulnerabilities 2014-07-29
Vulnerability Lab (research vulnerability-lab com)

WiFi HD v7.3.0 iOS - Multiple Web Vulnerabilities 2014-07-29
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2992-1] linux security update 2014-07-29
Salvatore Bonaccorso (carnil debian org)

Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-28
Stefan Kanthak (stefan kanthak nexgo de)

[ MDVSA-2014:140 ] owncloud 2014-07-29
security mandriva com

Kunena Forum Extension for Joomla Multiple Reflected Cross-Site Scripting Vulnerabilities 2014-07-28
vulns dionach com

Kunena Forum Extension for Joomla Multiple SQL Injection Vulnerabilities 2014-07-28
vulns dionach com

Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability 2014-07-28
Vulnerability Lab (research vulnerability-lab com)

Malware

Generic PUP.x!347D4B4C4326
RDN/Generic Dropper!uy!3F1A117FB195
W32/Virut.gen!9A58C37833C4
RDN/Generic Dropper!uy!50AB979CCBB2
Generic PUP.x!3DEE2CD98EC1
Downloader.gen.a!BF6812F96F24
Generic PUP.x!C3FBD2B90161
RDN/Generic Dropper!uy!EF5B451AC51E
Generic.dx!56712E8DD619
Downloader.gen.a!22639189873A
Generic PUP.x!6CD9643A23B2
Generic.dx!9F47AD3ABBFC
RDN/Generic Downloader.x!kq!692139441961
RDN/Generic PUP.x!ckf!932080EDC6CF
Generic PUP.x!6C7CDFB07537
RDN/Generic PUP.x!ckf!45E634161A32
Generic PUP.x!57AE027CCD3D
RDN/Generic Downloader.x!kq!E7FD2E4E6016
Generic PUP.x!55D8EE4DA380
RDN/Generic PUP.x!12F900D43B03
RDN/Generic.tfr!18624E7023F5
Generic.dx!5EAB16967A03
Generic PUP.x!1363D42406F2
RDN/Generic PUP.x!6F0926C88FB2
RDN/Generic BackDoor!zg!EC3AD1FF8EB1
RDN/Generic Dropper!uy!0A0CD81B5F0E
RDN/Generic PUP.x!ckf!D9CA5E390CE4
RDN/Generic Dropper!uy!F0A4CAA0C9AE
Generic PUP.x!8C24E217A4C9
RDN/Generic PUP.x!ckf!2EA6F4569442

Phishing

BT	30th July 2014
We are unable to process your recent payment
Halifax	30th July 2014
Account restricted [HBOS-28734MV]
Skype	29th July 2014
Fw: PayPal Payment To Skype !
amazon customer	29th July 2014
WARNING YOUR AMAZON ACCOUNT HAS BEEN LIMITED

Vulnerebility

Exploit

Dlink DWR-113 Rev. Ax - CSRF Denial of Service

WiFi HD v7.3.0 iOS - Multiple Vulnerabilities

29.7.2014

Bugtraq

Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability 2014-07-28
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2991-1] modsecurity-apache security update 2014-07-27
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBGN02936 rev.1 - HP and H3C VPN Firewall Module Products, Remote Denial of Service (DoS) 2014-07-25
security-alert hp com

Web Encryption Extension security update 2014-07-25
Ralf Senderek (support senderek ie)

Malware

RDN/Autorun.worm!dl!23960BDAA96B
Generic.tfr!F3145EAD6387
Generic.tfr!F18BA3F881F8
RDN/Generic Downloader.x!kq!A70F945A8B16
RDN/Generic.bfr!DDB196FF4DE1
RDN/Generic PUP.x!ckd!C4E04A8A7D10
RDN/Generic PUP.x!cgj!245D04B7E251
RDN/Generic PUP.x!ckd!AD589883C8C6
RDN/Generic.bfr!ho!D70D73C2AB12
RDN/Generic BackDoor!AB54C5017AC4
Generic PUP.x!0CE8649679F4
RDN/Downloader.gen.a!355FAFE0B9FC
RDN/Generic Downloader.x!kk!00402FF7ACD5
Generic.dx!186DEE900ADC
RDN/Generic.dx!d2i!036898628862
RDN/Generic PUP.x!4B5CDA711DA2
Generic PUP.x!178718679375
CryptDomaIQ!6C5CCE42DFA5
RDN/Generic PUP.x!ckd!3CDFCF1A3B1E
RDN/Generic PUP.x!ckd!1C98B86418C0
RDN/Generic PUP.x!ckd!584CFD8E439D
RDN/Generic PUP.x!ckd!D5A22317ECD1
RDN/Generic PUP.z!ed!EF2292EDFFCA
RDN/Generic PUP.x!ckd!2BD7A7661D58
Generic.tfr!0FB55B0CE6FB
RDN/Generic PUP.x!cgg!26857ABDDBFF
CryptDomaIQ!6C123F9338E3
RDN/Generic.dx!dc3!7B317D66F39D
RDN/BackDoor-CMQ!e!0DC192AB6F2C
Generic PUP.x!CF0DAFBDFEA3

Phishing

Vulnerebility

Exploit

Oxwall 1.7.0 - Remote Code Execution Exploit

Ubiquiti UbiFi / mFi / AirVision - CSRF Vulnerability

Oxwall 1.7.0 - Multiple CSRF And HTML Injection Vulnerabilities

28.7.2014

Bugtraq

Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities 2014-07-25
Vulnerability Lab (research vulnerability-lab com)

Easy file sharing web server - persist XSS in forum msgs 2014-07-25
joseph giron13 gmail com

[SECURITY] [DSA 2989-1] apache2 security update 2014-07-24
Stefan Fritsch (sf debian org)

Security advisory for Bugzilla 4.5.5, 4.4.5, 4.2.10, and 4.0.14 2014-07-24
dkl mozilla com

Malware

Generic PUP.x!7054A6D105A8
Generic PUP.x!825E00D3772B
Generic PUP.x!F9FCDBF1BF87
Generic PUP.x!366DAA1CFF85
RDN/Generic PUP.x!ckc!04F21DBAB65F
Generic PUP.x!2B055F3E8DFE
RDN/Generic.tfr!39E73C262941
Generic PUP.x!AF50DBBB85E3
Generic.dx!8C962249B186
Generic PUP.x!67E0DC1A43F7
RDN/Generic PUP.x!3117175A7400
CryptDomaIQ!4E1F5A9B9E59
Generic PUP.x!CF392432A7D2
RDN/Generic.dx!d2i!0F6149BEF7C4
RDN/Generic.bfr!hn!5696FEF7A995
Generic PUP.x!AF4A58E7D6A7
CryptDomaIQ!43C67EA4B0CC
CryptDomaIQ!4F8CF66D4755
Generic PUP.x!32FE47D0E8A0
Generic PUP.x!DAA70A391BB4
Generic PUP.x!A28CD307DA82
Generic PUP.x!509092C1C25A
Adware-FFN!FEA838DCBF26
RDN/Generic PUP.x!ckc!FB3AECDBD69E
Generic PUP.x!1CBC1C4C0DCD
Generic PUP.x!4BDC8C1821C6
Generic PUP.x!450113E10535
RDN/Generic PUP.x!4C18ECD314B0
Generic PUP.x!77A30D43AA43
RDN/Generic PUP.x!ckc!0EF67E7FBC5A

Phishing

NationWide	25th July 2014
Account Review
PayPal	25th July 2014
YOUR ACCOUNT WILL BE LIMITED !
Apple Inc.	25th July 2014
VALIDATE YOUR ACCOUNT INFORMATION APPLE ! CASE : 958
Apple	25th July 2014
[iTunes] Credit Card - Decliend =?UTF-8?Q?=E2=9C=94_?=

Vulnerebility

Exploit

Moodle 2.7 - Persistent XSS

ZeroCMS 1.0 - Persistent Cross-Site Scripting Vulnerability

Sagem Fast 3304-V1 - Denial Of Service Vulnerability

DirPHP 1.0 - LFI Vulnerability

25.7.2014

Bugtraq

[slackware-security] mozilla-thunderbird (SSA:2014-204-03) 2014-07-24
Slackware Security Team (security slackware com)

Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video BNSEC-2398 2014-07-24
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] mozilla-firefox (SSA:2014-204-02) 2014-07-24
Slackware Security Team (security slackware com)

[slackware-security] httpd (SSA:2014-204-01) 2014-07-24
Slackware Security Team (security slackware com)

[security bulletin] HPSBMU03076 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-07-23

Malware

CryptDomaIQ!2E975734AB10
Generic PUP.x!665AD7EC274F
RDN/Generic.bfr!hn!E720AC27FDFC
RDN/Generic.bfr!hn!CEA8B35DDCE4
RDN/Downloader.a!sf!C331B371E02D
RDN/Generic PUP.x!cj3!E81CC32D6D5F
RDN/Generic PUP.z!ed!968674DAFC05
RDN/Generic PUP.z!ed!5896773C5591
RDN/Downloader.a!sf!C5BB92F0D255
Generic PUP.x!11AF7970DA7A
RDN/Generic PUP.x!cj3!78171FE1D588
RDN/Generic.dx!438614CC102F
Generic PUP.x!66536690BF85
Generic PUP.x!21F4982B6DDA
RDN/Generic PUP.x!cj3!752252B7CCA6
RDN/Generic Dropper!uw!74B15FEAA61E
RDN/Generic PUP.x!cj3!73FDA746466D
RDN/Downloader.a!sf!0A961870B6EC
RDN/Generic Downloader.x!kp!136213B0F2A6
RDN/Generic PUP.x!cj3!75038F8A313D
RDN/Downloader.a!sf!39341696DCC5
Generic PUP.x!4CDF4B145BCE
RDN/Generic PUP.x!cj3!73106E9E17DF
RDN/Generic PUP.x!cj3!732300FE0F51
RDN/Generic PUP.x!cj3!7982F03E48BD
RDN/Generic PUP.x!cj3!7142EF8CD946
RDN/Generic PUP.x!cj3!78BB1FD0C802
RDN/Generic PUP.x!cj3!712A51A131E1
RDN/Generic PUP.x!cj3!7544E7EA0BC3
RDN/Generic PUP.x!cj3!75AC3E93A8E7

Phishing

MBNA	24th July 2014
Urgent Update Required.
National	23rd July 2014
NATWEST
apple	23rd July 2014
your apple account has been limited !

Vulnerebility

Exploit

Omeka 2.2.1 - Remote Code Execution Exploit

Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities

Lian Li NAS - Multiple Vulnerabilities

BulletProof FTP Client 2010 - Buffer Overflow (SEH)

Make 3.81 - Heap Overflow PoC

24.7.2014

Bugtraq

[security bulletin] HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code, Disclosure of Information 2014-07-23
security-alert hp com

SQL Injection in Ð?2 2014-07-23
High-Tech Bridge Security Research (advisory htbridge com)

[oCERT-2014-005] LPAR2RRD input sanitization errors 2014-07-23
Daniele Bianco (danbia ocert org)

Multiple Vulnerabilities in Parallels® Plesk Sitebuilder 2014-07-23
cseye_ut yahoo com

[SECURITY] [DSA 2985-1] mysql-5.5 security update 2014-07-22
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2984-1] acpi-support security update 2014-07-22
Luciano Bello (luciano debian org)

Malware

Generic PUP.x!FBB683D93F91
Generic PUP.x!DCF13596A558
Generic PUP.x!CB5720D62F21
Generic PUP.x!92C35355184B
Generic PUP.x!77009A8B173B
Generic PUP.x!169ABD35FD2F
Generic PUP.x!DE9D75F705B0
RDN/Generic.bfr!EF0B7939D99B
Generic PUP.x!D2984610BD77
Generic PUP.x!14F70E2B8A25
Generic PUP.x!67CAD928ECEF
Generic PUP.x!271FDF1C0F23
RDN/Generic.bfr!23C21945FFB0
Generic PUP.x!603585DAC1BA
Generic PUP.x!8BF6CA1339F5
RDN/Generic PWS.y!5CB706E921A9
Generic PUP.x!E8485C7275D0
Generic PUP.x!C6B0878222F7
RDN/Generic.bfr!E097321E6844
Generic PUP.x!F604EE96D042
Generic PUP.x!92361EBA422A
Generic PUP.x!BC7D47DFEE15
RDN/Generic PUP.x!cjs!60D4C46DEE2B
Generic PUP.x!BD67BB124A65
Generic PUP.x!70C68391CA3B
Generic.tfr!85A5DE10520F
Generic PUP.x!D34E38EA0AA9
Generic.tfr!4D20546FAE10
Generic PUP.x!A12556193EFD
Generic PUP.x!FD5D17ED1EE2

Phishing

National	23rd July 2014
NATWEST
apple	23rd July 2014
your apple account has been limited !

Vulnerebility

Exploit

Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability

23.7.2014

Bugtraq

[security bulletin] HPSBMU03071 rev.1 - HP Autonomy IDOL, Running OpenSSL, Remote Unauthorized Access, Disclosure of Information 2014-07-22
security-alert hp com

Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability 2014-07-22
Vulnerability Lab (research vulnerability-lab com)

Web Login Bruteforce in Symantec Endpoint Protection Manager 12.1.4023.4080 2014-07-22
audit1 a2secure com

Cross-site Scripting in EventLog Analyzer 9.0 build #9000 2014-07-22
audit1 a2secure com

[oCERT-2014-004] Ansible input sanitization errors 2014-07-22
Andrea Barisani (lcars ocert org)

Call for Papers / Speakers for ISACA Ireland Conference on 3rd Oct in Dublin 2014-07-21
president isaca ie

[SECURITY] [DSA 2983-1] drupal7 security update 2014-07-20
Moritz Muehlenhoff (jmm debian org)

Malware

RDN/Generic BackDoor!ze!740CDC3C12EF
Generic PUP.x!F3BB19EA9674
Generic.tfr!73F59DC6A2E0
Generic PUP.x!3681A013D157
Downloader.gen.a!DF4248209B24
Generic PUP.x!3677C7D70563
Generic.tfr!1F67FD9D1F97
Generic.tfr!73CA039688D7
Generic.dx!838AF843905F
Generic.tfr!1D4F60427F18
Generic BackDoor!1BC18FD73F60
RDN/Generic.dx!5C668FBC846D
Generic Downloader.x!76342CFD6B41
RDN/Generic Dropper!uv!006D526A88F3
Generic.bfr!46B81620501D
RDN/Generic.bfr!hn!910B0097085D
RDN/Generic Downloader.x!kp!72F88BD3652D
Generic PUP.x!72E3CE106531
Generic PUP.x!72E8375552FF
RDN/Generic Dropper!uv!1648FE70B5EF
W32/Sdbot.worm!72C992ABE67D
Generic.tfr!8A8AEDC3857F
Generic Downloader.x!72D2CFE5EB9D
SoftDropper!8FC15B64B8F8
Generic PUP.x!362593BEE9AF
RDN/Generic PUP.x!cjp!10416630832D
FakeAV-M.bfr!B12F11DDDE7C
RDN/Generic PUP.x!cjp!728F7B54330D
RDN/Generic.dx!F57B1F415F28
RDN/Generic BackDoor!ze!981BA1A68F51

Phishing

Vulnerebility

Exploit

Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation

Microsoft XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation

DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation

22.7.2014

Bugtraq

Malware

Generic PUP.x!FFFD5AF1D6A9
RDN/Generic BackDoor!zd!CB5A802D59A5
RDN/Generic PUP.x!cjm!19B9376E7039
Generic PUP.x!9E6DAEF4F8D0
Generic.bfr!60E48EF986E5
Generic PUP.x!0B6E92C44621
RDN/Generic.bfr!ho!EF43FF9F445E
Generic.tfr!EC8672711BD6
Generic.tfr!E8A79E786E54
Generic Downloader.x!E5E8D5BFACA4
Generic PUP.x!8422260342BA
RDN/Generic PUP.x!cjm!830E913C85A0
Generic PUP.x!F6CF2EC25B4D
Generic.dx!2F8E3C5A3AE6
Downloader.gen.a!DB82E1F9D9EC
RDN/Generic PUP.x!cjm!9BCACF3FFA85
Generic.tfr!D8C1FF44D853
Generic PUP.x!41955A93F9C1
Generic Downloader.x!63993D2E34A2
Generic PUP.x!5925E7B4609B
Generic PUP.x!AE1C2980B882
RDN/Generic PUP.x!E7EE9B3C7453
RDN/Generic PUP.x!7BD01FDB12F8
Generic PUP.x!776D0DC2B43F
Generic PUP.x!9BAE5AD3CCD9
RDN/Generic.dx!d2d!ABC1FA4FA27C
RDN/Generic PUP.x!7C21D007DB6D
iBryte!7423B42E40AC
Somoto-BetterInstaller!A2F230FE672B
Generic.tfr!CC2AC4C9985C

Phishing

Bay	21st July 2014
eBay Customer Support made a decision
PayPal	21st July 2014
This is the last chance to update your paypal account information !
AMAZON	20th July 2014
You Must Confirm Your Amazon Account Before We Close it

Vulnerebility

Exploit

Linux Kernel ptrace/sysret - Local Privilege Escalation

Apache 2.4.7 mod_status Scoreboard Handling Race Condition

21.7.2014

Bugtraq

Malware

RDN/Generic PUP.x!cjl!462C0A052B11
Generic PUP.x!7E0F291B5DFE
Generic.tfr!9B87F8DB94D4
RDN/Generic PUP.x!cjl!0C57980A5258
Generic.tfr!8B9FD7BF6877
RDN/Generic PUP.x!cjl!1F06A190539B
RDN/Generic PUP.x!cjl!333C715F221C
RDN/Generic BackDoor!zd!F70FD15A2449
Generic PUP.x!C3C198E49829
Generic PUP.x!51291298E108
Generic PUP.x!666D4CA5C72E
RDN/Generic PUP.x!cjl!9F97B8A2E81F
Generic PUP.x!7D691C0F7D84
Generic PUP.x!F7F69B8709D7
Generic PUP.x!7DB477A2450C
Generic PUP.x!7D61FB5AEEEB
Generic PUP.x!949B1024B58B
RDN/Generic PUP.x!cjl!6CCA4701CC7F
Generic PUP.x!2D0A2CD216EC
Generic PUP.x!12418A20627D
CryptDomaIQ!FE6F605D76A2
Generic PUP.x!5A23535EF3BA
RDN/Downloader.a!sc!E31A2B71254B
RDN/Generic.bfr!ho!90823538FAAF
RDN/Spybot.bfr!E02D3A234477
CryptDomaIQ!F26671074CE9
RDN/Generic PUP.x!cjl!FB04FA838867
Generic Downloader.x!298257DB93E7
PUP-FIC!FE7AB5CA56DA
PowerPack!FE71E0B34A05

Phishing

AMAZON	20th July 2014
You Must Confirm Your Amazon Account Before We Close it
MBNA	19th July 2014
MBNA - Refund Stated In Your Account

Vulnerebility

Exploit

IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities

Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability

MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities

World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow

18.7.2014

Bugtraq

Ignore the amount customers confirm is no security vulnerability according to PayPal 2014-07-17
Jan Kechel (jan kechel de)

IP.Board 3.4 cross-site scripting in Referer header 2014-07-16
stormhacker hotmail com

[SECURITY] [DSA 2765-2] davfs regression update 2014-07-16
Thijs Kinkhorst (thijs debian org)

Cisco Security Advisory: Cisco Wireless Residential Gateway Remote Code Execution Vulnerability 2014-07-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[HITB-Announce] REMINDER: #HITB2014KUL CFP Deadline: 1st August 2014-07-17
Hafez Kamal (aphesz hackinthebox org)

Malware

RDN/Generic PUP.x!cj3!796CC3DA9D01
RDN/Generic PUP.x!cj3!4E96AEB2C0F6
RDN/Downloader.a!sb!B368CE62FE32
RDN/Generic PUP.x!cj3!C29E3C6AAF1F
RDN/Generic PUP.x!cj3!CABAE545AF74
RDN/Generic PUP.x!cj3!2E46071ADC76
Generic PUP.x!D3FF3E894097
Generic PUP.x!FCBEA1A3842C
W32/Sdbot.worm!B29030063EFA
RDN/Generic PUP.x!cj3!2CE402874C4E
RDN/Generic PUP.x!cj3!E56BD9BA40A4
Generic PUP.x!BC3CD2F6F93A
Generic PUP.x!DDB0E2AA8561
RDN/Generic PUP.x!CBCA184F9B82
RDN/Generic PUP.x!cj3!2F33BE731846
Generic PUP.x!C2248C521F53
RDN/Generic PUP.x!cj3!12FB3FF1ECBB
RDN/Generic BackDoor!zc!91C931F256F0
RDN/Generic PUP.x!cj3!081D9D6EFC9D
RDN/Generic PUP.x!cj3!C0A63E72490D
CryptDomaIQ!D69DBEFA4ACD
RDN/Generic PUP.x!cj3!99C0259BA1DF
RDN/Generic PUP.x!cj3!43B564A4701A
PUP-FLT!923B22A7FC1A
RDN/Generic PUP.x!cj3!4F876D29233E
RDN/Generic PUP.x!cj3!C8BF0712C37C
iBryte!53899B73E938
RDN/Generic PUP.x!cj3!4DC9EA7D6689
RDN/Generic PUP.x!cj3!52BBBB604F61
RDN/Generic PUP.x!cj3!4F7392CE0885

Phishing

Natwest	18th July 2014
IMPORTANT NATWEST NOTIFICATION
Halifax	17th July 2014
IMPORTANT MESSAGE FROM HALIFAX BANK CUSTOMER SERVICE
Halifax Bank	17th July 2014
HALIFAX ACCOUNT NOTICE

Vulnerebility

Exploit

Omeka 2.2 - CSRF And Stored XSS Vulnerability

17.7.2014

Bugtraq

SEC Consult SA-20140716-3 :: Multiple critical vulnerabilities in Bitdefender GravityZone 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

Reflected Cross-Site Scripting (XSS) in e107 2014-07-16
High-Tech Bridge Security Research (advisory htbridge com)

VUPEN Security Research - Microsoft Windows "DirectShow" Privilege Escalation Vulnerability (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

VUPEN Security Research - Microsoft Internet Explorer "ShowSaveFileDialog()" Sandbox Bypass (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

VUPEN Security Research - Microsoft Internet Explorer "Request" Object Confusion Sandbox Bypass (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption (Pwn2Own 2014) 2014-07-16
VUPEN Security Research (advisories vupen com)

SEC Consult SA-20140716-0 :: Multiple SSRF vulnerabilities in Alfresco Community Edition 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20140716-1 :: Remote Code Execution via CSRF in OpenVPN Access Server "Desktop Client" 2014-07-16
SEC Consult Vulnerability Lab (research sec-consult com)

Malware

RDN/Generic.bfr!F57D6C773F5B
Generic PUP.x!FB04E96DBC1D
RDN/Generic PUP.x!cjb!45687DE66FA7
RDN/Generic.tfr!38A592F8A0E8
Generic PUP.x!E87DE9AF9C28
Generic PUP.x!ED4434313D78
W32/Sality.gen.z!2AA0C13C7C88
RDN/Generic Downloader.x!ko!9B6058EF99D6
RDN/Generic PUP.x!cjb!6ED6EAAEE164
RDN/Generic PUP.x!cjb!EB1EC7BCF1E4
PUP-FLN!E53205CAEC3E
Generic PUP.x!A9DDF8552E8E
W32/Sality.gen.z!A6A271552823
RDN/Generic PUP.x!cjb!FAB8ED9F30F7
RDN/Generic PUP.x!cjb!BABFE724DCB7
Generic PUP.x!31BCBF253ECC
RDN/Generic.dx!816422A7E325
PUP-FLN!EADBFC783931
Generic PUP.x!91715A5F67DB
RDN/Generic PUP.x!cjb!3CB1575FE513
RDN/Generic PUP.x!cjb!EDFE7D031A9D
RDN/Generic PUP.x!cjb!A1A3563DC24B
RDN/Downloader.a!sb!134409FC325E
RDN/Generic PUP.x!cjb!B99906B597B4
Generic PUP.x!8310BB7F3328
RDN/Generic BackDoor!zc!AD23306B5A01
Generic.bfr!7733020793C7
RDN/Generic PUP.x!cjb!08A7CAFD46BD
RDN/Generic PUP.x!cjb!51889FAD0048
PUP-FLN!E9DB5373977A

Phishing

Halifax Bank	17th July 2014
HALIFAX ACCOUNT NOTICE
RBS	16th July 2014
RBS - Secure Message.
HSBC	16th July 2014
Account Notification
Halifax Bank	16th July 2014
Halifax Account Notice
itunes	16th July 2014
Important message from Apple itunes !

Vulnerebility

Exploit

Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities

Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability

Joomla Youtube Gallery Component - SQL Injection Vulnerability

Node Browserify 4.2.0 - Remote Code Execution Vulnerability

16.7.2014

Bugtraq

Node Browserify RCE vuln (<= 4.2.0) 2014-07-15
Cal Leeming \[Simplicity Media Ltd\] (cal leeming simplicitymedialtd co uk)

[security bulletin] HPSBGN03068 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Disclosure of Information 2014-07-15
security-alert hp com

Ruxcon 2014 Final Call For Presentations 2014-07-15
cfp ruxcon org au

[security bulletin] HPSBHF02913 rev.1 - HP Intelligent Management Center (iMC) and HP Branch Intelligent Management System (BIMS), Remote Disclosure of Information 2014-07-14
security-alert hp com

Malware

RDN/Generic PUP.x!c2y!743ED6323429
Generic PUP.x!1491892063BC
RDN/Downloader.gen.a!91180C182246
RDN/Generic.bfr!5B0D7E317664
CryptDomaIQ!E6F5215DA2D3
RDN/Generic BackDoor!zb!BEDE883DE987
CryptDomaIQ!E6FA23690A36
Generic PUP.x!7885C6ED25CE
Trojan-FDSS!E6F91E9200A2
Adware-DomaIQ!987962A11850
RDN/Generic.bfr!ho!8287915B8425
Generic PUP.x!2404797898B4
Generic.bfr!7AC755D3413B
RDN/Generic BackDoor!zb!E8931E76E821
RDN/Generic PWS.y!0FE96D5DF110
Generic PUP.x!D9BBFEEB1288
RDN/Spybot.bfr!n!C3F585CDEECA
PUP-FHQ!E6E27A6B7F98
RDN/Generic BackDoor!zb!FC4E7AD60258
PUP-FIC!E6EDB30CD9C3
RDN/Generic BackDoor!zb!BF4202ED6442
CryptDomaIQ!E6FE1BA1CA39
Adware-DomaIQ!9843350DDFD4
Generic Downloader.x!6FB96E5E744A
Generic PUP.x!F0D17D9BF8B2
CryptDomaIQ!E6E27D26D5D9
RDN/Generic.bfr!ho!32C39407353E
CryptDomaIQ!E6FA7B7EFAAF
PUP-FLN!E6FC38FB375C
Generic PUP.x!A7A2AF864D4A

Phishing

Inc Apple	15th July 2014
YOUR ACCOUNT HAS BEEN LIMITED
BT	15th July 2014
Your account might be de-activated.
PAYPAL INC	15th July 2014
Your Paypal Account Will be banned

Vulnerebility

Exploit

15.7.2014

Bugtraq

[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability 2014-07-14
Egidio Romano (research karmainsecurity com)

[ MDVSA-2014:138 ] asterisk 2014-07-11
security mandriva com

Malware

Generic PUP.x!5E1E22E0F429
CryptDomaIQ!0E121C45A9C7
Generic PUP.x!E01A07C2A0F0
Generic PUP.x!AD360808C7F7
RDN/Generic PUP.x!D8FA966F14B3
Generic.bfr!98C3705879E9
RDN/Spybot.bfr!59865A9AFAC8
RDN/PWS-ZBot.auh!a!724994970A81
RDN/BackDoor-FBSA!a!7000C5DD9A07
RDN/Downloader.gen.a!E8F90104CBFD
CryptDomaIQ!1479B1D4D8C4
PUP-FLY!0DFC1788CF3E
Generic PUP.x!EDBE609F4AA5
PUP-FLN!1486370D4348
RDN/Generic PUP.x!c2x!9F56B46D01BC
RDN/Generic PUP.x!c2x!9964F144A235
RDN/Generic.dx!CA78DC3FC569
Generic PUP.x!72DD34217EF5
Generic PUP.x!CF3E4946CC3D
RDN/PWS-Mmorpg!lc!61279722355E
RDN/Generic.bfr!97E5CAA94ED9
RDN/Generic PUP.x!c2x!759FF41D4E37
RDN/Generic PUP.x!c2x!9604FFF54611
iBryte!148431D8E579
CryptDomaIQ!147C50B4851E
Generic PUP.x!A518A1747B4D
Generic Downloader.x!9899D93D80B0
Generic PUP.x!9D035A01AB22
Generic PUP.x!B3A57B6C9E01
RDN/Downloader.gen.a!526479194A75

Phishing

PAYPAL INC	15th July 2014
Your Paypal Account Will be banned
Btinternet	13th July 2014
EXPIRATION OF YOUR BTINTERNET EMAIL !

Vulnerebility

Exploit

D-Link info.cgi POST Request Buffer Overflow

D-Link HNAP Request Remote Buffer Overflow

D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection

HP Data protector manager 8.10 remote command execution

Shopizer 1.1.5 - Multiple Vulnerabilities

14.7.2014

Bugtraq

[SECURITY] [DSA 2976-1] eglibc security update 2014-07-10
Florian Weimer (fw deneb enyo de)

Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:135 ] python 2014-07-10
security mandriva com

[ MDVSA-2014:134 ] liblzo 2014-07-10
security mandriva com

SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)

[ MDVSA-2014:133 ] gd 2014-07-10
security mandriva com

Malware

RDN/Generic PUP.x!2AB0A95436EC
Generic PUP.x!0C0569C86B11
RDN/Generic.bfr!ho!4276D0EBDA40
Generic.dx!4581F73EB6E7
RDN/Generic PUP.x!c2v!D66BB496A44E
Generic PUP.x!A4F2C321C18B
Generic PUP.x!49E5141BBEF9
PUP-FHQ!ED1E3B6C08D0
Generic.dx!856D1D886122
Generic PUP.x!4FAE9060641E
Generic PUP.x!7015CB220C15
PUP-FLN!12F00BCBFE9A
CryptInno!12F05854B605
RDN/Downloader.a!rz!0D244EBEC070
Generic PUP.x!BABA08DF01D4
RDN/Generic.dx!E73855B66515
RDN/Autorun.worm.gen!6B8A6CF58C2F
Generic PUP.x!2EF4248573AA
Generic.dx!AED2CBEEBDB3
RDN/Generic.dx!dd3!60C9628CBF00
RDN/Generic BackDoor!za!A36C1E279963
RDN/Generic BackDoor!za!A42CE501C83D
RDN/Generic BackDoor!za!A3C6B8434ED6
CryptDomaIQ!ED34DC3CAD43
CryptDomaIQ!12E64396620C
Generic PUP.x!A33977B81928
PUP-FLN!ED1EB4EDAE0F
PUP-FLN!ED24C92DB8A7
PUP-FIC!12E5F4EB8212
Generic PUP.x!C886F8153B57

Phishing

Btinternet	13th July 2014
EXPIRATION OF YOUR BTINTERNET EMAIL !
WESTERN UNION PAYMENT SERVICE	12th July 2014
Pick Up Your First Payment
NatWest	11th July 2014
Restriction On Your Account !
Halifax	11th July 2014
NEW MESSAGE FROM HALIFAX CUSTOMER SERVICE.
Paypal	11th July 2014
VERIFY YOUR PAYPAL ACCOUNT INFORMATION
NatWest ;	11th July 2014
Your Account As Temporarily Limited
NatWest	11th July 2014
Access to Online Banking Service
PAYPAI	11th July 2014
Security notice!

Vulnerebility

Exploit

11.7.2014

Bugtraq

[SECURITY] [DSA 2976-1] eglibc security update 2014-07-10
Florian Weimer (fw deneb enyo de)

Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability 2014-07-10
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:135 ] python 2014-07-10
security mandriva com

[ MDVSA-2014:134 ] liblzo 2014-07-10
security mandriva com

SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop 2014-07-10
SEC Consult Vulnerability Lab (research sec-consult com)

[ MDVSA-2014:133 ] gd 2014-07-10
security mandriva com

Malware

RDN/Generic PUP.x!c2q!2C62561A14DA
RDN/Generic PUP.x!c2q!2988F6AE5A82
Generic PUP.x!1DAD7D8D16C7
Generic PUP.x!57DB6AD90A19
Generic PUP.x!A43C1C64AA28
RDN/Generic PUP.x!c2q!8B0DC6A437DA
Generic PUP.x!60257433A6F1
Generic PUP.x!4A27F236340B
Generic PUP.x!CE2DB4FDDF5E
RDN/Generic PUP.x!c2q!A45A67078272
Generic PUP.x!AEC6CD4C344D
Generic PUP.x!81A2FC0365D1
RDN/Generic PUP.x!c2q!E0A70AAD9457
RDN/Generic PUP.x!c2q!7BEB7DEEEC15
RDN/Generic PUP.x!c2q!A20847612D7E
Generic PUP.x!1A27D0D4F11C
Generic.tfr!007DAA750AB5
Generic PUP.x!373DCD6CFCF8
Generic PUP.x!5DC875C59A96
RDN/Generic PUP.x!c2q!3ECDCC103355
Generic PUP.x!5747E9F7FC07
Generic PUP.x!6A8E71BCCDCD
RDN/Generic PUP.x!c2q!55295D81FC31
Generic PUP.x!5B974969D889
Generic PUP.x!9C91E274E0F4
Generic PUP.x!66C82829E2A7
Generic PUP.x!BFC09B15DFBA
Generic PUP.x!0A981C8678E9
Generic PUP.x!8EABA4859314
Generic PUP.x!F15D2A0FE779

Phishing

Vulnerebility

Exploit

Infoblox 6.8.2.11 - OS Command Injection

C99.php Shell - Authentication Bypass

10.7.2014

Bugtraq

[SECURITY] [DSA 2975-1] phpmyadmin security update 2014-07-09
Thijs Kinkhorst (thijs debian org)

Cisco Security Advisory: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products 2014-07-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Weak Local Database Credentials in Infoblox Network Automation 2014-07-09
nate depthsecurity com

OS Command Injection Infoblox Network Automation 2014-07-09
nate depthsecurity com

[ MDVSA-2014:132 ] libxfont 2014-07-09
security mandriva com

[ MDVSA-2014:131 ] file 2014-07-09
security mandriva com

[ MDVSA-2014:129 ] ffmpeg 2014-07-09
security mandriva com

[ MDVSA-2014:130 ] php 2014-07-09
security mandriva com

[ MDVSA-2014:128 ] iodine 2014-07-09
security mandriva com

[ MDVSA-2014:127 ] gnupg 2014-07-09
security mandriva com

Android NFC Service Denial of Service 2014-07-09
vuln nipc org cn

CVE-2014-4331 OctavoCMS reflected XSS vulnerability 2014-07-09
andreu antonio gmail com

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager 2014-07-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

RDN/Generic PUP.x!c2m!F1D3969F39D2
Generic PUP.x!BC4A8B125CB7
Generic PWS.y!D6CF2C52D42A
Generic PUP.x!C5AEDFDAA272
Generic PUP.x!115BD571B053
Generic PUP.x!1FD399C7F624
Generic PUP.x!54466D4C094A
Generic PUP.x!7E386F9295C4
Downloader.gen.a!D352EC7B94BC
RDN/Generic.bfr!ho!30A9E6863FCE
Generic PUP.x!F3344D9B5794
Generic.bfr!81CCFB1F0FBC
RDN/DNSChanger.bfr!d!3FB4C40A98BD
RDN/Generic BackDoor!yz!0DB782839A71
Generic PUP.x!030248669920
Generic PUP.x!D3B209B7BE6B
Generic PUP.x!06A5D489E677
Generic PUP.x!F7289BEF2C09
Generic PUP.x!842CFF6BB1E1
RDN/Generic.tfr!1E5BD179FCCB
RDN/Generic.hra!bz!DFA6C95527D8
Generic PUP.x!F859B3C772F2
Generic PUP.x!42DC35E41DE9
Generic PUP.x!044FA3272242
RDN/Generic PUP.x!c2m!7538AAFE3938
Generic PUP.x!7CB1DAE6E8E3
Generic PUP.x!05B1981E8C44
Generic PUP.x!49CF057AAEED
RDN/Generic.grp!hj!36E5B97F7A4A
Generic PUP.x!4FD281AAC7FB

Phishing

LLOYDS TSB	10th July 2014
* * ACCOUNT ON HOLD
NatWest	9th July 2014
Access to Online Banking Service.
BT	9th July 2014
Your BT Account Validation

Vulnerebility

Exploit

9.7.2014

Bugtraq

[ MDVSA-2014:126 ] phpmyadmin 2014-07-08
security mandriva com

CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX 2014-07-08
Portcullis Advisories (advisories portcullis-security com)

Abusing Oracle's CREATE DATABASE LINK Privilege for fun and Profit 2014-07-08
Sumit Siddharth (sid notsosecure com)

[security bulletin] HPSBGN03050 rev.1 - HP IceWall SSO Dfw and HP IceWall MCRP running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-07-08
security-alert hp com

[SECURITY] [DSA 2973-1] vlc security update 2014-07-07
Moritz Muehlenhoff (jmm debian org)

ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability 2014-07-07
Security Alert (Security_Alert emc com)

Malware

Generic PUP.x!01F25DE45911
RDN/Generic.bfr!ho!A37DF268A5A0
Generic PUP.x!FAABB628B84D
Generic PUP.x!4F07C5FDFCB2
RDN/Generic PUP.x!c2h!897AE36999C2
Generic PUP.x!029AFA627816
Generic PUP.x!0DCA2E568C73
Generic PUP.x!15968C8E3983
Generic PUP.x!2B0360693D4B
CryptDomaIQ!785429AB3E6F
Generic PUP.x!63527212A000
Generic PUP.x!F966C17CD501
Generic PUP.x!FC0D37A0F51D
Generic PUP.x!D16FEA1E4C0B
Generic PUP.x!DFF5DDF565CF
Generic PUP.x!FA1479BB67F7
CryptDomaIQ!792E3378647D
Generic PUP.x!E22D0E098A35
RDN/Downloader.a!rw!7A51DE8EBC24
RDN/Generic.dx!dd3!D3D0D6A45DD3
RDN/Generic PWS.y!b2g!B919F3340BFB
RDN/Generic PUP.x!c2h!2EACF378B500
Generic PUP.x!7CAD0541199B
Generic PUP.x!C1AD9367C4A3
Generic PUP.x!6DFCB5E19353
Generic PUP.x!9A592DD647AC
CryptDomaIQ!7878A43E78FD
Generic PUP.x!E582686EC23E
RDN/Generic PUP.x!BF158A8D3E93
RDN/Generic PUP.x!D6E8BE5004B1

Phishing

NatWest Bank	9th July 2014
ACCOUNT UPDATE
service@paypal.co.uk	8th July 2014
Notice of changes to the PayPal User Agreement :
PayPal	7th July 2014
PayPal Update !

Vulnerebility

Exploit

Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow

Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities

8.7.2014

Bugtraq

ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability 2014-07-07
Security Alert (Security_Alert emc com)

ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities 2014-07-07
Security Alert (Security_Alert emc com)

Photo Org WonderApplications v8.3 iOS - File Include Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)

Malware

Generic.dx!C68E97ECEF94
PUP-FIC!4A2652F26AB9
CryptDomaIQ!97A9C2BD0886
PUP-FIC!96D4743B1463
Generic PUP.x!4A0807CC8087
CryptInno!49C0E98CB5D4
PowerPack!49C2C5C8E72F
CryptDomaIQ!95F049D120F7
PUP-FIC!4A7FB1F2A585
Generic PUP.x!5635A3B281BC
Adware-FFN!4A6D978DD2FB
RDN/Generic StartPage!BA5B7B0D04F2
CryptDomaIQ!96051C35AEFF
PUP-FLN!960880F0DE62
CryptDomaIQ!96069A733F2D
PUP-FIC!957EE307FE30
CryptDomaIQ!499BE40F0567
PUP-FIC!96175103557B
Generic PUP.x!961550F9471D
PUP-FIC!971B2649E08C
PUP-FIC!499A0E3F7640
CryptDomaIQ!95B8A9FB11E9
CryptDomaIQ!95B07D8FCFE7
CryptDomaIQ!4A511F0B4BA5
PowerPack!4A0D1DEAC0D8
CryptDomaIQ!49F4E7B086FA
Generic PUP.x!2AF65ADEABF7
CryptDomaIQ!95B35166199F
PowerPack!4A7B6DBF67C6
Generic PUP.x!2BB8FC5B01C6

Phishing

Vulnerebility

Exploit

Oracle Event Processing FileUploadServlet Arbitrary File Upload

Gitlist Unauthenticated Remote Command Execution

Wordpress MailPoet (wysija-newsletters) Unauthenticated File Upload

Netgear WNR1000v3 - Password Recovery Credential Disclosure Vulnerability

7.7.2014

Bugtraq

[SECURITY] CVE-2014-3503 Apache Syncope 2014-07-07
Francesco Chicchiriccò (ilgrosso apache org)

Yahoo! Bug Bounty #25 Flickr API - Persistent Service Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #109 Multi Shipping Application API - Filter Bypass & Persistent Vulnerability 2014-07-07
Vulnerability Lab (admin vulnerability-lab com)

PayPal Inc Bug Bounty #74 - Persistent Core Backend Vulnerability 2014-07-07
Vulnerability Lab (research vulnerability-lab com)

Backdoor access to Techboard/Syac devices 2014-07-07
roberto paleari emaze net

{CVE-ID request} - OCS-Inventory-NG Multiple Stored Cross Site Scripting Vulnerabilities. 2014-07-07
Madhu Akula (madhu akula hotmail com)

iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries 2014-07-07
Stefan Kanthak (stefan kanthak nexgo de)

CVE-2014-3863 - Stored XSS in JChatSocial 2014-07-07
Teodor Lupan (teodor lupan safetech ro)

Re: Android KeyStore Stack Buffer Overflow (CVE-2014-3100) 2014-07-07
a blas actisec com

[SECURITY] [DSA 2972-1] linux security update 2014-07-06
Salvatore Bonaccorso (carnil debian org)

Lime Survey 2-05+ Multiple Vulnerabilities 2014-07-06
g-damore outlook com

Malware

RDN/Generic PUP.x!c2c!6A6767A2517C
Generic PUP.x!E65DA192DC9C
Generic PUP.x!E9F18A00408F
Generic PUP.x!83DC7837C31E
RDN/Generic PUP.x!02A4325D91F6
Generic PUP.x!C80C4296C438
Downloader.gen.a!4499F7605801
Generic PUP.x!EBD228CD7B15
Downloader.gen.a!7A60098A38F0
Generic PUP.x!2C868E1CA7F2
Somoto-BetterInstaller!802236535680
RDN/Generic PUP.x!382297DF380B
Generic PUP.x!E46D97C21FF7
RDN/Generic PUP.x!c2c!595F753285BD
RDN/Generic PUP.x!c2c!58BA57BE409E
RDN/Generic PUP.x!c2c!5970C43D41BD
RDN/Generic PUP.x!c2c!58B7597C3A59
RDN/Generic Dropper!ut!5D27BB8E90C2
Generic PUP.x!40170F39B862
Generic PUP.x!5ED0EE35DF6F
Generic PUP.x!594F99580D2A
RDN/Generic PUP.x!c2c!5B36FC067321
RDN/Generic PUP.x!c2c!401FFA92D22A
RDN/Generic PUP.x!c2c!F1AF1492E14D
RDN/Generic PUP.x!c2c!5CC287A2AB9C
CryptInno!80172A045334
RDN/Generic PUP.x!c2c!582CCC7C2AE8
RDN/Generic PUP.x!c2c!565153409427
RDN/Generic PUP.x!c2c!56743A23ED9A
RDN/Generic.dx!dds!55D01F96B7CF

Phishing

PayPal	7th July 2014
PayPal Update !
HSBC BANK PLC	7th July 2014
YOUR HSBC SECURE KEY
NatWest	7th July 2014
Important information about your account
HSBC BANK PLC	6th July 2014
YOUR HSBC SECURE KEY
Natwest	5th July 2014
Access to Online Banking Service
Apple	5th July 2014
Apple
HSBC BANK PLC	5th July 2014
Your Hsbc Online Secure Key..
NatWest Bank	4th July 2014
NATWEST BANK ALERT: UNAUTHORIZED ACCESS ON YOUR ACCOUNT

Vulnerebility

Exploit

Netgear WNR1000v3 - Password Recovery Credential Disclosure Vulnerability

4.7.2014

Bugtraq

POC2014 Call for Paper 2014-07-03
pocadm gmail com

[security bulletin] HPSBMU03059 rev.1 - HP SiteScope, Remote Authentication Bypass 2014-07-02
security-alert hp com

[security bulletin] HPSBMU03064 rev.1 - HP Universal CMDB, Remote Information Disclosure, Execution of Code 2014-07-02
security-alert hp com

Malware

RDN/Generic PUP.x!ch3!C6E9BC74AE01
RDN/Generic Downloader.x!km!F93A05E9A2FB
RDN/Generic.dx!273D3A1A4307
RDN/Generic PWS.y!101B987D40F4
RDN/Generic PWS.y!F88B487390F0
Generic.bfr!7145A5385929
PUP-FLN!4FB79AF808C7
Generic PUP.x!CE3ACBE91579
Generic PUP.x!21C9D3938428
Generic PUP.x!EB43BC91005D
Generic PUP.x!8BFDEADC1F8A
Generic PUP.x!9AD45C8621AF
Generic PUP.x!2D511ADBE3A7
Generic PUP.x!2A60920B9AE9
Generic PUP.x!8643FE89FE8A
Generic PUP.x!784A9B4367CE
Generic PUP.x!03EBC2022A00
RDN/Downloader.gen.a!0BF17746FEC4
Generic PUP.x!93DA728580B8
RDN/Generic PUP.x!5A2432A0AE2E
Generic PUP.x!DFF89532622F
Generic PUP.x!E1D1D25FC3FB
Generic PUP.x!0764F739866A
Generic PUP.x!10474AA13D95
RDN/Generic.bfr!hk!F73C1F53C0C2
Generic PUP.x!90D575CF1172
Generic PUP.x!F0EF17DBDC8B
Generic PUP.x!767953505BF8
Generic PUP.x!C160230EF9BE
Generic PUP.x!00B64CA077D5

Phishing

HSBC BANK PLC	3rd July 2014
Your Hsbc Secure Key
National Westminster	3rd July 2014
Account Reveiw

Vulnerebility

Exploit

3.7.2014

Bugtraq

Malware

Generic PUP.x!F0187C3E63FB
Generic Downloader.x!C25E30DE3FB2
Generic Downloader.x!426A1111565C
Generic PUP.x!33AC7A4D0651
Generic PUP.x!A07B88A89289
Downloader.gen.a!F556D0891219
CryptInno!9C475B29BAD5
Generic PUP.x!62F71BBF3ADD
Generic PUP.x!5FEC3FD1E291
Generic PUP.x!C0EED7BDA1E3
Generic PUP.x!009096DFCC8D
Generic PUP.x!BC2161E2B2F4
Generic PUP.x!37D61EB2DDAC
Generic PUP.x!5ECF162914E9
Generic PUP.x!16CD3CB54511
Generic PUP.x!D38141F0D38F
Generic PUP.x!D4AF67C9E38B
Generic PUP.x!B899F5675D30
Generic PUP.x!A0901533DB51
Generic PUP.x!A253D0EC06CA
Generic PUP.x!C5759B3711C5
Generic PUP.x!980D422FB245
Generic PUP.x!A531D6D8CFEE
RDN/Generic.tfr!96EF6D358F59
Generic PUP.x!1F08D5C5454A
Generic PUP.x!C0A41452354F
Generic PUP.x!C2AF8CB9394C
Generic PUP.x!73239D5923CE
Generic PUP.x!4DF6FB7178C8
Generic PUP.x!AE3A15660462

Phishing

National Westminster	3rd July 2014
Account Reveiw
NatWest	2nd July 2014
We have temporarily suspended access to your Natwest Account.
BT	2nd July 2014
Confirm your BT.com email address

Vulnerebility

Exploit

Zurmo CRM - Persistent XSS Vulnerability

Kerio Control 8.3.1 - Blind SQL Injection

Baidu Spark Browser v26.5.9999.3511 - Remote Stack Overflow Vulnerability (DoS)

2.6.2014

Bugtraq

SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom 2014-07-01
SEC Consult Vulnerability Lab (research sec-consult com)

Kerio Control <= 8.3.1 Boolean-based blind SQL Injection 2014-06-30
info fereidani com

ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

Malware

CryptDomaIQ!C1C865E2ABEC
PUP-FIC!C15D0EF35311
RDN/Generic PUP.x!chs!69B20FB38F30
RDN/Generic PUP.x!23D5CB788D50
Generic PUP.x!B15BF848FAFA
CryptInno!23F5ADE1351B
PUP-FIC!23B7FF54164E
Cryptlore!23A0CFB9B183
RDN/Generic.tfr!ea!2A3BCEA98A4D
RDN/Generic PWS.y!b2f!E5C980EEC3BF
RDN/Generic.bfr!hk!1866E728F487
RDN/Generic PUP.x!chs!C35B400410F4
RDN/Generic PUP.x!chs!C160ADF132B8
RDN/Generic PUP.x!chs!C282686EA662
RDN/Generic PUP.x!chs!C85919F38ADD
CryptDomaIQ!C1CCC0244DB5
RDN/Generic PUP.x!chs!C33F573E897B
RDN/Generic PUP.x!chs!C6762FB5E9F7
Somoto-BetterInstaller!0A1869D78D13
Generic PUP.x!C286B329C9EC
PUP-FIC!C1AF3A80F6A2
CryptDomaIQ!C27CDF9582C5
RDN/Generic.dx!24147BE7390E
PowerPack!C17B4AB96AA2
CryptDomaIQ!C17293798158
PUP-FIC!C322AF1022D8
RDN/Generic PUP.x!chs!240837F6E615
CryptDomaIQ!23C20ED3E729
RDN/Generic PUP.x!chs!C27AAB1EF5AD
RDN/Generic PUP.x!chs!23CD3D826440

Phishing

Vulnerebility

Exploit

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass

IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities

Flussonic Media Server 4.1.25 - 4.3.3 - Aribtrary File Disclosure