hotnewsobsah14

Databáze Hot News - Rok - Úvod 2018 2017 2016 2015 2014 2013 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 List - 2018 2017 2016 2015 2014 2013
Poslední aktualizace v 08.10.2016 14:19:38

1.7.2014

Bugtraq

ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

APPLE-SA-2014-06-30-4 Apple TV 6.1.2 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-06-30-3 iOS 7.1.2 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBST03000 rev.4 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information 2014-06-30
security-alert hp com

APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update 2014-003 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-06-30-1 Safari 6.1.5 and Safari 7.0.5 2014-06-30
Apple Product Security (product-security-noreply lists apple com)

SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS 2014-06-30
SEC Consult Vulnerability Lab (research sec-consult com)

ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities 2014-06-30
Security Alert (Security_Alert emc com)

ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability 2014-06-30
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 2970-1] cacti security update 2014-06-29
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!93DB3237A4D1
Generic PUP.x!93E10B991CFA
Generic PUP.x!951E0B7659D1
Generic PUP.x!8B5C18C5E644
Generic PUP.x!D6930E4AFEBD
Generic PUP.x!9479C88D1A67
Generic PUP.x!94BD0030A0DB
Generic PUP.x!9512BE780657
Generic PUP.x!95E8625E8A02
Generic PUP.x!95D86D1D1336
VTFlooder!C5F06FED1331
RDN/Generic PUP.x!chq!C4B9B0C203AE
RDN/Generic.bfr!hk!F0BC4B9DCB30
CryptDomaIQ!C4BB069D06D2
Generic PUP.x!957C671F593C
Generic PUP.x!74BEF60535CB
RDN/Generic.dx!C066F1153E2A
Generic PUP.x!93A9E519B758
RDN/Generic PUP.x!chq!EE50B8ED8B7B
RDN/Generic PUP.x!chq!B198F82FFAA1
Generic PUP.x!8FC1ECEFE4F0
Generic PUP.x!C4AAC334568E
RDN/Generic PUP.x!chq!A086B86A9A1A
Generic PUP.x!A0B28B4F669C
RDN/Generic BackDoor!yx!71E31325F7C8
Generic PUP.x!955A7DE45E55
Generic PUP.x!6A55F77A7C51
Downloader.gen.a!D97BF6A09159
CryptInno!C4AA33CA967E
Generic.bfr!93B2DBA6AFA0

Phishing

NATWEST	1st July 2014
Verification of Account
Natwest	1st July 2014
NatWest YourPoints Online
Halifax	30th June 2014
DEAR HALIFAX MEMBER,
Amazon Security Team	30th June 2014
UPDATE MISSING INFORMATION
Apple	30th June 2014
NOTIFICATION OF EXPIRATION OF YOUR ACCOUNT.

Vulnerebility

Exploit

Gitlist <= 0.4.0 - Remote Code Execution

28.6.2014

Bugtraq

[SECURITY] [DSA 2969-1] libemail-address-perl security update 2014-06-27
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBMU03056 rev.1 - HP Version Control Repository Manager (HP VCRM) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-27
security-alert hp com

[security bulletin] HPSBMU03057 rev.1 - HP Version Control Agent (HP VCA) running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-27
security-alert hp com

[security bulletin] HPSBMU03061 rev.1 - HP Release Control, Disclosure of Privileged Information and Elevation of Privilege 2014-06-27
security-alert hp com

[SECURITY] [DSA 2968-1] gnupg2 security update 2014-06-27
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBMU03058 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information 2014-06-26
security-alert hp com

CFP 1st International Conference on Information Systems Security and Privacy - ICISSP 2015 2014-06-26
calendarsites insticc org

Malware

Generic.dx!DD45C6E12E29
RDN/Generic PUP.x!chh!DAA38AB4DE9F
RDN/Generic PUP.x!chh!9F6E1C267D86
PUP-FIC!D9053AB0B92C
Generic PUP.x!B42006DCFF9C
RDN/Generic PUP.x!149DD9EE882C
RDN/Generic.bfr!hk!B95C1F129AC0
CryptDomaIQ!D6BEEEA7373A
CryptInno!D81699977BF5
Generic PUP.x!FB1FFC9699B5
Generic PUP.x!836453BB5662
Generic PUP.x!F56E8A0EEA04
PowerPack!D810D3298DCB
Generic PUP.x!17FB5D425C7B
Generic PUP.x!650243FDD8DA
RDN/Generic PUP.x!chh!5C0A7D3FB576
RDN/Generic PUP.x!chh!1441C619E994
RDN/Generic PUP.x!chh!ACDAEF506CA2
Generic PUP.x!177E6935325C
Generic PUP.x!B18ADA577322
PUP-FIC!D9DF4AA80AB5
RDN/Generic.dx!ddl!2693385997A9
PUP-FIC!D9D9CD118F72
Generic PUP.x!316079CB4CF2
Generic PUP.x!18D674774C40
RDN/Generic.bfr!hk!D8E5C6E7482D
RDN/Generic PUP.x!chh!16291336ADCE
RDN/Generic PUP.x!chh!D94559862157
RDN/Generic PUP.x!chh!B83AF37C7798
Generic PUP.x!E3EF0A5A4696

Phishing

NatWest	28th June 2014
IMPORTANT INFORMATION ABOUT YOUR ACCOUNT
Paypal Customers Service	27th June 2014
NOTICE OF CHANGES TO THE PAYPAL USER AGREEMENT

Vulnerebility

Exploit

HP AutoPass License Server File Upload

chkrootkit 0.49 - Local Root Vulnerability

MS14-009 .NET Deployment Service IE Sandbox Escape

MS13-097 Registry Symlink IE Sandbox Escape

Python CGIHTTPServer Encoded Path Traversal

Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities

Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities

Endeca Latitude 2.2.2 - CSRF Vulnerability

27.6.2014

Bugtraq

[SECURITY] [DSA 2967-1] gnupg security update 2014-06-25
Salvatore Bonaccorso (carnil debian org)

CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014 2014-06-25
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) 2014-06-25
Portcullis Advisories (advisories portcullis-security com)

[RT-SA-2013-003] Endeca Latitude Cross-Site Scripting 2014-06-25
RedTeam Pentesting GmbH (release redteam-pentesting de)

Malware

RDN/Generic Dropper!519351F39961
Generic PUP.x!712AFDF8BA0C
Generic PUP.x!1F6D8B9B4A52
Generic PUP.x!DA16F7696035
Generic PUP.x!CDA9011EC4CF
Generic PUP.x!D9CA13D500DE
RDN/Downloader.a!ro!D948D19D991A
RDN/Generic PUP.x!chc!D984241F0DD7
Generic PUP.x!36BCDDAC7BB5
Generic PUP.x!46EFFD09EE21
RDN/Generic PUP.x!chc!D9876E6D3135
Generic PUP.x!D9873F64A666
Generic PUP.x!C25DFA615C1A
Generic PUP.x!7BC6BE55EBB8
Generic PUP.x!1C6314A32637
Generic.bfr!5D160AD64001
Generic PUP.x!6678F1B9A35D
RDN/Generic PUP.x!chc!D8BD43949AE4
Generic PUP.x!51DDC635A811
Generic PUP.x!D8CFF4F8ADF5
Generic.dx!D8B3DE4D8D8B
RDN/Generic PUP.x!chc!D8822D3F2C1D
RDN/Generic.dx!dd3!D6A830D12603
RDN/Generic PUP.x!chc!E4BE1CDFBB3F
RDN/Generic.dx!dd3!D8B51BE6EC72
RDN/Generic PUP.x!chc!61375B2B6D7F
RDN/Generic.bfr!hk!D7F58DED75AC
Generic PUP.x!5FDEC90E7243
Generic.dx!D84345A0C9D0
Generic.dx!D646C1124843

Phishing

BT	27th June 2014
BT Planned Software Uprade
Chase	26th June 2014
Your Chase Account Has Been Blocked!
Natwest Bank UK	26th June 2014
NOTIFICATION FROM NATWEST BANK

Vulnerebility

Exploit

26.6.2014

Bugtraq

[SECURITY] [DSA 2967-1] gnupg security update 2014-06-25
Salvatore Bonaccorso (carnil debian org)

CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014 2014-06-25
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) 2014-06-25
Portcullis Advisories (advisories portcullis-security com)

[RT-SA-2013-003] Endeca Latitude Cross-Site Scripting 2014-06-25
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2013-002] Endeca Latitude Cross-Site Request Forgery 2014-06-25
RedTeam Pentesting GmbH (release redteam-pentesting de)

Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite 2014-06-25
High-Tech Bridge Security Research (advisory htbridge com)

NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library 2014-06-25
\VMware Security Response Center\ (security vmware com)

[slackware-security] seamonkey (SSA:2014-175-05) 2014-06-24
Slackware Security Team (security slackware com)

[slackware-security] samba (SSA:2014-175-04) 2014-06-24
Slackware Security Team (security slackware com)

[slackware-security] bind (SSA:2014-175-01) 2014-06-24
Slackware Security Team (security slackware com)

[slackware-security] gnupg (SSA:2014-175-02) 2014-06-24
Slackware Security Team (security slackware com)

[slackware-security] gnupg2 (SSA:2014-175-03) 2014-06-24
Slackware Security Team (security slackware com)

Malware

Generic PUP.x!57025514A1C2
Generic PUP.x!763FC5832083
Generic PUP.x!5A55896FF1D3
Generic PUP.x!DA74D30E6D29
Generic PUP.x!5FE39A6278AC
Generic.bfr!65CD782E4227
Generic PUP.x!F08A5F859774
Generic.bfr!1FD0EE705E19
Generic PUP.x!584FF73826D4
RDN/Generic PUP.x!chb!A9834259B392
Generic.dx!D4C63EB71468
Generic PUP.x!655F4AB04646
PUP-FIC!6769CE595E59
PUP-FIC!20E55DAA81CF
Generic PUP.x!65E0D554FA54
Generic PUP.x!65CD62C5CC8E
Generic PUP.x!CAE2FEB28033
Generic PUP.x!21F1AA74E35C
Generic PUP.x!568A32EF018E
Generic PUP.x!68C616C778AB
Generic PUP.x!9A9BE2BA555D
Generic PUP.x!9FFC53664E62
RDN/Generic.dx!ddh!B4314B5EC1DD
Generic PUP.x!64D9F8D732F3
Generic PUP.x!660BE3F12BDC
Generic PUP.x!A3B1A268391C
Generic PUP.x!9A64E1CC2CAC
Generic PUP.x!7D48D926469A
Generic PUP.x!CE26A4A57B4B
RDN/Generic.bfr!hn!98888CEA430B

Phishing

Vulnerebility

Exploit

Cogent DataHub Command Injection

Thomson TWG87OUIR - POST Password CSRF

25.6.2014

Bugtraq

Boolean algebra and CSS history theft 2014-06-24
Michal Zalewski (lcamtuf coredump cx)

Android KeyStore Stack Buffer Overflow (CVE-2014-3100) 2014-06-23
Roee Hay (roeeh il ibm com)

Malware

Generic PUP.x!5EAFB530CA33
Generic PUP.x!BEB8B2EDC03F
Generic PUP.x!E8F851101498
RDN/Generic PUP.x!cg3!6CFF23DCDFAB
RDN/Generic PUP.x!cg3!626654FA80ED
RDN/Generic PUP.x!cg3!2E0C998A069E
RDN/Generic PUP.x!cg3!3E36FBD462F6
RDN/Generic PUP.x!cg3!00C75AB6FD3B
Generic PUP.x!19967A9C9946
Generic.dx!0633E858ACFB
Generic PUP.x!87E1CAE71B9E
Generic PUP.x!6E6496FB2926
RDN/Generic.dx!ddf!2A51443A7FBC
RDN/Generic PUP.x!cg3!2B248D60478D
RDN/Generic PUP.x!cg3!F49584D3FA43
Generic PUP.x!9E98AFC50D3E
Generic PUP.x!F4F43218B2D6
RDN/Generic PUP.x!cg3!6A9C916A7735
Generic PUP.x!DC9650147541
Generic PUP.x!1955117CFE02
Generic PUP.x!C3FADE6BCF1A
Generic PUP.x!1B5B20EEFC93
Generic PUP.x!E7517CC902D0
Generic PUP.x!A0D0FF04F031
Generic PUP.x!D10E289661EC
Generic PUP.x!1488CAB73074
Generic PUP.x!0119B33BE5E1
RDN/Generic PUP.x!cg3!F496DEFB066C
RDN/Generic PUP.x!cg3!F4AAD471C131
RDN/Generic PUP.x!cg3!F4BF1187A70A

Phishing

Halifax Bank	24th June 2014
We need to update some important information.

Vulnerebility

Exploit

D-Link authentication.cgi Buffer Overflow

D-Link hedwig.cgi Buffer Overflow in Cookie Header

AlienVault OSSIM av-centerd Command Injection

24.6.2014

Bugtraq

[security bulletin] HPSBHF03052 rev.1 - HP Intelligent Management Center (iMC), HP Network Products including H3C and 3COM Routers and Switches running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Modification or Disclosur 2014-06-23
security-alert hp com

[SECURITY] [DSA 2966-1] samba security update 2014-06-23
Yves-Alexis Perez (corsac debian org)

[SECURITY] [DSA 2965-1] tiff security update 2014-06-22
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2964-1] iodine security update 2014-06-21
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!845A337B7CAB
RDN/Generic PUP.x!cgv!1E4F529FFD96
Generic PUP.x!E93D39CF5CF7
Generic PUP.x!B4C08821EEC6
RDN/Generic PUP.x!cgv!E21AAC96E391
RDN/Generic PUP.x!cgv!72B162893D2F
Generic PUP.x!E224642A7BEA
Generic PUP.x!1C017613EA83
RDN/Generic BackDoor!206E36311129
PUP-FIC!4F06C455F02F
Generic PUP.x!1B9625D1AC3E
PUP-FIC!6DDCA7D5E6FE
CryptInno!5ECD15839320
Generic PUP.x!715C159D2297
PUP-FIC!6B1DD24DEC15
RDN/Generic.bfr!hl!197CA99C6F23
PUP-FIC!6B764068CD58
PUP-FIC!6C12A1A336C6
Generic PUP.x!55D81AD7384C
RDN/Generic.dx!dd3!1FBDAFD0A797
Generic PUP.x!21D4E2A22B89
Generic PUP.x!E9C7F1AA152A
RDN/Generic PUP.x!41FFF4209106
PUP-FIC!7321F7B27891
Generic PUP.x!E6006C4F967D
Generic PUP.x!4758A21D2913
PUP-FIC!5DF61D0598AE
Generic.bfr!3BE4DE6A9480
Generic PUP.x!A4F364A45152
RDN/Generic BackDoor!yu!174561120742

Phishing

Vulnerebility

Exploit

23.6.2014

Bugtraq

Malware

Generic PUP.x!555FC8381E5C
Generic PUP.x!AFE2B4FC1CD1
Generic PUP.x!0101C4D9DB67
Generic PUP.x!91B18C63604E
Generic PUP.x!A7E1F62F0E51
Generic PUP.x!617DBE14481F
RDN/Generic PUP.x!cgs!5E26CA1346AD
Generic PUP.x!FCD84A5EC4D5
Generic PUP.x!D51801D0B6F7
Generic PUP.x!45C376F6A0D1
RDN/Generic PUP.x!cgs!2062220D4C15
Generic PUP.x!BF9DF4473170
Generic.bfr!0E980D79F8D9
Generic PUP.x!77AE04B0A1F7
Generic PUP.x!F8C1EA6E8A95
Generic.tfr!F717C0B148A1
Downloader.gen.a!E09A773F6BEE
RDN/Generic PUP.x!cgs!2BF2C01480BB
RDN/Generic PUP.x!cgs!E0398A53D28B
RDN/Downloader.a!rm!FD2271A95A64
RDN/Downloader.a!rm!0A012D809CDF
Generic PUP.x!B5A147CDA395
RDN/Generic PWS.y!zq!992A623F3816
Generic PUP.x!51289A4A0253
Generic PUP.x!F6128E23BD67
Generic PUP.x!75D6061751DA
Generic PUP.x!9DD266EE22B1
RDN/Generic.dx!ddd!6674365A217F
Generic PUP.x!62166E4E60AB
Generic PUP.x!9B85DC5B9AB1

Phishing

Barclays	22nd June 2014
Dear Barclays Memeber,
Barclays	21st June 2014
Restriction On Your Account
Barclays	21st June 2014
Dear Barclays Memeber,

Vulnerebility

Exploit

21.6.2014

Bugtraq

[security bulletin] HPSBOV03047 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-18
security-alert hp com

Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities 2014-06-18
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability 2014-06-18
Vulnerability Lab (research vulnerability-lab com)

Multiple SQL Injection Vulnerabilities in web2Project 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic PUP.x!31FE28CB292D
Generic PUP.x!04906D4BC409
RDN/Generic PUP.x!cgp!6DCF6B78BC72
CryptInno!6DDE07C3A56D
Generic.dx!2F9F060940CA
RDN/Generic PUP.x!cgp!6D8D4E3C08F5
Generic PUP.x!70F5E218A860
Generic.dx!9CFC834D3873
RDN/Generic.tfr!ea!8849F119F147
PUP-FIC!51C9458E889A
RDN/Generic PUP.x!cgp!6B3CB1F4DACE
Generic PUP.x!9D29A7265FA0
Generic Downloader.x!1135C1EF78F9
CryptInno!0CD05D3BDEB3
CryptInno!6B0F2EC1FF9A
Generic PUP.x!04E3754EDDE5
Generic PUP.x!32E0C96B2973
Generic PUP.x!2929829EFDC8
RDN/Generic PUP.x!cgp!6D29C2820CCA
CryptInno!2CBC2CB70445
RDN/Generic.bfr!gf!3F6760B91319
RDN/Generic PUP.x!cgp!4C10595F92CC
Generic PUP.x!77653A3AA19C
RDN/Generic PUP.x!cgp!35ADA0CE755E
Generic PUP.x!E0748F386FEC
RDN/Generic.bfr!gf!35B0F0E15F7E
Generic PUP.x!FD9C373723BD
RDN/Generic PUP.x!cgp!16B3B8A0DCB0
RDN/Generic PUP.x!cgp!09658492B174
RDN/Generic PUP.x!cgp!20405291A078

Phishing

Barclays	21st June 2014
Restriction On Your Account
Barclays	21st June 2014
Dear Barclays Memeber,
Barclays	20th June 2014
Dear Barclays Memeber,
PayPal	20th June 2014
Your account has been temporarily blocked
Lloyds	20th June 2014
Important Security Message. from Lloyds Bank
Lloyds	20th June 2014
Lloyds Bank Important Notification.
David Gibson	20th June 2014
Important Document!
Lloyds	19th June 2014
Important Security Message. from Lloyds Bank
PayPal	19th June 2014
PAYPAL ISSUE ; INFORMATIONS REQUIRED
Bank Of America	19th June 2014
ONLINE BANKING : IMPORTANT MESSAGE

Vulnerebility

Exploit

Linux Kernel <= 3.13 - Local Privilege Escalation PoC (gid)

D-link DSL-2760U-E1 - Persistent XSS

Wordpress 3.9.1 - CSRF Vulnerability

20.6.2014

Bugtraq

[security bulletin] HPSBOV03047 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-18
security-alert hp com

Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities 2014-06-18
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability 2014-06-18
Vulnerability Lab (research vulnerability-lab com)

Multiple SQL Injection Vulnerabilities in web2Project 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)

SQL Injection in Dolphin 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic PUP.x!BA11BD630B2C
Generic PUP.x!E525FBDB37FB
RDN/Generic PUP.x!cg3!39AD02A26B5A
Generic.bfr!AD4ACB86B1F9
Generic PUP.x!6796644345FA
Generic PUP.x!3C55BFC32BAB
Generic PUP.x!39168612C3D9
Generic PUP.x!3A23B43C5640
Downloader.gen.a!4366E53CC071
Generic.bfr!10F3AFAA0E8F
Generic PUP.x!7D7F1323A9A3
RDN/Generic PUP.x!4C2E1F975110
Generic PUP.x!B16A538D9C90
RDN/Generic PUP.x!cg3!C2E423FE781A
Generic PUP.x!649C3D0062F2
Generic PUP.x!45436234A249
RDN/Generic.bfr!hl!66810F6BC4C8
RDN/Generic PUP.x!cg3!373F24778006
Generic PUP.x!AE71ADCD47E8
RDN/Generic PUP.x!cg3!366B86D2C73F
Generic PUP.x!A7E02EF02D52
Generic PUP.x!9B7AC2BB60B7
Generic.bfr!6CE986507AE6
Generic PUP.x!664084FD98C0
Generic PUP.x!3842B7537A2D
Generic PUP.x!7B4645A7F55B
RDN/Generic PUP.x!cg3!D98A60698BF4
Generic.bfr!66FE555355A5
Generic PUP.x!8256D3B41D14
Generic PUP.x!1576034F8AC2

Phishing

Lloyds	19th June 2014
Important Security Message. from Lloyds Bank
PayPal	19th June 2014
PAYPAL ISSUE ; INFORMATIONS REQUIRED
Bank Of America	19th June 2014
ONLINE BANKING : IMPORTANT MESSAGE
Barclays	19th June 2014
Dear Barclays Memeber,

Vulnerebility

Exploit

Ericom AccessNow Server Buffer Overflow

web2Project 3.1 - Multiple Vulnerabilities

19.6.2014

Bugtraq

Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities 2014-06-18
Vulnerability Lab (research vulnerability-lab com)

Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability 2014-06-18
[SECURITY] [DSA 2963-1] lucene-solr security updateVulnerability Lab (research vulnerability-lab com)

Multiple SQL Injection Vulnerabilities in web2Project 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)

SQL Injection in Dolphin 2014-06-18
High-Tech Bridge Security Research (advisory htbridge com)

[security bulletin] HPSBMU03048 rev.1 - HP Software Executive Scorecard, Remote Execution of Code, Directory Traversal 2014-06-17
security-alert hp com

2014-06-17
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBUX03046 SSRT101590 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-06-17
security-alert hp com

[SECURITY] [DSA 2962-1] nspr security update 2014-06-17
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!267F3DA9E607
Generic PUP.x!BFC93059E2BE
Downloader.gen.a!1DCCE9873B75
Generic PUP.x!BB6A43BFE064
Generic PUP.x!507E8D0DD6F2
Generic PUP.x!9828046AD4F9
Generic PUP.x!694E30BDE4A7
Generic PUP.x!6974FC58BF4B
Generic PUP.x!66DCCAFB8FFF
RDN/Generic PUP.x!cgd!21E4309AA7D2
Generic PUP.x!28B090B4D259
Generic PUP.x!A1B1E949C14C
Generic PUP.x!059A59DA575B
Generic PUP.x!7F29EB48D7BE
W32/Sdbot.worm!A99B7DB3BFA9
Generic PUP.x!535A0D9D16C0
Generic PUP.x!09952FBE2E44
Generic.bfr!8E43DE1BC26D
Generic PUP.x!212DA14CAD53
Generic PUP.x!1869C2B209A0
Generic PUP.x!505B9B4FE884
Generic PUP.x!11071D5A690B
Generic PUP.x!61E9478AEEF8
Generic PUP.x!5612D5F770B4
Generic PUP.x!687B8CA787B6
Generic PUP.x!625D31A5A1EC
Generic PUP.x!4B62EB784166
Generic PUP.x!60EBCABF40E3
Generic PUP.x!40B4BA6790A0
Generic PUP.x!22B6459FEF2C

Phishing

Barclays	19th June 2014
Dear Barclays Memeber,
Financial Services Authority	18th June 2014
[WARNING: VIRUS REMOVED]New eDocument arrived
Barclays	18th June 2014
Dear Barclays Memeber,

Vulnerebility

Exploit

Rocket Servergraph Admin Center fileRequestor Remote Code Execution

docker 0.11 VMM-container Breakout

Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow Vulnerability

18.6.2014

Bugtraq

[SECURITY] [DSA 2961-1] php5 security update 2014-06-16
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2950-2] openssl update 2014-06-16
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2960-1] icedove security update 2014-06-16
Moritz Muehlenhoff (jmm debian org)

[CFP] Hacktivity 2014 CFP is open 2014-06-16
ferenc spala hacktivity com

Malware

Generic PUP.x!37E10FBE2F52
Generic PUP.x!F9B822B9D814
RDN/Generic PUP.x!cgc!D93DA4732D0C
Generic PUP.x!12F14387945A
Generic PUP.x!9C7C61B5420C
Generic.bfr!08AD80AB7225
Generic.bfr!73130BE0F5E5
Generic PUP.x!9D7FCB428829
Generic PUP.x!C9AE208BDED4
Generic.bfr!E45969B7095A
Generic PUP.x!9B2FAE1F0CAB
Generic PUP.x!FF8528A56AA8
Generic PUP.x!C8FE2389E1EB
Generic PUP.x!D09E2F20A02E
Generic.bfr!DA7134C80F06
Generic PUP.x!E04A8C400321
RDN/Downloader.a!rk!BB444E4C2511
Generic.bfr!4DD466D249D1
Generic PUP.x!5F480E05098A
Generic PUP.x!1D9F6F878920
Generic PUP.x!46B3139B48FB
Generic PUP.x!AAD4131FE4CD
Generic.bfr!E97F199F1D90
Generic PUP.x!999325794ADA
Generic.bfr!A96F54140456
Generic PUP.x!5D5E8D894EC3
Generic PUP.x!F0932739C8D0
Generic PUP.x!2994640F0756
Generic PUP.x!E914D9D2BA0F
Generic PUP.x!F42939053A8A

Phishing

Barclays	18th June 2014
Dear Barclays Memeber,
Virgin Media	18th June 2014
Virgin Media Update
Virgin Media	17th June 2014
[Norton Anti]Virgin Media Automated Billing Reminder
Virgin Media Online	17th June 2014
Virgin Media Automated Billing Reminder

Vulnerebility

Exploit

Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow Vulnerability

Java Debug Wire Protocol Remote Code Execution

Adobe Reader for Android addJavascriptInterface Exploit

Motorola SBG901 Wireless Modem - CSRF Vulnerability

ZTE WXV10 W300 - Multiple Vulnerabilities

17.6.2014

Bugtraq

[SECURITY] [DSA 2960-1] icedove security update 2014-06-16
Moritz Muehlenhoff (jmm debian org)

[CFP] Hacktivity 2014 CFP is open 2014-06-16
ferenc spala hacktivity com

[SECURITY] [DSA 2959-1] chromium-browser security update 2014-06-14
Michael Gilbert (mgilbert debian org)

[SE-2014-01] Security vulnerabilities in Oracle Database Java VM 2014-06-16
Security Explorations (contact security-explorations com)

ClipBucket CMS Xss Vulnerability 2014-06-14
iedb team gmail com

Malware

Generic PUP.x!9029A777A670
Generic PUP.x!C5CEB22DBF83
Generic.dx!000FD2678BBF
Generic PUP.x!D7EF75B8630D
Generic PUP.x!C265D53056C7
Generic PUP.x!764E467BC1DD
Generic PUP.x!87EF977E4594
Generic PUP.x!31288963B755
RDN/Generic PUP.z!eb!464CB826686D
Generic PUP.x!E0799769F010
RDN/Spybot.bfr!0C03E8DD073E
Generic PUP.x!E0973C17EBAA
Generic.bfr!A4B811716CA6
RDN/Generic.dx!dcv!F68323707D19
Generic Downloader.x!9DAE48EBE350
Generic PUP.x!C6AA7C6F3AEA
Generic PUP.x!C637D8DB5531
Generic PUP.x!9D21D00C8A16
Generic PUP.x!D3EA96D37E55
RDN/Generic.dx!5E2FCF93265B
Generic PUP.x!0011B6E185E0
RDN/Generic PUP.x!C9A177CB1CC3
Generic PUP.x!C70ACE58DEED
Generic PUP.x!154A2E87A0BE
Generic Downloader.x!243ABCD5E169
Generic PUP.x!B278B6BA8A54
Generic PUP.x!AE1E8DF6EE0F
Generic PUP.x!B4EEDD0714A6
Generic PUP.x!C71E3E29E0AC
RDN/Generic.bfr!hj!2A7B0881C811

Phishing

Barclays	17th June 2014
Dear Barclays Memeber,
Halifax	16th June 2014
IMPORTANT - Halifax Online Service Message.
PayPal	16th June 2014
REQUIRE: UPDATE YOUR PAYPAL PROFILE INFORMATION
UNITED NATIONS ORGANIZATION	14th June 2014
CONFIRM THE CHANGE OF ACCOUNT

Vulnerebility

Exploit

Java Debug Wire Protocol Remote Code Execution

Easy File Management Web Server Stack Buffer Overflow

Adobe Reader for Android addJavascriptInterface Exploit

16.6.2014

Bugtraq

[ MDVSA-2014:124 ] kernel 2014-06-13
security mandriva com

[SECURITY] CVE-2013-2251: Apache Continuum affected by Remote Command Execution 2014-06-13
Brett Porter (brett apache org)

[security bulletin] HPSBUX03046 SSRT101590 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-06-13
security-alert hp com

AST-2014-006: Asterisk Manager User Unauthorized Shell Access 2014-06-12
Asterisk Security Team (security asterisk org)

CVE-2014-0228: Apache Hive Authorization vulnerability 2014-06-12
Thejas Nair (thejas hortonworks com)

[security bulletin] HPSBST03016 rev.4 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL, Remote Disclosure of Information 2014-06-12
security-alert hp com

AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions 2014-06-12
Asterisk Security Team (security asterisk org)

AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections 2014-06-12
Asterisk Security Team (security asterisk org)

Malware

Phishing

Vulnerebility

Exploit

13.6.2014

Bugtraq

AST-2014-006: Asterisk Manager User Unauthorized Shell Access 2014-06-12
Asterisk Security Team (security asterisk org)

CVE-2014-0228: Apache Hive Authorization vulnerability 2014-06-12
Thejas Nair (thejas hortonworks com)

[security bulletin] HPSBST03016 rev.4 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL, Remote Disclosure of Information 2014-06-12
security-alert hp com

AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions 2014-06-12
Asterisk Security Team (security asterisk org)

Malware

Generic PUP.x!4F1625E56C9B
Generic PUP.x!0198BF5519FE
Generic PUP.x!BA0593BA83E8
Generic PUP.x!171D190F2C4D
Generic PUP.x!7DA4C250F12A
Generic PUP.x!55E0AEB7BA42
Generic PUP.x!97BDACE8E7CD
Generic PUP.x!0EC8F4CB1FAB
Generic PUP.x!621E0719B7A5
Generic PUP.x!B65B10AC52BA
Generic PUP.x!35C2A3037941
Generic Downloader.x!D8D229A8DBA5
Generic PUP.x!0524DCBEA108
Generic PUP.x!080FAF320D0C
RDN/Generic.bfr!hi!47151F64FC74
Generic.tfr!CDE55C90FABA
Generic PUP.x!2EA9A94CFE76
Generic PUP.x!61F61748AA90
RDN/Generic.dx!dct!8E8A69E6EB99
Generic PUP.x!30F52F6C113F
RDN/Generic.bfr!CB88D6B1DCED
Generic PUP.x!45A22F141692
Generic PUP.z!DB70A042E285
Generic PUP.x!0185FBDF05AA
Generic.bfr!0B8A7331E835
Generic PUP.x!4215D1838140
Generic PUP.x!B16BB740F0FD
RDN/Generic BackDoor!AA03C9F4FB1C
RDN/Downloader.a!rh!535C9F1AA3DC
RDN/Generic.bfr!CEF77754A1B2

Phishing

Vulnerebility

Exploit

ZTE and TP-Link RomPager - DoS Exploit

Yealink VoIP Phone SIP-T38G - Default Credentials

Yealink VoIP Phone SIP-T38G - Local File Inclusion

Yealink VoIP Phone SIP-T38G - Remote Command Execution

Yealink VoIP Phone SIP-T38G - Privileges Escalation

IBM AIX 6.1.8 libodm - Arbitrary File Write

Plesk 10.4.4/11.0.9 - SSO XXE/XSS Injection Exploit

ZeroCMS 1.0 - zero_transact_user.php, Handling Privilege Escalation

PostgreSQL <= 8.4.1 JOIN Hashtable Size Integer Overflow Denial Of Service Vulnerability

12.6.2014

Bugtraq

CVE-2014-3977 - Privilege Escalation in IBM AIX 2014-06-11
Portcullis Advisories (advisories portcullis-security com)

NEW : VMSA-2014-0006 - VMware product updates address OpenSSL security vulnerabilities 2014-06-11
\VMware Security Response Center\ (security vmware com)

[security bulletin] HPSBMU03045 rev.1 - HP Service Virtualization Running AutoPass License Server, Remote Code Execution 2014-06-10
security-alert hp com

[ MDVSA-2014:120 ] miniupnpc 2014-06-10
security mandriva com

[ MDVSA-2014:118 ] emacs 2014-06-10
security mandriva com

[ MDVSA-2014:121 ] libgadu 2014-06-10
security mandriva com

[ MDVSA-2014:119 ] mediawiki 2014-06-10
security mandriva com

Malware

Generic PUP.x!F93D22F0E33F
Generic PUP.x!7672ACD56EBE
Generic PUP.x!072D6D6054AC
Generic PUP.x!C2748F3EC2E7
Generic PUP.x!7FF5C943DA82
Generic PUP.x!4BCD152F7D0E
Generic PUP.x!4A6DCAC40FFC
Generic PUP.x!88BC09237709
Generic PUP.x!FEFC4E7AFB7B
Generic PUP.x!9BCA1F78621C
Generic PUP.x!85BD48782369
Generic PUP.x!522D40DCB069
Generic PUP.x!FC6F7A573369
Generic PUP.x!C80042A441AA
Generic PUP.x!DD92459A447B
Generic PUP.x!C411C1230619
RDN/Generic.dx!dcs!FD781559041C
Generic PUP.x!DBB008C9BE05
RDN/Generic Downloader.x!kj!DAC04D843D16
Generic PUP.x!C1D8CE5A57A9
RDN/Generic PUP.x!9787D6E4CEEA
Generic PUP.x!55492CEF3146
Generic PUP.x!8055B6FEE4B9
Generic PUP.x!DDCD2123DA43
RDN/Generic.bfr!C25B1F188E9D
Generic PUP.x!C1F1A46AC736
Generic PUP.x!C20EFFCDDF75
Generic PUP.x!225516523A47
Generic PUP.x!496EF6F5A803
Generic PUP.x!FAF3C3A40927

Phishing

PayPal	12th June 2014
PAYPAL ISSUE ; INFORMATIONS REQUIRED

Vulnerebility

Exploit

IBM AIX 6.1.8 libodm - Arbitrary File Write

SHOUTcast DNAS 2.2.1 - Stored XSS

11.6.2014

Bugtraq

[ MDVSA-2014:110 ] curl 2014-06-10
security mandriva com

[ MDVSA-2014:112 ] python-django 2014-06-10
security mandriva com

[ MDVSA-2014:111 ] otrs 2014-06-10
security mandriva com

[slackware-security] php (SSA:2014-160-01) 2014-06-09
Slackware Security Team (security slackware com)

[ MDVSA-2014:108 ] gnutls 2014-06-09
security mandriva com

[ MDVSA-2014:109 ] gnutls 2014-06-09
security mandriva com

[ MDVSA-2014:107 ] libtasn1 2014-06-09
security mandriva com

[ MDVSA-2014:106 ] openssl 2014-06-09
security mandriva com

Malware

Generic PUP.x!111575284A48
Generic PUP.x!4F5F4A758BB8
Generic PUP.x!0F7CEEDFAA63
Generic PUP.x!64EEF4389131
RDN/Downloader.gen.a!2E7ADA774FD1
Generic PUP.x!1251462A26C1
Generic PUP.x!37C2EBF0D8F5
Generic PUP.x!0337F0A07839
Generic PUP.x!26F3718D140D
RDN/Generic BackDoor!yq!2EDB24D22CE8
RDN/Generic PUP.x!cfj!E292C00DED1D
Generic PUP.x!102BAE03B849
Generic PUP.x!05E8B7251755
Generic PUP.x!599A253690F2
Generic PUP.x!2F59A309CEC4
RDN/Generic PUP.x!cfj!115726B125F0
Generic PUP.x!9E69E93404B9
Generic PUP.x!0CDE94974D16
Generic PUP.x!7C916743B019
Generic Downloader.x!2393AE519CA7
Generic PUP.x!0722916ABE18
Generic PUP.x!0FEBB92C71C1
Generic PUP.x!05B95F218D4D
Generic PUP.x!025B8C3004F3
Generic PUP.x!4FC95EF53F79
Generic PUP.x!10915721DA17
RDN/Generic PUP.x!cfj!D5C321490E1B
Generic.bfr!007416AEAB61
RDN/Generic PUP.x!cfj!411CC75E3F2E
Generic PUP.x!11F9CFF0BC87

Phishing

Vulnerebility

Exploit

ZeroCMS 1.0 - (zero_view_article.php, article_id param) - SQL Injection Vulnerability

10.6.2014

Bugtraq

DNN (DotNetNuke®) dnnUI_NewsArticlesSlider Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

DNN (DotNetNuke®) responsivesidebar Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

DNN (DotNetNuke®) eventscalendar Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

DNN (DotNetNuke®) EasyDnnGallery Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

DNN (DotNetNuke®) CodeEditor Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

DNN (DotNetNuke®) ASPSlideshow Module Arbitrary File Download Vulnerability 2014-06-09
cseye_ut yahoo com

[security bulletin] HPSBMU03024 rev.3 - HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information 2014-06-09
security-alert hp com

[slackware-security] mozilla-firefox (SSA:2014-157-01) 2014-06-07
Slackware Security Team (security slackware com)

Malware

Generic PUP.x!7C5A3325FCEC
Generic PUP.x!12F22DFC8AD1
Generic PUP.x!A6ADAE3F9CF3
Generic PUP.x!FE26847681A4
Generic PUP.x!ADE94005CD99
RDN/Generic.dx!dcq!DB63662E0BF9
RDN/Generic PUP.x!cfg!EB20AD8996A4
Generic PUP.x!7C0FD9937783
Generic PUP.x!19EE3BADE782
Generic.bfr!7F7577CBADA9
RDN/Generic PUP.x!C255F4C64905
Generic PUP.x!ADF7A4C54546
Generic PUP.x!384FE196A48A
RDN/Generic.bfr!4AF476E6A56E
Generic PUP.x!A25041135656
Generic PUP.x!5681B27945E9
RDN/Generic.bfr!4E6ED20147E7
Generic PUP.x!A6C4B816CEF3
Generic PUP.x!F4BC373E428E
RDN/Generic.bfr!hh!5B83ABA70043
RDN/Generic PUP.x!cfg!25EFDD87B095
Generic.bfr!57499CD3A0B4
Generic PUP.x!CFF5E95181F5
Generic PUP.x!F86BACEEEDF0
Generic PUP.x!79F5F0ADF99A
Generic-FAGW!E2E07755233B
Generic-FAGW!BC91A2D7E0BD
Generic PUP.x!7DE260264754
Generic PUP.x!769F8329AE60
Generic PUP.x!81E4AA889B2F

Phishing

BT	9th June 2014
BT Planned Software Uprade
CService@btinternet.com DnGMod	8th June 2014
CASE BT-0225-199852

Vulnerebility

Exploit

eFront 3.6.14.4 (surname param) - Persistent XSS Vulnerability

WebTitan 4.01 (Build 68) - Multiple Vulnerabilities

DevExpress ASPxFileManager 10.2 to 13.2.8 - Directory Traversal

9.6.2014

Bugtraq

[Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components 2014-06-06
Onapsis Research Labs (research onapsis com)

[Onapsis Security Advisory 2014-020] SAP SLD Information Tampering 2014-06-06
Onapsis Research Labs (research onapsis com)

[slackware-security] openssl (SSA:2014-156-03) 2014-06-06
Slackware Security Team (security slackware com)

[slackware-security] sendmail (SSA:2014-156-04) 2014-06-06
Slackware Security Team (security slackware com)

SEC Consult SA-20140606-0 :: Multiple critical vulnerabilities in WebTitan 2014-06-06
SEC Consult Vulnerability Lab (research sec-consult com)

[slackware-security] gnutls (SSA:2014-156-01) 2014-06-06
Slackware Security Team (security slackware com)

Malware

Generic PUP.x!D80B3F6AD766
RDN/Generic PUP.x!cfd!0F50C95951F4
RDN/Generic PUP.x!cfd!F1E914B0CFDD
Generic PUP.x!C05435681930
RDN/Generic PUP.x!cfd!6E51A1FC88E1
Generic PUP.x!F6DB70E195FB
Generic PUP.x!D5609B0651BB
RDN/Generic.dx!dcp!F9391C1B5D90
Generic PUP.x!D35AEF182A39
RDN/Generic PUP.x!52FF5F06C734
RDN/Generic PUP.x!cfd!B8F87A78A83C
Generic PUP.x!F8681B881486
Generic PUP.x!9CEB91358F94
RDN/Generic PUP.x!FC6155B85663
Generic PUP.x!3D72D657DFE3
Generic PUP.x!DA00B9E4D148
Generic PUP.x!4D422777C91C
Generic PUP.x!5468D5696DCE
RDN/Generic PUP.x!cfd!464EB9F883EF
Generic PUP.x!09877B7FEF30
RDN/Generic PUP.x!cfd!862E808D6D86
Generic Downloader.x!9B43100FE244
RDN/Generic PUP.x!F8306E03A4D0
RDN/Generic PUP.x!cfd!0C7475760A6A
Generic Downloader.x!BF52BDC92BF3
RDN/Generic PUP.x!cfd!099EB89A8407
Generic PUP.x!C5F5D26E76B1
RDN/Generic PUP.x!cfd!6C92A726D4C7
Generic PUP.x!391509E22613
Generic Downloader.x!BB6CE32DA5E4

Phishing

CService@btinternet.com DnGMod	8th June 2014
CASE BT-0225-199852
Paypal	7th June 2014
YOUR PAYPAL HAS BEEN LIMITED
BT	7th June 2014
Update For June 2014

Vulnerebility

Exploit

Wordpress Theme Elegance - Post Local File Disclosure

Wordpress Theme Infocus - Post Local File Disclosure

6.6.2014

Bugtraq

[security bulletin] HPSBMU03029 rev.2 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information 2014-06-05
security-alert hp com

Details for CVE-2014-0220 2014-06-05
tucu cloudera com

Malware

RDN/Generic PUP.x!c2y!EB5FAA71EF8C
RDN/Generic PUP.x!7600A1238FA6
RDN/Generic.tfr!ea!386341CF2D89
RDN/Generic PUP.x!c2y!F2EFB045DFE3
Generic PUP.x!76EFE6939698
Generic PUP.x!F52A87CCFA47
Generic PWS.y!7D9CAC5560F5
Generic.dx!EB45BC2DF903
RDN/Generic PUP.x!c2y!E9F01E0DADC3
RDN/Generic PUP.x!c2y!EB75D283D4E9
Generic PUP.x!3A20000D22A6
RDN/Generic.bfr!hf!A23E1F7B3455
RDN/Generic PUP.x!c2y!EA7D762016AB
Generic.dx!00B4A0A43678
RDN/Generic PUP.x!c2y!EA09FC0416CE
Generic.bfr!F77A91B7716C
Generic PUP.x!1D2D93E46AEB
Generic PUP.x!32234E455B90
Generic PUP.x!27CF59080F8E
RDN/Generic PUP.x!c2y!EA1B0CA3E1CD
RDN/Generic.bfr!hf!C95D10A92F7D
Generic.tfr!DD170D0A79E1
Generic PUP.x!7D7B75252EE7
Generic PUP.x!170768B54CBC
Generic.tfr!A308180AD4EF
RDN/Generic PUP.x!c2y!EA0A83B2F5F1
Generic PUP.x!B78AF7551054
Generic.tfr!480709465CA4
Generic.tfr!63D42A974ED6
Generic PUP.x!EAACDFCCA9CE

Phishing

Vulnerebility

Exploit

Madness Pro <= 1.14 - Persistent XSS

Madness Pro <= 1.14 - SQL Injection

5.6.2014

Bugtraq

multiple Vulnerability in "WahmShoppes eStore" 2014-06-05
cseye_ut yahoo com

FreeBSD Security Advisory FreeBSD-SA-14:14.openssl 2014-06-05
FreeBSD Security Advisories (security-advisories freebsd org)

[SECURITY] [DSA 2949-1] linux security update 2014-06-05
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2950-1] openssl security update 2014-06-05
Moritz Muehlenhoff (jmm debian org)

[RT-SA-2014-006] Directory Traversal in DevExpress ASP.NET File Manager 2014-06-05
RedTeam Pentesting GmbH (release redteam-pentesting de)

[security bulletin] HPSBMU03033 rev.3 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information 2014-06-04
security-alert hp com

[SECURITY] [DSA 2946-1] python-gnupg security update 2014-06-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2948-1] python-bottle security update 2014-06-04
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2947-1] libav security update 2014-06-04
Moritz Muehlenhoff (jmm debian org)

ESA-2014-024: EMC Documentum Digital Asset Manager Blind DQL Injection Vulnerability 2014-06-04
Security Alert (Security_Alert emc com)

Malware

RDN/Generic PWS.y!9C1F2B1B1648
RDN/Generic PUP.x!c2w!87C59D9E1472
RDN/Generic PWS.y!zu!13FEFBC65F7A
Generic PUP.x!2CA377AEF0D6
RDN/Generic.bfr!E693324ABD1F
RDN/FakeAV-N.bfr!d!160827D79093
Generic PUP.x!AA6BBA23F5A5
Generic PUP.x!9AF572CE6AB3
RDN/Generic.bfr!8776C0B44E4B
Generic PUP.x!09A1ECDB9A9D
Generic PUP.x!7DCF086C5064
Generic PUP.x!E697361019C0
Generic PUP.x!BDF57308CE55
Generic PUP.x!3C44A5571661
RDN/Generic PUP.x!c2w!D4DBC992B9DD
Generic PUP.x!B572D60E1FA1
Generic PUP.x!13D1B2CA15FB
Generic PUP.x!8C08D99CF5EB
RDN/Generic.bfr!hh!06D7859350FA
Generic PUP.x!4162735CA253
RDN/Downloader.a!rf!FC13041FD272
Generic PUP.x!0DBB857D2324
RDN/Generic.tfr!ea!D43FA5992107
Generic PUP.x!2C06409A68F5
Generic PUP.x!0BC934A0B5D1
Generic.bfr!E76D5AAD07D1
Generic PUP.x!4B5A138366C9
RDN/Generic Downloader.x!ki!066132901776
Generic PUP.x!5D5A0E147C22
Generic PUP.x!0CD56578BE2E

Phishing

Barclays	5th June 2014
For security purposes, your online account has been locked.
NatWest	4th June 2014
Access to Online Banking Service !

Vulnerebility

Exploit

4.6.2014

Bugtraq

Malware

Generic PUP.x!AAE8957666BD
Generic PUP.x!D541D667CF68
Generic PUP.x!47F3B3A343CA
RDN/Generic PUP.x!c2u!6626FEBC0A28
RDN/PWS-Mmorpg!lc!199F51629939
RDN/Generic PUP.x!c2u!9774AD7E768F
Generic PUP.x!20177D5E8A85
Generic PUP.x!2955127D41D3
RDN/Generic PUP.x!c2u!5D58ECC527CD
Generic PUP.x!2B93E5B30B37
Generic.bfr!D4D1287CD744
RDN/Generic PUP.x!c2u!C8DC32918F57
Generic PUP.x!85D888B8F3D4
RDN/Generic.dx!dcn!1104216282F2
Generic PUP.x!27105BD056C4
Generic PUP.x!2A8832560725
Generic PUP.x!285FD908C7B9
Generic PUP.x!1A1D087D1B8C
Generic PUP.x!1FA6488261F0
Generic PUP.x!2A085ED290E8
Generic PWS.y!D2AEF481312A
Generic PUP.x!67434C542DEB
Downloader.gen.a!72BC09BEE4DC
Generic PUP.x!4819D84E392C
RDN/Spybot.bfr!8A53BE91A8E7
Generic PUP.x!E99CA192D78D
RDN/Generic.dx!dcn!1193EB2925E5
RDN/Generic PUP.x!c2u!AD3A4D2C8337
RDN/Generic.bfr!hh!BFEA75D7ED1D
RDN/Generic.bfr!hh!250CEB1E740D

Phishing

Apple	4th June 2014
YOUR APPLE ITUNES ACCOUNT HAS BEEN LIMITED
NatWest	3rd June 2014
Access to Online Banking Service.

Vulnerebility

Exploit

3.6.2014

Bugtraq

iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability 2014-06-03
Vulnerability Lab (admin vulnerability-lab com)

Bluetooth Photo-File Share v2.1 iOS - Multiple Web Vulnerabilities 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

TigerCom My Assistant v1.1 iOS - File Include Vulnerability 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

Privacy Pro v1.2 HZ iOS - File Include Web Vulnerability 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

AllReader v1.0 iOS - Multiple Web Vulnerabilities 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

Files Desk Pro v1.4 iOS - File Include Web Vulnerability 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

NG WifiTransfer Pro 1.1 - File Include Vulnerability 2014-06-03
Vulnerability Lab (research vulnerability-lab com)

LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues 2014-06-03
advisories (advisories lsexperts de)

CVE-2013-6825 DCMTK Root Privilege escalation 2014-06-02
Hector Marco (hecmargi upv es)

FCKedtior 2.6.10 Reflected Cross-Site Scripting (XSS) 2014-06-02
Robin Bailey (Robin Bailey dionach com)

VUPEN Security Research - Adobe Acrobat & Reader XI-X "AcroBroker" Sandbox Bypass (Pwn2Own) 2014-06-02
VUPEN Security Research (advisories vupen com)

[FD] CVE-2013-6876 s3dvt Root shell 2014-06-02
Hector Marco (hecmargi upv es)

ESA-2014-032: RSA® Adaptive Authentication (Hosted) DOM Cross-Site Scripting Vulnerability 2014-06-02
Security Alert (Security_Alert emc com)

CVE-2014-2843 - "Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "infoware MapSuite" 2014-06-01
Christian Schneider (mail Christian-Schneider net)

CVE-2014-2233 - "Server-Side Request Forgery" (CWE-918) vulnerability in "infoware MapSuite" 2014-06-01
Christian Schneider (mail Christian-Schneider net)

CVE-2014-2232 - "Absolute Path Traversal" (CWE-36) vulnerability in "infoware MapSuite" 2014-06-01
Christian Schneider (mail Christian-Schneider net)

CVE-2014-1226 s3dvt Root shell (still) 2014-06-02
Hector Marco (hecmargi upv es)

[SECURITY] [DSA 2942-1] typo3-src security update 2014-06-01
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2944-1] gnutls26 security update 2014-06-01
Moritz Muehlenhoff (jmm debian org)

[slackware-security] mariadb (SSA:2014-152-01) 2014-06-01
Slackware Security Team (security slackware com)

Yarubo #1: Arbitrary SQL Execution in Participants Database for Wordpress 2014-06-01
Yarubo Internet Security Scan (no-reply yarubo com)

[SECURITY] [DSA 2941-1] lxml security update 2014-06-01
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2943-1] php5 security update 2014-06-01
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2939-1] chromium-browser security update 2014-05-31
Michael Gilbert (mgilbert debian org)

Malware

Generic PUP.x!D5E0C6072B90
Generic PUP.x!30C01ED0E752
Generic PUP.x!A13A89F8DD4C
Generic PUP.x!40FF02EC873F
CryptInno!802EB529CFF2
Generic PUP.x!A8C5DA3113A5
CryptInno!809A7EC333CA
Generic PUP.x!04B028E481A6
RDN/Generic PUP.x!c2t!B9ED56936303
RDN/Spybot.bfr!743083F1D483
Generic PUP.x!03908C72AEB8
RDN/Generic PUP.x!214E7B9D27B3
Generic PUP.x!1BF43F7C82B2
Generic PUP.x!D077D267F39F
Generic PUP.x!5F0BB90DECFB
Generic.dx!9BC2DF2204C6
Generic PUP.x!E4581479CCFF
Generic PUP.x!43E29B009CF2
Generic Downloader.x!97695520F876
Generic PUP.x!B1A73FB7DD2C
Generic Downloader.x!B12557644E02
Generic PUP.x!397227FE0799
Generic PUP.x!625C37A9A2FB
RDN/Generic PUP.x!B9217C35E968
Generic PUP.x!183A2858F123
RDN/Generic Dropper!D021E091B859
Generic PUP.x!3E5A168C779E
Generic PUP.x!571A39DB4F36
Generic PUP.x!109DEA995E6D
Generic PUP.x!4DB67AA6F5A5

Phishing

Sainsburysbank.co.uk	3rd June 2014
LOCKED OUT OF SAINSBURYâ€™S ONLINE BANKING
Apple Europe	2nd June 2014
APPLE STORE PURCHASE CONFIRMATION.

Vulnerebility

Exploit

Wordpress Participants Database 1.5.4.8 - SQL Injection

dbus-glib pam_fprintd - Local Root Exploit

PHPBTTracker+ 2.2 - SQL Injection

NG WifiTransfer Pro 1.1 - Local File Inclusion

Files Desk Pro v1.4 iOS - Local File Inclusion

Privacy Pro v1.2 HZ iOS - Local File Inclusion

TigerCom My Assistant 1.1 iOS - Local File Inclusion

AllReader 1.0 iOS - Multiple Vulnerabilities

Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities

2.6.2014

Bugtraq

Malware

W32/Virus.gen!1DF570344FE4
Generic PUP.x!191734D6FAC7
Generic PUP.x!A1FFD41C222A
Generic PUP.x!E9B17414975B
Generic PUP.x!9FDADB0C7140
Generic PUP.x!EE9B03D7C7CB
Generic PUP.x!832058952004
Generic BackDoor!3313FA31AA71
Generic PUP.x!8793A2923140
Generic PUP.x!64B4C3ECD18E
Generic PUP.x!E12DA6D82DF1
Generic PUP.x!0F797399567C
Generic PUP.x!302BADDE926F
Generic PUP.x!8DD4F7A9F18C
Generic PUP.x!561EB04C21CB
Generic PUP.x!A00EE0E4AB23
Generic.dx!482D14CE2CC7
Generic PUP.x!E826B86E2A70
Generic PUP.x!7ED2ED8AD089
Generic PUP.x!108CA96A4DF9
Generic PUP.x!36AC110255BE
Generic PUP.x!06F6F4A4EF15
Generic PUP.x!0D351CE92788
Generic PUP.x!D08B9049E708
Generic.bfr!80FE41CA6CEA
Generic PUP.x!FF0A8477F1B5
Generic PUP.x!303CE7D61662
Generic PUP.x!9FDA1D6C6789
Generic PUP.x!DBF739FCB26B
Generic PUP.x!5E27C42520C3

Phishing

Sainsburysbank.co.uk	2nd June 2014
LOCKED OUT OF SAINSBURYâ€™S ONLINE BANKING
PayPal	2nd June 2014
PAYPAL ISSUE ; INFORMATIONS REQUIRED
Sainsburysbank.co.uk	1st June 2014
LOCKED OUT OF SAINSBURYâ€™S ONLINE BANKING
PayPal	1st June 2014
PAYPAL ISSUE ; INFORMATIONS REQUIRED

Vulnerebility

Exploit

Easy File Management Web Server v5.3 - UserID Remote Buffer Overflow (ROP)

31.5.2014

Bugtraq

Google Compute Engine Multiple DOS Vulnerabilities 2014-05-30
Scott T. Cameron (routehero gmail com)

Google Compute Engine - Lateral Compromise 2014-05-30
Scott T. Cameron (routehero gmail com)

Malware

Generic PUP.x!83FF61379B73
RDN/Generic BackDoor!yn!4A11329D913C
Generic BackDoor!7A43FD6A0317
Generic PUP.x!23E64623AA33
Generic PUP.x!07E5DC888F0C
Generic PUP.x!2F5449BCD908
Generic.dx!AAE51DBB4D9D
Generic PUP.x!7C19EEBA8334
RDN/Generic Downloader.x!ki!688116E11209
RDN/Generic PWS.y!zt!349C5C9B097C
Generic.bfr!089A9547DF4D
RDN/Generic.bfr!5F82042E369C
RDN/Generic.bfr!63FC38E32EAD
Generic PUP.x!5ABAE9D4B892
Generic PUP.x!001AD2BA1CCB
Generic.bfr!E181A55D167B
Generic PUP.x!B5D13B322CCB
Generic PUP.x!4A486AB6D291
RDN/Generic PWS.y!49E3C93399D4
Generic PUP.x!7D09E5CEFB3A
Generic PUP.x!4B4B9C276CA1
Generic PUP.x!9E7A6D6F36FE
Generic PUP.x!AD5345A0382E
Generic PUP.x!9A701495049E
Generic PUP.x!5834EBF3BD46
Generic PUP.x!0A03140D2BC6
Generic PUP.x!94676B95C989
RDN/Generic PUP.x!457639667636
Generic.bfr!7DF5DCB0C870
FakeAV-N.bfr!58E5E20F5CB5

Phishing

Vulnerebility

Exploit

Ubuntu 12.04.0-2LTS x64 perf_swevent_init - Kernel Local Root Exploit

ElasticSearch Dynamic Script Arbitrary Java Execution

Microsoft Internet Explorer 11 - WeakMap Integer Divide-by-Zero

30.5.2014

Bugtraq

Mybb Sendthread Page Denial of Service Vulnerability 2014-05-29
iedb team gmail com

OpenCart 1.5.6.4 Directory Traversal Vulnerability 2014-05-29
iedb team gmail com

Defense in depth -- the Microsoft way (part 15): unquoted arguments in 120 (of 462) command lines 2014-05-28
Stefan Kanthak (stefan kanthak nexgo de)

[RT-SA-2014-005] SQL Injection in webEdition CMS File Browser Installer Script 2014-05-28
RedTeam Pentesting GmbH (release redteam-pentesting de)

[RT-SA-2014-004] Remote Command Execution in webEdition CMS Installer Script 2014-05-28
RedTeam Pentesting GmbH (release redteam-pentesting de)

Multiple vulnerabilities in Sharetronix 2014-05-28
High-Tech Bridge Security Research (advisory htbridge com)

Malware

RDN/Generic Dropper!un!12F9D56754B2
Generic PUP.x!18F0A2DA27FD
Generic PUP.x!F9D12A1E03B2
RDN/Generic Downloader.x!ki!EEB108329182
FakeAV-N.bfr!EC3B0D5CEABA
Generic PUP.x!30FF6135E193
Generic PUP.x!103DD23C805F
RDN/Generic PUP.x!2A19A7E5C8D2
RDN/Generic.dx!5BAE6013A2D1
Generic PUP.x!7564A95AC3CE
Generic PUP.x!6AE3FE1AE44F
Generic PUP.x!BF4738DB8E7F
RDN/Generic PUP.x!978E91A686C9
W32/Spybot.bfr!0F122DDB9AD7
Generic PUP.x!8CE7B92AA0FB
RDN/Generic Downloader.x!ki!4369EDD8D776
RDN/Generic.bfr!hh!FECD3B62B663
RDN/Generic BackDoor!yn!28D9096A563B
RDN/Generic BackDoor!yn!EDF03E0CCC4F
RDN/Generic PUP.x!c2o!D1BBE83FC935
RDN/Generic PUP.x!c2o!F7CA7415471B
RDN/Generic BackDoor!F9C711C918B9
Generic PUP.x!22DA11B38296
Generic PUP.x!938CB624D92C
Generic.tfr!23087CD83CA2
Generic PUP.x!7BF6439D78ED
RDN/Generic.tfr!ea!E6B259491C63
RDN/DNSChanger.bfr!F910B4271B2C
RDN/Generic.bfr!hh!DB61BD435DDB
RDN/Generic PWS.y!zt!D56C061125A4

Phishing

Barclays	30th May 2014
ONLINE ACCESS SUSPENDED
Barclays	29th May 2014
Errors Were Detected On Your Account
VirginMedia	29th May 2014
VirginMedia account disabled, please confirm your profile!
Security-team	29th May 2014
POLICY UPDATES !

Vulnerebility

Exploit

ElasticSearch Dynamic Script Arbitrary Java Execution

29.5.2014

Bugtraq

Multiple vulnerabilities in Sharetronix 2014-05-28
High-Tech Bridge Security Research (advisory htbridge com)

SEC Consult SA-20140528-0 :: Root Backdoor & Unauthenticated access to voice recordings in NICE Recording eXpress 2014-05-28
SEC Consult Vulnerability Lab (research sec-consult com)

LSE Leading Security Experts GmbH - LSE-2014-05-21 - Check_MK - Arbitrary File Disclosure Vulnerability 2014-05-28
LSE Leading Security Experts GmbH $Security Advisories$ (advisories lsexperts de)

[SECURITY] [DSA 2938-1] Availability of LTS support for Debian 6.0 / squeeze 2014-05-27
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2937-1] mod-wsgi security update 2014-05-27
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!9B254EFD85AC
Generic PUP.x!1F3C30D9A005
Generic PUP.x!A0E7FA903DA6
Generic PUP.x!098881D6E5EE
Generic PUP.x!27975741C7AD
Generic PUP.x!46D397D6EFC4
Generic PUP.x!C99D273A6A97
RDN/Vundo!du!E02BFE2312CF
RDN/Generic PUP.x!10B67E4AA5EB
Generic.bfr!4689A84BA6EE
Generic PUP.x!79B04CE8DB8D
RDN/Generic PUP.x!c2n!45A491358600
RDN/Generic BackDoor!ym!5038B00A7079
RDN/Generic PUP.x!c2n!4585910A42B6
RDN/Vundo!du!7D44804BCD91
RDN/Generic.dx!8382D4DF9074
Generic PUP.x!C62208F8BCC2
RDN/Generic PUP.z!06033F1D7E8E
Generic PUP.x!666F1DB1EFDA
RDN/Generic.bfr!hh!F4C4C4712763
RDN/Vundo!du!C0D426A88952
Generic PUP.x!417A64EA2F45
Generic PUP.x!14D1F6EFCCE3
RDN/Vundo!du!0DFB32B79158
Generic PUP.x!76DC83C19BA4
Generic.bfr!A9BBA92CAB4D
Generic PUP.x!B34248F7A063
RDN/Generic BackDoor!ym!3E8A6EEC7448
RDN/Generic.dx!FA250364F172
Generic PUP.x!EE2363ACD6B2

Phishing

Halifax	28th May 2014
Account Suspended
no-reply@bt.com	28th May 2014
WARNING:Your BT security is still not active.
NatWest	28th May 2014
* CACTUS * NatWest - Security centre

Vulnerebility

Exploit

28.5.2014

Bugtraq

call for papers- £Ã£Ó£Ó£Å£²£°£±£´ 2014-05-27
cfp-conf2014.org (cfp-conf2014 org securityfocus com)

[security bulletin] HPSBGN03041 rev.1 - HP IceWall Configuration Manager running Apache Struts, Remote Execution of Arbitrary Code 2014-05-27
security-alert hp com

Malware

Generic PUP.x!BBE4894EE120
Generic PUP.x!82E302BB710B
RDN/Generic PUP.x!c2h!D52C8D42FC26
Generic PUP.x!7B42B4C64BCB
RDN/Generic PUP.x!E887D72B93D5
Generic PUP.x!72B54558F0A6
RDN/Generic PUP.x!c2h!1A48881BCC65
Generic PUP.x!83FF28D41404
FakeAV-N.bfr!F4E9C18DBABD
RDN/Generic PUP.x!c2h!496E79A4C717
Generic PUP.x!B00D2BAD552A
Generic PUP.x!71D6E054EAAB
Generic PUP.x!94B8F4967EF2
Generic PUP.x!EC5C1051FA52
RDN/Generic Downloader.x!kg!090CB7C8CF94
Generic PUP.x!491147C73839
Generic PUP.x!FAEBCBF47A5A
Generic PUP.x!89711471ADAC
Generic PUP.x!72FA4A8656E8
Generic PUP.x!FA374ECEDD02
RDN/FakeAV-N.bfr!898797CFC6FB
Generic PUP.x!868453B1DC2B
Generic PUP.x!07C90FB621C1
Generic PUP.x!30E15049258C
Generic.bfr!727BFFC68B13
RDN/Generic Downloader.x!kg!F0A3CF698CB2
RDN/Generic PUP.x!23855027A93D
Generic PUP.x!7D2B3A5440D7
RDN/DNSChanger.bfr!c!5742FFB8A101
RDN/Generic PUP.x!c2h!8A7681CCAECD

Phishing

Vulnerebility

Exploit

TORQUE Resource Manager 2.5.x-2.5.13 - Stack Based Buffer Overflow Stub

Sharetronix 3.3 - Multiple Vulnerabilities

Wireshark CAPWAP Dissector - Denial of Service (msf)

27.5.2014

Bugtraq

VUPEN Security Research - Adobe Acrobat & Reader XI-X Barcode Heap Overflow (Pwn2Own) 2014-05-26
VUPEN Security Research (advisories vupen com)

[security bulletin] HPSBUX02960 SSRT101419 rev.3 - HP-UX Running NTP, Remote Denial of Service (DoS) 2014-05-23
security-alert hp com

Malware

RDN/Generic PUP.x!E6AA67E46656
Generic PUP.x!8319E282C059
Generic PUP.x!6008B4D237A3
Generic PUP.x!D9AEE9FE982F
Generic.bfr!01A1E12AD9FD
Generic PUP.x!1D2BEF715D4D
Generic PUP.x!C6551035145E
RDN/Generic.dx!dcg!D3200BAB4D3D
Generic PUP.x!0A2F2F41C8CC
Generic PUP.x!FA1B6DEDED4B
Generic PUP.x!29D257030B43
Generic PUP.x!BF011DF65137
Generic PUP.x!B413A6DC162E
Generic PUP.x!57111F2A6485
Generic PUP.x!855D852A0559
Generic PUP.x!CA95600FCD22
RDN/Generic.bfr!hf!485C446CE83D
Generic PUP.x!BE625E9A5DE6
Generic PUP.x!4D3C06776156
Generic PUP.x!2F48853498A3
RDN/Generic.bfr!A6E8F04F5C19
RDN/Generic PUP.x!c2d!065CB1B1BDCA
RDN/Generic PUP.x!180980CE0A6A
RDN/Generic PUP.x!c2d!E8CCD53F5BEC
RDN/Vundo!du!37816C3E3CB6
RDN/Vundo!du!D4874EC3AB33
RDN/Generic PUP.x!c2d!133E7583B785
Generic PUP.x!867AAAFDA6C5
Generic PUP.x!8D69D010F3DD
Generic PUP.x!02423737DF3E

Phishing

BT	27th May 2014
Verify Your Account
Microsoft	27th May 2014
Your itunes account has been frozen !
Microsoft	27th May 2014
Notification itunes !
Santander	26th May 2014
Irregular account activity detected
BT	26th May 2014
Verify Your Account

Vulnerebility

Exploit

Easy File Sharing FTP Server 3.5 - Stack Buffer Overflow

D-Link Routers - Multiple Vulnerabilities

Zyxel P-660HW-T1 v3 Wireless Router - CSRF Vulnerability

Symantec Workspace Streaming Arbitrary File Upload

Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation

D-Link Routers - Multiple Vulnerabilities

26.5.2014

Bugtraq

ESA-2014-021: RSA Archer® GRC Multiple Cross-Site Scripting Vulnerabilities 2014-05-23
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 2936-1] torque security update 2014-05-23
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!9245A4AB1143
Generic Downloader.x!1A817239502E
Generic PUP.x!FB62C913D24A
Generic PUP.x!CD3171280F90
Generic PUP.x!8479F4A7A8E3
Generic PUP.x!4FBBF1A71BB5
Generic PUP.x!EFDC814CDC74
Generic.tfr!A9B92A730178
Generic PUP.x!62B86900010B
Generic.tfr!D34D473118F8
Generic.tfr!D239C3916207
Generic PUP.x!118D1F5BD9E1
RDN/Generic BackDoor!yk!E62116BF450B
Generic PUP.x!98789BF26851
Generic PUP.x!486DE4E05F2C
Generic PUP.x!94126A428D65
RDN/Generic PUP.x!c2b!C38FED8A9766
Generic PUP.x!A536DBEDFEAA
RDN/Generic Downloader.x!E089555D5F8F
Generic PUP.x!68EF7234B68F
Generic PUP.x!3FC6785CD346
Generic PUP.x!417526705A16
Generic PUP.x!AA2681B96A51
Generic PUP.x!05B1C43AC45B
Generic PUP.x!D72AE03E257E
Generic PUP.x!6BCAD99F478D
Generic PUP.x!A72E4C561EF3
Generic PUP.x!B13C25D1DBE0
RDN/Generic PUP.x!50DD086D5F97
Generic PUP.x!8EDAD4085A71

Phishing

BT	26th May 2014
Verify Your Account
Nationwide Building Society	25th May 2014
YOUR ONLINE BANKING ACCESS LOCKED
Santander	25th May 2014
[SUSPECTED ] IRREGULAR ACCOUNT ACTIVITY DETECTED
NatWest.co.uk	24th May 2014
NatWest Statement
Lloyds Commercial Bank	24th May 2014
FW: Important - Commercial Documents

Vulnerebility

Exploit

23.5.2014

Bugtraq

[SECURITY] [DSA 2936-1] torque security update 2014-05-23
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBMU03025 rev.2 - HP Diagnostics running OpenSSL, Remote Disclosure of Information 2014-05-22
security-alert hp com

[security bulletin] HPSBMU02995 rev.8 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-05-22
security-alert hp com

Malware

RDN/Generic.bfr!he!1632BEBEA1FB
RDN/Generic.dx!dc3!DC6C36032694
Generic PUP.x!5DCCA9723B6E
Generic PUP.x!3E4D2A6264C6
Generic PUP.x!A417CE007C87
Generic PUP.x!FF1B89833CE9
RDN/Downloader.a!qx!AD3FF53BE9EB
Generic PUP.x!9F45555CAD08
Generic PUP.x!51F1D690717C
Generic PUP.x!F847D2A634E1
RDN/Generic PUP.x!cdw!B2D479FF1B12
Generic PUP.x!8A2766089EC9
Generic PUP.x!DFE6A4F8EC9C
Generic PUP.x!FB50F6075750
RDN/Generic.dx!dc3!4DA154D64E1A
Generic PUP.x!3D0781E2249A
Generic PUP.x!65CD62422C2B
Generic PUP.x!167C62E72893
Generic.bfr!99D804B2BEFB
Generic PUP.x!0E1538F3D535
Generic PUP.x!01F0BD0968AD
Generic PUP.x!F55FC7E5EA6E
Generic PUP.x!34309573DC23
Generic PUP.x!F9F6E49633D7
Generic PUP.x!322DB7E88B0C
RDN/Generic PUP.x!cdw!C3B135D178C6
Generic PUP.x!0FAF90400A02
Generic PUP.x!72DE032162EA
Generic PUP.x!C1771F0C3470
Generic PUP.x!DA2181FD32C3

Phishing

Lloyds Commercial Bank	23rd May 2014
FW: Important - Commercial Documents

Vulnerebility

Exploit

22.5.2014

Bugtraq

Wordpress Booking System (Booking Calendar) plugin SQL Injection 2014-05-21
info sec (omgpdrv gmail com)

Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe 2014-05-20
Stefan Kanthak (stefan kanthak nexgo de)

APPLE-SA-2014-15-20-1 OS X Server 3.1.2 2014-05-20
Apple Product Security (product-security-noreply lists apple com)

CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS 2014-05-20
Portcullis Advisories (advisories portcullis-security com)

Malware

Generic PUP.x!CD6202B6D807
RDN/Generic PUP.x!cd3!9EAE5B57F3F8
Obfuscated-FAFB!hb!50B1EC0088ED
Generic Downloader.x!8240E9596EEF
Generic Downloader.x!448C79C63D51
Generic PUP.x!B58A5A676C78
RDN/Vundo!dt!7698567E980F
Generic PUP.x!97199DE3116B
RDN/Generic.bfr!hf!2B93811AB639
Generic.dx!9E4A8AC52E97
Generic PUP.x!203AE1256A51
Generic PUP.x!4516417BCBFF
Generic PUP.x!233EEE6488CD
RDN/Generic PUP.x!50533D613DAC
RDN/Generic PWS.y!zp!66D031558C5B
Generic PUP.x!D65D43DCA447
Generic PUP.x!8AED8844D36B
RDN/Generic Downloader.x!kf!210AA1842EB9
RDN/Generic Downloader.x!kf!67F9CE3FD3F3
RDN/Generic PUP.x!cd3!0D99EEA088B2
Generic.bfr!67604D03A273
Generic PUP.x!85F26F00E61A
Generic PUP.x!1131176A159F
Generic PUP.x!97142E5F9A57
Generic PUP.x!57452E6A886C
Generic PUP.x!08B9C0D43DCE
Generic.bfr!731FFB99F707
Generic PUP.x!4FA779758DE1
Generic PUP.x!01FBDD91E8F9
Generic PUP.x!3E635B5B4794

Phishing

Nationwide	22nd May 2014
Nationwide - Internet banking service has been temporarily suspended
Barclays	22nd May 2014
This is an important Barclays bank security Message

Vulnerebility

Exploit

21.5.2014

Bugtraq

Wordpress Booking System (Booking Calendar) plugin SQL Injection 2014-05-21
info sec (omgpdrv gmail com)

Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe 2014-05-20
Stefan Kanthak (stefan kanthak nexgo de)

APPLE-SA-2014-15-20-1 OS X Server 3.1.2 2014-05-20
Apple Product Security (product-security-noreply lists apple com)

CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS 2014-05-20
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS 2014-05-20
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-3450 - Privilege Escalation in Panda Security 2014-05-20
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS 2014-05-20
Portcullis Advisories (advisories portcullis-security com)

[security bulletin] HPSBGN03007 rev.1 - HP IceWall MCRP and HP IceWall SSO, Remote Denial of Service (DoS) 2014-05-20
security-alert hp com

Construtiva CIS Manager CMS POST SQLi 2014-05-19
edge bitmessage ch

t2'14: Call for Papers 2014 (Helsinki / Finland) 2014-05-19
Tomi Tuominen (tomi tuominen t2 fi)

[SECURITY] [DSA 2934-1] python-django security update 2014-05-19
Salvatore Bonaccorso (carnil debian org)

[security bulletin] HPSBMU03022 rev.3 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information 2014-05-19
security-alert hp com

Malware

RDN/Generic PUP.x!cds!6B7002FF4EC3
RDN/Generic PUP.x!cds!59253C4691AC
RDN/Generic PUP.x!cds!709F6EEA7753
Generic PUP.x!8AF0450175C0
RDN/Generic PUP.x!cds!64D393F8BDB0
RDN/Generic PUP.x!cds!A5DD3839677C
Generic.bfr!2EBD2B0D29F4
Generic PUP.x!FB5AA1BA5869
RDN/Generic Downloader.x!kf!878D2B922011
RDN/Generic.dx!dc3!2DB90235B4CC
RDN/Generic PUP.x!cds!6A05C3D0A2D4
RDN/Generic.bfr!he!4B9E8F00B5B7
Generic.bfr!FB4DF3A594ED
RDN/Generic PUP.x!cds!6D153741AC91
Generic PUP.x!3350611DD34E
Generic PUP.x!C12A701B5BE6
RDN/Generic PUP.x!cds!28EEC57BF651
RDN/Generic PUP.x!cds!8AAC4A73D0B5
RDN/Generic PUP.x!cds!B813F9B6CBC4
RDN/Generic PUP.x!cds!6818644DBBF0
Generic PUP.x!8127732995BB
Generic.bfr!2EF885F97BF1
BackDoor-FBIB!81BCE4B1823E
Generic PUP.x!335E3E8ACE47
RDN/Generic PUP.x!cds!04A63FB77E80
Generic PUP.x!2D5DEB648994
Generic.bfr!2EC46E477AB2
RDN/Generic PUP.x!cds!330118730964
RDN/Generic.bfr!2EF95145C5FA
Generic PUP.x!38297D2234B0

Phishing

Chase	20th May 2014
Your Account Is Suspended
no-reply@bt.com ;	20th May 2014
Verify Your Account.
BT	20th May 2014
VERIFY YOUR BT ACCOUNT
NS&I	19th May 2014
PROTECT YOUR MONEY

Vulnerebility

Exploit

Easy File Management Web Server 5.3 - Stack Buffer Overflow

Easy Address Book Web Server 1.6 - Stack Buffer Overflow

Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities

20.5.2014

Bugtraq

[SECURITY] [DSA 2932-1] qemu security update 2014-05-19
Giuseppe Iuculano (iuculano debian org)

[SECURITY] [DSA 2931-1] openssl security update 2014-05-18
Moritz Muehlenhoff (jmm debian org)

Malware

Generic PUP.x!DEDA6D50EF85
Generic PUP.x!A30977EA4308
Generic PUP.x!2C12DB9CE9C0
Generic PUP.x!F3F0B4E7ADE6
Generic PUP.x!3379DB5E655E
Generic PUP.x!617B2A57C441
Generic PUP.x!96E1E4801938
Generic PUP.x!1193FAC3DC70
Generic PUP.x!AFC21996A9A0
Generic PUP.x!0C5D1D01A10E
Generic PUP.x!5369F7918687
Generic PUP.x!B37F03929B43
RDN/Generic.dx!1B3BFDC2EB9B
RDN/Generic PUP.x!cdn!237C36DC09A6
RDN/Generic PUP.x!cdn!7F921790A060
RDN/Generic PUP.x!cdn!334D777D8970
RDN/Generic Downloader.x!0B122893DCE0
Generic PUP.x!A2FB857F865E
RDN/Generic.bfr!5D643BEC77F7
Generic PUP.x!B169969E45B4
RDN/Generic PWS.y!zp!B5F4827D2E97
Generic PUP.x!80F7771E0C92
RDN/Generic PUP.x!cdn!BF99387C872F
FakeAV-N.bfr!363DDEACCEC0
RDN/Generic.bfr!2470720C49FE
Generic PUP.x!1414F2903048
Generic PUP.x!B1BDF95C8768
Generic PUP.x!D65BD85ECA9F
Generic.dx!1C8038E419BD
Generic PUP.x!B37808D8C507

Phishing

BT	20th May 2014
VERIFY YOUR BT ACCOUNT
NS&I	19th May 2014
PROTECT YOUR MONEY
.PayPal	19th May 2014
Your PayPal account is limited until we hear from you

Vulnerebility

Exploit

19.5.2014

Bugtraq

[SECURITY] [DSA 2931-1] openssl security update 2014-05-18
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2930-1] chromium-browser security update 2014-05-17
Michael Gilbert (mgilbert debian org)

APPLE-SA-2014-05-16-1 iTunes 11.2.1 2014-05-17
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBHF02946 rev.2 - HP Servers with NVIDIA GPU Computing Driver, Elevation of Privilege 2014-05-16
security-alert hp com

Malware

Generic PUP.x!7B75D5C6EB1D
Generic PUP.x!4A56094DA991
Generic PUP.x!CBED42DB175E
Generic PUP.x!311D7EDACB79
Generic PUP.x!FB199BE8197D
Generic PUP.x!ED14377F9F20
Generic PUP.x!F603DB3B2B1A
Generic PUP.x!AB68D2AF9DAF
Generic PUP.x!F1446E58DBD2
Generic PUP.x!A3675F6ADD73
Generic PUP.x!C57BBEE17BE3
Generic PUP.x!36A7A74C6192
RDN/Generic PUP.x!cdl!F9C3AA9EB4CB
Generic.bfr!D72FB94DE737
RDN/Generic PUP.x!cdl!F8DA48AD2F7C
Generic PUP.x!59288C1DD6D4
RDN/Generic PUP.x!cdl!4646595DD77F
Generic PUP.x!10857511BE65
Generic PUP.x!F8AC539DAE4B
Generic.tfr!F1E12B680975
RDN/Generic PUP.x!15630E22075E
Generic PUP.x!AC585035E676
RDN/Generic PUP.x!cdl!BF6F57745BA2
FakeAV-N.bfr!48114AF2B7F4
Generic PUP.x!F992E32CAD9F
Generic PUP.x!9CCBD080E108
Generic PUP.x!98B05270EBB0
Generic PUP.x!435176B012F4
RDN/Generic.bfr!835305335D2A
Generic PUP.x!A98D88FA66F7

Phishing

ebilling@bt.com ;	18th May 2014
ACTION REQUIRED: Activate and view your BT bill online
Yahoo	18th May 2014
YAHOO DE-ACTIVATION ALERT

Vulnerebility

Exploit

AoA MP4 Converter 4.1.2 - ActiveX Exploit

AoA Audio Extractor Basic 2.3.7 - ActiveX Exploit

AoA DVD Creator 2.6.2 - ActiveX Exploit

CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow

HP Release Control Authenticated XXE

SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traversal

18.5.2014

Bugtraq

[ MDVSA-2014:104 ] egroupware 2014-05-16
security mandriva com

[ MDVSA-2014:101 ] owncloud 2014-05-16
security mandriva com

[ MDVSA-2014:093 ] couchdb 2014-05-16
security mandriva com

[ MDVSA-2014:099 ] dovecot 2014-05-16
security mandriva com

[ MDVSA-2014:097 ] libvirt 2014-05-16
security mandriva com

[ MDVSA-2014:091 ] cups 2014-05-16
security mandriva com

[ MDVSA-2014:103 ] wordpress 2014-05-16
security mandriva com

[ MDVSA-2014:100 ] java-1.7.0-openjdk 2014-05-16
security mandriva com

[ MDVSA-2014:102 ] mariadb 2014-05-16
security mandriva com

CA20140413-01: Security Notice for OpenSSL Heartbleed Vulnerability 2014-05-16
Williams, James K (Ken Williams ca com)

[ MDVSA-2014:096 ] python-jinja2 2014-05-16
security mandriva com

[ MDVSA-2014:094 ] rxvt-unicode 2014-05-16
security mandriva com

[ MDVSA-2014:098 ] rawtherapee 2014-05-16
security mandriva com

[ MDVSA-2014:095 ] struts 2014-05-16
security mandriva com

[ MDVSA-2014:092 ] cups 2014-05-16
security mandriva com

Two Cross-Site Scripting (XSS) Vulnerabilities in Seo Panel 2014-05-16
High-Tech Bridge Security Research (advisory htbridge com)

[ MDVSA-2014:089 ] nagios 2014-05-16
security mandriva com

[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update 2014-05-16
Florian Weimer (fw deneb enyo de)

APPLE-SA-2014-05-15-2 iTunes 11.2 2014-05-15
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-05-15-1 OS X Mavericks v10.9.3 2014-05-15
Apple Product Security (product-security-noreply lists apple com)

[security bulletin] HPSBMU02995 rev.7 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-05-15
security-alert hp com

[ MDVSA-2014:088 ] python-lxml 2014-05-15
security mandriva com

[CVE-2014-0749] TORQUE Buffer Overflow 2014-05-15
john fitzpatrick mwrinfosecurity com

[ MDVSA-2014:087 ] php 2014-05-15
security mandriva com

[REVIVE-SA-2014-001] Revive Adserver 3.0.5 fixes CSRF vulnerability 2014-05-15
Matteo Beccati (php beccati com)

Bilyoner mobile apps prone to various SSL/TLS attacks 2014-05-15
harun esur sceptive com

[SECURITY] [DSA 2928-1] linux-2.6 security update 2014-05-14
dann frazier (dannf debian org)

Paypal Inc Bug Bounty #109 MOS - Bypass & Persistent Vulnerability 2014-05-14
Vulnerability Lab (research vulnerability-lab com)

[security bulletin] HPSBMU03040 rev.1 - HP LoadRunner & HP Performance Center, running OpenSSL, Remote Disclosure of Information 2014-05-14
security-alert hp com

CSRF and Remote Code Execution in EGroupware 2014-05-14
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic PUP.x!B218EF14698F
Generic PUP.x!C5D66B45E62F
Generic PUP.x!D97400404E1B
Generic PUP.x!5E6BD8796973
Generic Downloader.x!DD84FC8C5590
Generic PUP.x!6EBD4F00DF3A
Generic PUP.x!69C9610EC7E1
RDN/Generic PUP.x!cdl!40BD9EC476D8
RDN/Generic PUP.x!cdl!BED211CB88C0
Generic PUP.x!BC91E5AD6958
RDN/Ransom!eg!09395F43A99F
Generic.dx!74FEDB2CD52A
Generic.dx!332D9752ECC3
Generic PUP.x!5A2FA8F082D2
RDN/Generic PUP.x!cdl!625925196F70
RDN/Downloader.a!qu!7828414640F7
Generic PUP.x!CF9B6CB60E95
Generic.dx!7DEC80E04128
Generic Downloader.x!F5C0E1EA80A9
Generic.dx!40C597B8E1CF
Generic PUP.x!C97BBD610104
RDN/Generic PUP.x!cdl!1D98390D6285
RDN/Generic PUP.x!cdl!3AC7CEC0F7FE
Generic PUP.x!7D29B0046F3F
RDN/Generic PUP.x!cdl!349C6813ECFB
Generic.dx!6144FAA0B8E9
RDN/Generic PUP.x!cdl!82CFEF882C62
RDN/Generic PUP.x!cdl!6D0633DE7C86
RDN/Generic PUP.x!cdl!82A3AB2D907F
Generic PUP.x!2EBD36585652

Phishing

NatWest ;	15th May 2014
Changes to your account balance.
NatWest.co.uk	15th May 2014
NatWest Statement
American Express	14th May 2014
1 NEW MESSAGES !

Vulnerebility

Exploit

28.4.2014

Bugtraq

[SECURITY] [DSA 2917-1] super security update 2014-04-28
Florian Weimer (fw deneb enyo de)

[SECURITY] [DSA 2916-1] libmms security update 2014-04-28
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2915-1] dpkg security update 2014-04-28
Raphael Geissert (geissert debian org)

[security bulletin] HPSBMU03022 rev.1 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information 2014-04-26
security-alert hp com

[ANN] Struts 2.3.16.2 GA release available - security fix 2014-04-26
Lukasz Lenart (lukaszlenart apache org)

Malware

Generic.dx!C5D82D44BB86
Generic.bfr!618A32F9C97A
RDN/Generic.dx!dbj!B90CF6E074FD
RDN/Generic PUP.x!025D8193D0F2
q9.s_105021!9CAAEF359236
RDN/Generic.bfr!hb!1C091D9082BA
q9.s_105021!FAF892C6349B
RDN/Generic.dx!dbj!06537F86204D
RDN/Generic.dx!028DBA1F048E
RDN/Generic PUP.x!FB6435D8CC6D
RDN/Spybot.bfr!854E4A92DBAA
RDN/Generic PUP.x!cbv!5F531A29FD2E
Generic PUP.x!4DAF944A6059
Generic.bfr!38DF8C10C23E
q9.s_105021!8B1425F0568A
RDN/Generic PUP.x!cbv!41C657ED6C42
q9.s_105021!EC39D39C6609
RDN/Generic.dx!dbj!476024011E9D
RDN/Generic.bfr!hb!9E0EBCA24736
q9.s_105021!F764359713CE
Generic PUP.x!5C624216D9D5
q9.s_105021!7B45444EED82
RDN/Generic PUP.x!DF667A68C45B
q9.s_105021!9ECEBA1985D0
RDN/Generic.bfr!hb!27DAF7F97E05
Generic.bfr!0A8ED8B313B0
RDN/Generic BackDoor!ya!F6A138126902
Generic.bfr!89D73B696745
RDN/Generic.dx!FC4AF9AB24DA
q9.s_105021!7E35C2C7D78F

Phishing

Vulnerebility

Exploit

McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities

Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow

Adem 0.5.1 - Local File Inclusion

GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection

Wordpress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities

NTP ntpd monlist Query Reflection - Denial of Service

Symantec Endpoint Protection Manager 12.1.x - SEH Overflow POC

25.4.2014

Bugtraq

[security bulletin] HPSBMU03020 rev.1 - HP Version Control Agent (VCA) and Version Control Repository Manager (VCRM) running OpenSSL on Linux and Windows, Remote Disclosure of Information 2014-04-24
security-alert hp com

[security bulletin] HPSBPI03014 rev.1 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers, Remote Disclosure of Information 2014-04-24
security-alert hp com

[security bulletin] HPSBHF03021 rev.1 - HP Thin Client with ThinPro OS or Smart Zero Core Services, Running OpenSSL, Remote Disclosure of Information 2014-04-24
security-alert hp com

[security bulletin] HPSBHF03006 rev.1 - HP Integrated Lights-Out 2 (iLO 2) Denial of Service 2014-04-24
security-alert hp com

Birebin.com Android App SSL certificate validation weakness 2014-04-24
harun esur sceptive com

Misli.com Android App SSL certificate validation weakness 2014-04-24
harun esur sceptive com

Weak firmware encryption and predictable WPA key on Sitecom routers 2014-04-24
roberto paleari emaze net

Malware

q9.s_105018!EB4BF277ADCD
q9.s_105018!1C066584588E
Generic.dx!952B5E8899BA
q9.s_105018!09CC5A6507AF
q9.s_105018!099C5F3EA8F2
q9.s_105018!6BADED7E9BF7
q9.s_105018!24C0BDA9FADE
Generic PUP.x!0889B1E847ED
Generic.bfr!6A047BD6F5D4
RDN/Generic BackDoor!69114194E654
q9.s_105018!C6A106C31C6B
q9.s_105018!CE5626A10406
q9.s_105018!758DFE49B50B
q9.s_105018!B6F17C2916AC
RDN/PWS-Banker!4519BF4A6D40
q9.s_105018!AA9031CF3A7A
q9.s_105018!E09BF19BEDC1
q9.s_105018!CEDFE316707D
RDN/Generic PWS.y!zh!38B7EA4F4A38
q9.s_105018!B3112FC886E0
q9.s_105018!F6A4B683695F
q9.s_105018!671950091656
q9.s_105018!523F06433325
q9.s_105018!A143365C9DDF
RDN/Generic PUP.x!cbr!BB428DF4E84A
RDN/Generic.dx!dbg!4BAA6121E8D5
q9.s_105018!1EA2358969FC
q9.s_105018!C11867346F88
q9.s_105018!0D6CD2185A9D
RDN/Generic.bfr!ha!29C87A24F792

Phishing

Apple ID	24th April 2014
WARNING ! : YOU MUST VERIFY YOUR ACCOUNT!
Barclays	24th April 2014
* * BARCLAYS.BANK.ONLINE..

Vulnerebility

Exploit

Bonefire v.0.7.1 - Reinstall Admin Account Exploit

dompdf 0.6.0 (dompdf.php, read param) - Arbitrary File Read

WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion

AlienVault 4.3.1 - Unauthenticated SQL Injection

24.4.2014

Bugtraq

[security bulletin] HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information 2014-04-23
security-alert hp com

[security bulletin] HPSBMU02995 rev.5 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-23
security-alert hp com

CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive 2014-04-23
Portcullis Advisories (advisories portcullis-security com)

AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability 2014-04-23
Vulnerability Lab (research vulnerability-lab com)

CVE-2014-2383 - Arbitrary file read in dompdf 2014-04-23
Portcullis Advisories (advisories portcullis-security com)

CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive 2014-04-23
Portcullis Advisories (advisories portcullis-security com)

SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances 2014-04-23
SEC Consult Vulnerability Lab (research sec-consult com)

[SECURITY] [DSA 2808-2] openjpeg regression update 2014-04-22
Raphael Geissert (geissert debian org)

[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

Malware

StartPage-NY!46F2D56AF5DA
Generic PUP.x!65278A193EB1
RDN/Generic PUP.x!cb3!60B2B8F48DBC
RDN/Generic PUP.x!cb3!60AD23211BD7
RDN/Generic PUP.x!cb3!F0CC294B963F
Generic PUP.x!C096F7634D4C
RDN/Generic PUP.x!cb3!252F6955F1BD
RDN/Generic PUP.x!cb3!35ED7296D8FF
Generic.bfr!60C1330CC27C
RDN/Generic PUP.x!cb3!4F29B40FAE80
RDN/Generic PUP.x!cb3!34944EE6B643
RDN/Generic.bfr!60B2197E2168
Generic PUP.x!C907FC075DA0
RDN/Generic PUP.x!cb3!613D6A80C043
RDN/Generic PUP.x!cb3!0B7767D99DFA
RDN/Generic Dropper!uh!EFF729BB6616
RDN/Generic PUP.x!cb3!1B3B01D4F720
Generic.bfr!6077F155B0FB
Generic PUP.x!922C02AE46CD
RDN/Generic PUP.x!cb3!6140DBF049EE
Generic PUP.x!47A7917AD58F
Generic PUP.x!67DF2556B471
RDN/Generic PUP.x!cb3!5FD1D20DC1F4
RDN/Generic PUP.x!cb3!AA7456E9F772
RDN/Generic PUP.x!cb3!608113C06A15
RDN/Generic PUP.x!cb3!47C1A188ED1F
Generic PUP.x!F00BE835330B
RDN/Generic.bfr!gz!613D3EC91A6A
RDN/Generic PUP.x!cb3!60191C682F95
RDN/Generic.bfr!1C1C7407B2FF

Phishing

Tesco	23rd April 2014
CUSTOMER SATISFACTION SURVEY
Service Update	23rd April 2014
WARNING! SOME INFORMATION ON YOUR ACCOUNT APPEARS TO BE MISSING OR INCORRECT.?
Dear Client.	23rd April 2014
YOUR ACCOUNT HAS BEEN TEMPORARILY SUSPENDED .
Nationwide	23rd April 2014
Account Review

Vulnerebility

Exploit

Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support

Acunetix 8 build 20120704 - Remote Stack Based Overflow

Bonefire v.0.7.1 - Reinstall Admin Account Exploit

23.4.2014

Bugtraq

APPLE-SA-2014-04-22-2 iOS 7.1.1 2014-04-22
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-04-22-3 Apple TV 6.1.1 2014-04-22
Apple Product Security (product-security-noreply lists apple com)

APPLE-SA-2014-04-22-1 Security Update 2014-002 2014-04-22
Apple Product Security (product-security-noreply lists apple com)

[SECURITY] [DSA 2911-1] icedove security update 2014-04-22
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBMU03018 rev.1 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

[security bulletin] HPSBMU03017 rev.1 - HP Software Connect-IT running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

[security bulletin] HPSBMU03019 rev.1 - HP Software UCMDB Browser and Configuration Manager running OpenSSL, Remote Disclosure of Information 2014-04-22
security-alert hp com

Malware

Generic.dx!CBC4A7701FF9
RDN/Generic PUP.x!cb3!B7FAFA412568
Generic PUP.x!DD1A5171616F
RDN/Generic PUP.x!cb3!B7CF0EB0C75A
Generic PUP.x!FDB6DE4306A4
RDN/Generic PWS.y!zg!3B9A851ABB0D
RDN/Generic.tfr!dz!3269E9D28891
RDN/Generic PUP.x!cb3!4CFFB09B2FC2
RDN/Generic PUP.x!cb3!ABCD4FE6CA29
Generic PUP.x!EA599D14CD99
RDN/Generic PUP.x!cb3!2FED9D7617DB
RDN/Generic.bfr!FCF139FD988D
RDN/Hybris.kit!a!4AF5839BBA00
Generic PUP.x!B0DA62BC3E00
Generic PUP.x!40A70C14DAEE
RDN/Generic.bfr!gy!26D948AB6343
W32/Pate.b!1C0F0A58A7F4
Generic PUP.x!E538CFAC58D8
RDN/Generic PUP.x!cb3!8C3280DC3F49
RDN/Generic.bfr!gy!B1205BAE32CD
RDN/Generic.bfr!gf!0EBE9EE5028F
RDN/Generic.bfr!gf!1504D5903D08
RDN/Generic PUP.x!cb3!33A4684E4FB6
W32/Fujacks!A3A834E4C5C7
Generic.dx!E13047947714
RDN/Generic PUP.x!cb3!298AE814A5A6
Generic PUP.x!40798576C08A
RDN/Generic.tfr!dz!CE9340AA2710
RDN/Generic PUP.x!EF2FEFCA6EFD
RDN/Generic.tfr!dz!E5D9D345D426

Phishing

Vulnerebility

Exploit

Sixnet Sixview 2.4.1 - Web Console Directory Traversal

No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key

kitForm CRM Extension 0.43 (sorter.php, sorter_value param) - SQL Injection

22.4.2014

Bugtraq

[SECURITY] [DSA 2901-3] wordpress regression update 2014-04-21
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2895-2] prosody regression update 2014-04-20
Luciano Bello (luciano debian org)

Multiple Vulnerabilities in MODX Revolution < = MODX 2.2.13-pl 2014-04-19
craig arendt stratumsecurity com

Blind SQL Injection Vulnerability in KnowledgeTree <= 3.7.0.2 2014-04-19
craig arendt stratumsecurity com

[security bulletin] HPSBMU02994 rev.2 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information 2014-04-19
security-alert hp com

[SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability 2014-04-19
Brett Porter (brett apache org)

[SECURITY] [DSA 2901-2] wordpress regression update 2014-04-18
Thijs Kinkhorst (thijs debian org)

[security bulletin] HPSBMU03012 rev.1 - HP Insight Management VCEM Web Client SDK (VCEMSDK) running OpenSSL, Remote Disclosure of Information 2014-04-18
security-alert hp com

[security bulletin] HPSBMU02995 rev.4 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-18
security-alert hp com

[SECURITY] [DSA 2910-1] qemu-kvm security update 2014-04-18
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2909-1] qemu security update 2014-04-18
Salvatore Bonaccorso (carnil debian org)

[SECURITY] CVE-2013-2251: Apache Archiva Remote Command Execution 2014-04-19
Brett Porter (brett apache org)

Remote Command Injection in Ruby Gem sfpagent 0.4.14 2014-04-18
Larry W. Cashdollar (larry0 me com)

[SECURITY] [DSA 2908-1] openssl security update 2014-04-17
Raphael Geissert (geissert debian org)

Security advisory for Bugzilla 4.5.3, 4.4.3, 4.2.8, and 4.0.12 2014-04-17
LpSolit gmail com

[security bulletin] HPSBMU02995 rev.3 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02998 rev.2 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) 2014-04-17
security-alert hp com

[ MDVSA-2014:079 ] json-c 2014-04-17
security mandriva com

[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02935 rev.2 - HP LoadRunner Virtual User Generator, Remote Code Execution, Disclosure of information 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02988 rev.1 - HP Universal Configuration Management Database, Disclosure of Information 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02982 rev.1 - HP Database and Middleware Automation, Disclosure of Information 2014-04-17
security-alert hp com

[security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-17
security-alert hp com

D-Link DAP-1320 Wireless Range Extender Directory Traversal and XSS Vulnerabilities 2014-04-17
kyle Lovett (krlovett gmail com)

[security bulletin] HPSBMU02987 rev.1 - HP Universal Configuration Management Database Integration Service, Remote Code Execution 2014-04-17
security-alert hp com

[security bulletin] HPSBMU02996 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code 2014-04-16
security-alert hp com

Buggy insecure "security" software executes rogue binary during installation and uninstallation 2014-04-16
Stefan Kanthak (stefan kanthak nexgo de)

CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server 2014-04-16
Portcullis Advisories (advisories portcullis-security com)

[SECURITY] [DSA 2907-1] Announcement of long term support for Debian oldstable 2014-04-16
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:078 ] asterisk 2014-04-16
security mandriva com

Malware

Generic.bfr!35129A2B7E30
RDN/Generic BackDoor!xx!7B91C5FE92B9
Generic PUP.x!A6500816AA4B
Generic.bfr!33B0224D5BA4
Generic.bfr!38158E58CAD3
RDN/Generic.bfr!gy!2B12C06A1D75
RDN/Generic.bfr!91EE5232C984
RDN/Generic PUP.x!cbc!0CF95BA4E398
RDN/Generic.bfr!gy!2BBD42F0092C
Generic.bfr!34F614E6E543
RDN/Generic BackDoor!1589EA5207EE
RDN/Generic PUP.x!cbc!18D4A589811C
Generic.bfr!3826350E9A72
Generic.bfr!37C9EBAF812B
Generic.bfr!3804203BF91F
Generic.bfr!3558E34A5A62
RDN/Generic PUP.x!cbc!54DF10F5D7B4
Generic.bfr!381C28F10683
RDN/Generic.bfr!6D80A7553940
RDN/Generic PUP.x!cbc!4CD9C9EB5FC8
Generic.bfr!332AB5CA33B7
RDN/Generic.bfr!gy!85BA101D6A19
RDN/Generic.bfr!gz!30DB7E2467B1
RDN/Generic PUP.x!cbc!A93E16256DE6
Generic.bfr!34EB8099D961
RDN/Generic PUP.x!cbc!D4349F5C692D
Generic.bfr!2E12E902581B
Generic.bfr!AAD3C46509A2
RDN/Generic PUP.x!cbc!4FB6462C7296
RDN/Generic PUP.x!cbc!1CF64C2B3AF2

Phishing

Natwest	21st April 2014
NATWEST OFFERS YOU A BONUS
Dear Client.	21st April 2014
YOUR ACCOUNT HAS BEEN TEMPORARILY SUSPENDED .
Barclays Bank Plc	21st April 2014
Please Unflag Your Barclays Accounts
MBNA	18th April 2014
YOUR MBNA/VIRGIN CARD..
Chase	18th April 2014
IMPORTANT MESSAGE FROM CHASE

Vulnerebility

Exploit

Adobe Flash Player Regular Expression Heap Overflow

SAP Router - Timing Attack Password Disclosure

Teracom Modem T2-B-Gawv1.4U10Y-BI - CSRF Vulnerability

17.4.2014

Bugtraq

[SECURITY] [DSA 2907-1] Announcement of long term support for Debian oldstable 2014-04-16
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:078 ] asterisk 2014-04-16
security mandriva com

[CORE-2014-0003] - SAP Router Password Timing Attack 2014-04-16
CORE Advisories Team (advisories coresecurity com)

[SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7 2014-04-16
webmaster josephzeng com

[Security Advisory] Stored Cross Site Scripting in Ektron CMS 8.7 2014-04-16
webmaster josephzeng com

ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities 2014-04-16
Security Alert (Security_Alert emc com)

[security bulletin] HPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises Software), Running OpenSSL, Remote Disclosure of Information 2014-04-16
security-alert hp com

SQL Injection in mAdserve 2014-04-16
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-2735 - WinSCP: missing X.509 validation 2014-04-16
Micha Borrmann (micha borrmann syss de)

[SECURITY] [DSA 2905-1] chromium-browser security update 2014-04-16
Michael Gilbert (mgilbert debian org)

Malware

RDN/Generic PUP.x!bzw!DD65E7C49E9D
RDN/Generic PUP.x!bzw!CA7FCF6BFAC4
Generic PUP.x!220090B85E2B
RDN/Generic PWS.y!ze!2B21F38E19FE
Generic.bfr!A9364122DB0C
RDN/Generic PUP.x!bzw!48FD2EE78379
RDN/Generic PUP.x!bzw!3C6D11423297
Generic PUP.x!1E1B19288276
Generic PUP.x!DA081F4DC549
Generic PUP.x!29E9DC26EF73
Generic PUP.x!96625FD13F56
Generic PUP.x!76C7AFE36883
Generic PUP.x!62BEBB5ECE80
Generic PUP.x!8277EA469CC8
RDN/Generic BackDoor!3774B700C629
Generic PUP.x!D0A87A0F7810
RDN/Generic PUP.x!bzw!36DF9747F557
RDN/Spybot.bfr!B70079A52842
Generic PUP.x!B1995FFCD3A0
Generic PUP.x!5D562C54EFF6
RDN/Generic PUP.x!bzw!27A613BF0902
Generic PUP.x!D975614CB3A0
Generic PUP.x!8C06D1ACF437
Generic PUP.x!B4D15B4CB7A0
RDN/Generic PUP.x!A47D6F67BE9F
Generic PUP.x!0A62B729EE42
RDN/Generic PUP.x!bzw!83E053030AC4
W32/Sdbot.worm!7E735FDF0862
RDN/Downloader.a!pz!29107EFB9690
RDN/Generic PUP.x!bzw!F23BE4276A9D

Phishing

Vulnerebility

Exploit

MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free

16.4.2014

Bugtraq

[SECURITY] [DSA 2904-1] virtualbox security update 2014-04-15
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information 2014-04-15
security-alert hp com

[SECURITY] CVE-2014-0111 Apache Syncope 2014-04-15
Francesco Chicchiriccò (ilgrosso apache org)

RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160 2014-04-14
Ruckus Product Security Team (security ruckuswireless com)

VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own) 2014-04-14
VUPEN Security Research (advisories vupen com)

[SECURITY] [DSA 2903-1] strongswan security update 2014-04-14
Moritz Muehlenhoff (jmm debian org)

PDF Album v1.7 iOS - File Include Web Vulnerability 2014-04-14
Vulnerability Lab (research vulnerability-lab com)

Malware

Generic PUP.x!A1A6C8335AE1
Generic PUP.x!240E7127CAA7
Generic Downloader.x!B7910320D00A
Generic PUP.x!19AFA7066E57
RDN/Generic PUP.x!bzp!8D921007BCAB
Generic PUP.x!F844FBA4F882
Generic PUP.x!2AA958169F15
RDN/Generic.bfr!gv!C9B382DCB5D4
RDN/Generic.bfr!gv!EC4E83CE0A77
Generic PUP.x!E2EAC351FA35
Generic PUP.x!3B5B9BB262F5
RDN/Generic PUP.x!bzp!FC781C33472F
RDN/Generic PUP.x!bzp!2815D329BAD5
RDN/Generic Dropper!uf!457228228207
Generic PUP.x!77679D973EB6
Generic PUP.x!8480093F96A9
RDN/Generic PUP.x!bzp!C4458C4B7CDE
Downloader.gen.a!738F858DBD38
RDN/Generic PUP.x!bzp!D4479B0A9F49
Generic PUP.x!D86FC2AF37A1
RDN/Generic PUP.x!bzp!1469EF91EFA5
Generic PUP.x!80E2BAF0F5C6
Generic.bfr!ECBACFA82AFA
Generic PUP.x!8AF1ECC67E45
RDN/Generic PUP.x!7CB77D8ECED9
Generic.tfr!31C2255D6751
RDN/Generic.bfr!gv!ECC2D5826E26
Generic PUP.x!301E94758B71
Generic PUP.x!F9A755CA00C6
RDN/Generic PUP.x!bzp!1682110C691B

Phishing

REGIONS BANK	16th April 2014
Security Change To Your Online Banking Profile
BT Yahoo Mail	14th April 2014
Account Verification
Linda Spells	14th April 2014
RE: ATTENTION: ACCOUNT RESTRICTED

Vulnerebility

Exploit

Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE

Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution

NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities

Xerox DocuShare - SQL Injection

13.4.2014

Bugtraq

ESA-2014-026: EMC Documentum Content Server Information Disclosure Vulnerability 2014-04-11
Security Alert (Security_Alert emc com)

ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks 2014-04-11
Security Alert (Security_Alert emc com)

ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability 2014-04-11
Security Alert (Security_Alert emc com)

ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing Vulnerability 2014-04-11
Security Alert (Security_Alert emc com)

Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue 2014-04-11
Vulnerability Lab (research vulnerability-lab com)

SEC Consult SA-20140411-0 :: Multiple vulnerabilities in Plex Media Server 2014-04-11
SEC Consult Vulnerability Lab (research sec-consult com)

[security bulletin] HPSBMU02995 rev.1 - HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-11
security-alert hp com

[SECURITY] [DSA 2900-1] jbigkit security update 2014-04-10
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:076 ] a2ps 2014-04-10
security mandriva com

OWASP ZAP 2.3.0 2014-04-10
psiinon (psiinon gmail com)

Sendy 1.1.9.1 - SQL Injection Vulnerability 2014-04-10
marduk369 gmail com

[ MDVSA-2014:075 ] php 2014-04-10
security mandriva com

BlueMe Bluetooth v5.0 iOS - Code Execution Vulnerability 2014-04-10
Vulnerability Lab (research vulnerability-lab com)

iVault Private P&V 1.1 iOS - Path Traversal Vulnerability 2014-04-10
Vulnerability Lab (research vulnerability-lab com)

AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability 2014-04-10
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2899-1] openafs security update 2014-04-09
Thijs Kinkhorst (thijs debian org)

[SECURITY] [DSA 2898-1] imagemagick security update 2014-04-09
Moritz Muehlenhoff (jmm debian org)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2014-04-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[ MDVSA-2014:073 ] file 2014-04-09
security mandriva com

[ MDVSA-2014:070 ] yaml 2014-04-09
security mandriva com

[ MDVSA-2014:072 ] php-ZendFramework 2014-04-09
security mandriva com

[ MDVSA-2014:071 ] yaml 2014-04-09
security mandriva com

[ MDVSA-2014:069 ] perl-YAML-LibYAML 2014-04-09
security mandriva com

[ MDVSA-2014:068 ] openssh 2014-04-09
security mandriva com

SQL Injection in Orbit Open Ad Server 2014-04-09
High-Tech Bridge Security Research (advisory htbridge com)

Ð¡ross-Site Request Forgery (CSRF) in XCloner Standalone 2014-04-09
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-0160 mitigation using iptables 2014-04-09
Fabien Bourdaire (lists ecsc co uk)

[ MDVSA-2014:067 ] openssl 2014-04-09
security mandriva com

Cisco Security Advisory: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products 2014-04-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

Generic.bfr!C047E34DDE75
StartPage-NY!24B3F9B4CDA2
RDN/Generic.bfr!42FDD3B7953B
Generic.bfr!C09C0D4C218D
Generic.bfr!3D2B9AECC8C8
Generic.bfr!0F868CB52202
Adware-FFN!33A333319A6B
Generic.bfr!09B5676E4579
Generic.bfr!BBDD9902881C
Generic.dx!339D728BEA78
Generic.bfr!1A2F56EA1536
RDN/Generic.bfr!gu!C084B6E43002
RDN/Generic.bfr!gu!C0A6470E8916
RDN/Generic.bfr!gu!6393677B46DE
RDN/Generic.bfr!gu!C0C7E4CCD8B8
Generic.bfr!BAA06577B7BC
RDN/Generic.bfr!gu!9B69F4336EA6
RDN/Generic.bfr!gu!E316330276A0
RDN/Generic.bfr!gu!D5ECB1041720
RDN/Generic.bfr!gu!B58BDF9DFEC5
RDN/Generic.bfr!CB75B9FA6DEA
RDN/Generic.bfr!gu!1A5994F205AD
RDN/Generic.bfr!gu!99F17568919A
RDN/Generic PUP.x!bzl!617FDBA6DB01
RDN/Generic PUP.x!bzl!3D76C1877F21
Generic.bfr!3C748870C1EC
RDN/Generic PUP.x!55BBC49E4458
RDN/Generic.bfr!gu!5C64E1807536
RDN/Generic.bfr!6649A570A523
RDN/Generic PUP.x!863E49053C27

Phishing

Microsoft	13th April 2014
Dear Westpac Customer,
Halifax	12th April 2014
OFFICIAL NOTIFICATION FROM HALIFAX BANK
AKIN BADMUS	12th April 2014
RE:SECURE THIS OFFER!!!
eBay	12th April 2014
Your question from an eBay member
Barclays Bank PLC	11th April 2014
YOUR ACCOUNT HAS BEEN FLAGGED !
www.apple.com	11th April 2014
The important updates !
PayPal	10th April 2014
Update Your information

Vulnerebility

Exploit

CubeCart 5.2.8 - Session Fixation

Microweber CMS 0.93 - CSRF Vulnerability

8.4.2014

Bugtraq

MacOSX/XNU HFS Multiple Vulnerabilities 2014-04-07
submit cxsec org

Pearson eSIS Enterprise Student Information System SQL Injection 2014-04-06
tudor enache helpag com

Pearson eSIS Enterprise Student Information System Stored XSS 2014-04-06
tudor enache helpag com

[SECURITY] [DSA 2894-1] openssh security update 2014-04-05
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2895-1] prosody security update 2014-04-05
Luciano Bello (luciano debian org)

Call for Papers 2014-04-05
education crownjournal org

Malware

Generic PUP.x!2A89A902E235
Generic PUP.x!A74099059E0E
RDN/Generic BackDoor!xs!3D137B3AB5AA
RDN/Generic.bfr!06AF0BCDC3EE
RDN/Generic.bfr!973B72E921B0
Generic.tfr!06B4C815FB9F
Generic PUP.x!AABD33AD11EC
RDN/Generic.bfr!F966997C16CD
RDN/Downloader.a!pv!A8C2D6E7E543
RDN/Generic PWS.y!zb!A6ACDDFB266E
Generic PUP.x!A6BC11F8BE73
RDN/Generic.bfr!gr!A6C8B314874E
RDN/PWS-Lineage!bf!05DD45A56DB1
Generic.tfr!A6B165F6B6BE
RDN/Generic.dx!d2o!064E70AF2DD1
Generic PUP.x!40541C0CBA78
RDN/Generic PWS.y!zb!A20DA976AAA5
RDN/Generic PUP.x!b2v!9EE0433268B6
Generic.dx!AE026B57987E
RDN/Generic PUP.x!b2b!9EDB559657EF
Generic.tfr!083CF144A090
RDN/Downloader.a!pv!07E86CA7054D
RDN/Generic BackDoor!D08C63A6D713
RDN/Downloader.a!pv!A4F5DA82999C
RDN/Generic.bfr!gr!A0C59CC3E9A2
RDN/Generic PWS.y!zb!04CAB1859D9D
RDN/PWS-Banker!A5438D923670
RDN/Generic.bfr!9EE3C58CC835
Generic PUP.x!504AC1DDC43A
Generic.bfr!3AE58B1E701B

Phishing

CreditCardOnline	8th April 2014
Credit card security - NatWest
NatWest	8th April 2014
ACCESS TO ONLINE BANKING SERVICE
Lucy Snell	8th April 2014
Lloyds Packaged Current Account Visits Available
Lloyds	8th April 2014
Irregular activity on your Lloyds Debit Card
HALIFAX BANK UK	8th April 2014
HALIFAX BILLS MINIMUM PAYMENT IS DUE

Vulnerebility

Exploit

XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities (XSS & CSRF)

JIRA Issues Collector Directory Traversal

7.4.2014

Bugtraq

CA20140403-01: Security Notice for CA Erwin Web Portal 2014-04-03
Kotas, Kevin J (Kevin Kotas ca com)

ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

Malware

RDN/Generic PUP.x!b2t!AC24489522EB
RDN/Generic PUP.x!b2t!00BD739F3453
RDN/Generic PUP.x!b2t!975201FBB44C
RDN/Generic PUP.x!b2t!14F6E5B74B83
RDN/Generic PUP.x!b2t!2F0A0B8C3326
RDN/Downloader.a!pv!A0A3CD4C1684
RDN/Generic PUP.x!b2t!AE6D379A4F23
Generic PUP.x!3CFD69A7602B
Generic PUP.x!EAAE74DC4244
Generic PUP.x!298FE4BD760F
Generic PUP.x!14AC7EFDE352
Generic PUP.x!F743262265C8
Generic PUP.x!90E07CA5E793
Generic Downloader.x!ECC5081351FA
Generic PUP.x!841B705F9E6A
RDN/Generic PUP.x!b2t!827D6BDE6DA5
RDN/Generic.dx!d2n!CFB72747D3E6
Generic PUP.x!86D8B70A96E4
Generic PUP.x!22A78D5EFD78
Generic PUP.x!3217023256DD
Generic PUP.x!2370C9FC2907
Generic PUP.x!6A0E745943E6
Generic PUP.x!E7B8AAEFE25A
Generic PUP.x!10B040338431
Generic PUP.x!EAA41DB5C250
Generic PUP.x!0B3A89E94681
Generic PUP.x!3BF09BCEA21D
RDN/Generic PUP.x!BC679FE0ECFB
Generic PUP.x!BCD2712F4D9F
Generic PUP.x!0B06EBE4FFEB

Phishing

Barclays Bank	7th April 2014
Important Notice On Your Account
HALIFAX Bank	7th April 2014
New Security Message
Barclays	7th April 2014
Account Review
Lloyds	7th April 2014
ALERT - BANKING SERVICES RESTRICTED
Barclays	7th April 2014
Barclays Important Message - Security & Privacy
Congratulations-CITIBank Accep	7th April 2014
Congratulations! jmcrews@aol.com CITIBank approval notice
National	7th April 2014
NatWest Bank Alert: Unauthorized Access On Your Account.
NatWest	6th April 2014
Access to Online Banking Service !
Barclays Bank Plc	6th April 2014
New Payment Notification From Barclays Bank Plc!
NatWest	6th April 2014
NatWest Online Banking Security
Natwest	6th April 2014
UPDATES AND CONFIRMATION TO YOUR ACCOUNT
Co-operative Bank Plc	6th April 2014
New Payment Notification From Co-operative Bank Plc.
Blizzard Entertainment	6th April 2014
World of Warcraft - Account Investigation
PayPal	6th April 2014
UPDATE YOUR INFORMATION
MBNA credit card	6th April 2014
* CACTUS * your official notification from MBNA credit card
Regions	6th April 2014
Regions - Update Your Online Banking Information
NatWest	6th April 2014
NatWest Bank Alert: Unauthorized Access On Your Account.
Eve	6th April 2014
APPLICATION FOR THE POSITION OF OUTDOOR SALES EXECUTIVE, MARKETING EXECUTIVE, BUSINESS DEVELOPMENT EXECUTIVE
O2	6th April 2014
Your O2 username
NatWest Credit Card	6th April 2014
ONLINE SERVICES - ACCOUNT LOCKED
Verizon	5th April 2014
Verizon Notification ID : FCWWUPLSXC
NatWest Credit Card	5th April 2014
* * ONLINE SERVICES - ACCOUNT LOCKED
Pay Pal	5th April 2014
NOTICE OF POLICY UPDATES
Barclays Bank PLC	5th April 2014
Your Account Has Been Flagged

Vulnerebility

Exploit

4.4.2014

Bugtraq

ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities 2014-04-03
Security Alert (Security_Alert emc com)

[security bulletin] HPSBHF02981 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO2, iLO3, iLO4), IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) 2014-04-03
security-alert hp com

[softScheck] Denial of Service in Microsoft Office 2007-2013 2014-04-03
Lubomir Stroetmann (lubomir stroetmann softscheck com)

Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability 2014-04-03
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic.bfr!gi!10D04F9E0DD9
RDN/Generic.bfr!0ED19411EE02
RDN/Generic.bfr!gi!052040AEC1AF
RDN/Generic.bfr!gi!0FB26BA3D0B5
RDN/Generic.bfr!gi!033ACD2195C6
RDN/Generic.bfr!gi!169308FD40D3
RDN/Generic.bfr!gi!0378CBBE0611
RDN/Generic.bfr!go!046C483538C4
Generic PUP.x!296EBA8CDBC9
RDN/Generic.bfr!gi!0692DA9B1D6B
RDN/Generic.bfr!go!16F6BDFDE098
RDN/Generic.bfr!go!05C9627BA208
RDN/Generic.bfr!gi!1B70B4077794
RDN/Generic PUP.x!b2g!293FAFDFECF8
Generic PUP.x!E68F4D835F23
RDN/Generic.bfr!gi!09AB76029919
RDN/Generic.bfr!go!14E66A0EF87A
RDN/Generic.bfr!go!070CEA8A8241
RDN/Generic.bfr!gi!064C64D45DD2
RDN/Generic PUP.x!b2g!E68180334ADF
Generic PUP.x!2975590ED429
Generic.tfr!2976A393F1B9
RDN/Generic.bfr!go!0F6B0644EE9B
RDN/Generic PUP.x!b2g!E67DA7773FAB
Generic PUP.x!A529C00AD44B
PUP-FID!E6735C0550B5
RDN/Generic PUP.x!b2g!E67ED722DC20
RDN/Generic.tfr!dx!F2116F0064A6
RDN/Generic PUP.x!b2g!F606A822543A
RDN/Generic.bfr!go!0034C74FFDE0

Phishing

Vulnerebility

Exploit

Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects

3.4.2014

Bugtraq

[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability 2014-04-02
Florent Daigniere (florent daigniere trustmatta com)

Ð¡ross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin 2014-04-02
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic PUP.x!917DA1F34FB8
Generic PUP.x!3F7B145F06CD
Downloader.gen.a!10FAEAB55EE9
Generic PUP.x!972D907586D7
Generic PUP.x!CC57CFF205B1
Downloader.gen.a!EEB3B1FAF8B0
Generic PUP.x!6951B93FC45A
RDN/Generic PWS.y!za!0E82B2A9E737
RDN/Generic PUP.x!bxx!4C7F84E7DD19
Downloader-FYH!855FDCE4A806
RDN/Generic PUP.x!bxx!67A0EBED8E7D
Generic PUP.x!D4185BECDD7F
RDN/Generic PUP.x!bxx!541DB675FA78
RDN/Generic PUP.x!bxx!761565561A48
RDN/Generic PUP.x!bxx!144484B739E5
RDN/Generic PUP.x!bxx!EDC34C5598A3
Generic PUP.x!DBEBF0B18622
Generic PUP.x!CC194EE1DC5A
Generic PUP.x!EFA2DF6B46DF
Generic PUP.x!93C30493BB81
Generic PUP.x!37B752BD5CD9
Generic PUP.x!1780BD6DE159
Generic PUP.x!ECD240095230
Generic PUP.x!4D098BC3639F
Generic PUP.x!94D4B4CDC085
Generic PUP.x!DF5ABA91F517
Generic PUP.x!E73A1A08EC5A
Generic PUP.x!FDDEC10DD472
Generic PUP.x!F8E95DBB57CF
Generic PUP.x!E825FF83571F

Phishing

Vulnerebility

Exploit

2.4.2014

Bugtraq

[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability 2014-04-02
Florent Daigniere (florent daigniere trustmatta com)

Ð¡ross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin 2014-04-02
High-Tech Bridge Security Research (advisory htbridge com)

SEC Consult SA-20140402-0 :: Multiple vulnerabilities in Rhythm File Manager 2014-04-02
SEC Consult Vulnerability Lab (research sec-consult com)

iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities 2014-04-02
Vulnerability Lab (research vulnerability-lab com)

APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3 2014-04-01
Apple Product Security (product-security-noreply lists apple com)

[IMF 2014] Call for Participation 2014-04-01
Oliver Goebel (goebel cert uni-stuttgart de)

Malware

RDN/Generic PUP.x!bxt!9B081DB4578F
RDN/Generic.bfr!gf!9B3515642B5E
RDN/Generic PUP.x!bxt!9AFDABFA3D74
RDN/Generic PUP.x!bxt!9AEF93192B58
RDN/Generic PUP.x!bxt!9AF5736DE71D
RDN/Generic PUP.x!bxt!9AEC6DC2B356
RDN/Generic PUP.x!bxt!9AEE1BBA2A86
RDN/Generic PUP.x!bxt!9AFE0577B1B7
RDN/Generic.bfr!gf!1563211B5158
RDN/Generic PUP.x!bxt!9B0EB48940A7
RDN/Generic PUP.x!bxt!9B13FC3948E0
RDN/Generic PUP.x!bxt!9AE8B0A9A1DB
RDN/Generic PUP.x!bxt!9AEEC4BD35DD
Generic PUP.x!119B529F4A5E
RDN/Generic PUP.x!bxt!9AF7CF60A71C
RDN/Generic PUP.x!bxt!9AF9C8C2AF54
DirectDownminer!9B2F8436298B
RDN/Generic PUP.x!bxt!9AE0B347E7D5
RDN/Generic PUP.x!bxt!9B13AE49B8BA
RDN/Generic PUP.x!bxt!9AE2445060CF
RDN/Generic PUP.x!bxt!9B0E9E437755
RDN/Generic PUP.x!bxt!9AD3D04BE03A
RDN/Generic PUP.x!bxt!9AEB064FB63E
RDN/Generic PUP.x!bxt!9ADF3C1828F6
StartPage-NY!9B2D0E6DBAF0
Generic PUP.x!9B05773325BC
Generic PUP.x!9B1B79A1A266
RDN/Generic PUP.x!bxt!9AE45518C6FF
RDN/Generic PUP.x!bxt!9AE895890F59
RDN/BackDoor-FBSA!a!08C14BFB20DF

Phishing

Vulnerebility

Exploit

1.4.2014

Bugtraq

[SECURITY] [DSA 2891-2] mediawiki regression update 2014-03-31
Thijs Kinkhorst (thijs debian org)

PhonerLite 2.14 SIP Soft Phone - SIP Digest Leak Information Disclosure (CVE-2014-2560) 2014-03-31
Jason Ostrom (jostrom storasec net)

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities 2014-03-31
Vulnerability Lab (research vulnerability-lab com)

PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities 2014-03-31
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2891-1] mediawiki security update 2014-03-30
Thijs Kinkhorst (thijs debian org)

Malware

Generic PUP.x!50D4A36BA7C0
Generic PUP.x!2F4C58DCD882
Generic PUP.x!C78FB76BE4C9
Generic Downloader.sd!4725C040EB7A
Generic PUP.x!EEDA1FE33D22
Generic PUP.x!87308E2DA6CF
Generic PUP.x!5A6342DAD071
Generic PUP.x!93E3A2D8C32F
Generic PUP.x!3C34FB3C1B14
Generic PUP.x!C7582097A087
Generic PUP.x!05855C7D62A3
Generic PUP.x!5117363027C6
Generic PUP.x!535466C10799
Generic PUP.x!1B8188EFBDF9
Generic PUP.x!DA075FD73A00
Generic.bfr!5158F5BD285D
Generic PUP.x!5058D7F4D068
RDN/Generic PUP.x!bxj!3E208CB41B83
RDN/Generic PUP.x!bxj!C659E2A8B55E
RDN/Generic PUP.x!bxj!C6918377E4DF
Generic PUP.x!C03BB1F63B1C
Generic PUP.x!CB13D31C5CFB
Generic PUP.x!7AB14C8733F8
Generic PUP.x!5D695F4FBB93
Generic PUP.x!C4CEAC064B1F
Generic PUP.x!045B70CCBE0F
Generic PUP.x!518D173E741F
Generic PUP.x!E3CF93C31B8F
Generic PUP.x!11A413E12425
Generic PUP.x!B76C29D71CDC

Phishing

Vulnerebility

Exploit

SePortal SQLi Remote Code Execution

PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion

EMC Cloud Tiering Appliance v10.0 Unauthenticated XXE Arbitrary File Read

31.3.2014

Bugtraq

Deutsche Telekom CERT Advisory [DTC-A-20140324-002] update140328 - vulnerabilities in check_mk 2014-03-28
CERT telekom de

iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities 2014-03-28
Vulnerability Lab (research vulnerability-lab com)

[RT-SA-2014-002] rexx Recruitment: Cross-Site Scripting in User Registration 2014-03-27
RedTeam Pentesting GmbH (release redteam-pentesting de)

Malware

Generic.tfr!0A58B2F63A23
Generic.tfr!63B462B3D5A3
RDN/Generic PUP.x!bxh!F9C8C5015A88
Generic PUP.x!AF6D2CB539F7
RDN/Generic PUP.x!CDFE348F7582
RDN/PWS-Mmorpg!ky!9094A4FF86B1
RDN/Generic Downloader.x!423DFAACF336
Generic.dx!8D7E18609222
RDN/Generic.bfr!gn!6D05A95CCAED
RDN/Generic PUP.x!4F83B7B07D2D
RDN/Generic Downloader.x!283B8A94A5A1
RDN/Generic.dx!d2g!9261CEC8A0C3
Generic.dx!B09B4F477F90
RDN/Generic PUP.x!309C015807D1
RDN/Generic Downloader.x!C21D2BF55EB6
RDN/Generic PUP.x!F12CB913DDD7
RDN/PWS-Mmorpg!ky!BABA76129195
RDN/Generic PWS.y!A7E4D2A18299
RDN/Generic PUP.x!68749BDA4BD1
Generic.tfr!D406376B9C1A
RDN/Generic Downloader.x!jz!D1175D1D53F8
Generic PUP.x!B009902A4FF8
RDN/Generic PUP.x!44FAC8844DF5
RDN/Spybot.bfr!EFD931FD7C09
RDN/Generic Downloader.x!FDEEB20412F5
RDN/Generic Downloader.x!EC5D73B8A3AB
RDN/Generic PUP.x!81B7F5498EF7
Generic.tfr!FE46EB4B02D8
RDN/Generic PUP.x!B4BEDB24196F
RDN/Generic.dx!70B99874B22D

Phishing

Vulnerebility

Exploit

30.3.2014

Bugtraq

Deutsche Telekom CERT Advisory [DTC-A-20140324-002] update140328 - vulnerabilities in check_mk 2014-03-28
CERT telekom de

iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities 2014-03-28
Vulnerability Lab (research vulnerability-lab com)

[RT-SA-2014-002] rexx Recruitment: Cross-Site Scripting in User Registration 2014-03-27
RedTeam Pentesting GmbH (release redteam-pentesting de)

[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update 2014-03-27
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2887-1] ruby-actionmailer-3.2 security update 2014-03-27
Moritz Muehlenhoff (jmm debian org)

[security bulletin] HPSBST02968 rev.2 - HP StoreOnce, Remote Unauthorized Access 2014-03-27
security-alert hp com

ePhone Disk v1.0.2 iOS - Multiple Web Vulnerabilities 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

ES746 DELL Support-Bulletin - EMS Vulnerability Resolved 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

My Photo Wifi Share & PS 1.1 iOS - Local Command Injection Vulnerability 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

SEC Consult SA-20140328-0 :: Multiple vulnerabilities in Symantec LiveUpdate Administrator 2014-03-28
SEC Consult Vulnerability Lab (research sec-consult com)

Easy FileManager 1.1 iOS - Multiple Web Vulnerabilities 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

Wireless Drive v1.1.0 iOS - Multiple Web Vulnerabilities 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities 2014-03-27
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] [DSA 2889-1] postfixadmin security update 2014-03-28
Thijs Kinkhorst (thijs debian org)

[oCERT-2014-003] LibYAML input sanitization errors 2014-03-26
Andrea Barisani (lcars ocert org)

ESA-2014-016: EMC VPLEX Multiple Vulnerabilities 2014-03-26
Security Alert (Security_Alert emc com)

[SECURITY] [DSA 2886-1] libxalan2-java security update 2014-03-26
Florian Weimer (fw deneb enyo de)

[SECURITY] [DSA 2885-1] libyaml-libyaml-perl security update 2014-03-26
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2884-1] libyaml security update 2014-03-26
Salvatore Bonaccorso (carnil debian org)

Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516) 2014-03-26
Roee Hay (roeeh il ibm com)

Cisco Security Advisory: Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software SSL VPN Denial of Service Vulnerability 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability 2014-03-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

ESA-2014-015: RSA® Authentication Manager Cross Frame Scripting Vulnerability 2014-03-26
Security Alert (Security_Alert emc com)

VUPEN Security Research - Mozilla Firefox "BumpChunk" Object Processing Use-after-free (Pwn2Own) 2014-03-26
VUPEN Security Research (advisories vupen com)

Malware

Generic PUP.x!3749C44CC820
RDN/Generic PUP.x!bxg!A72A4E0A25B3
RDN/Generic.bfr!gn!AD96F637D91E
Generic Downloader.x!85B56C6907F3
Generic PUP.x!7A8D095E8371
Generic PUP.x!3FBA30F0B964
Generic PUP.x!FF2781D77875
RDN/Generic.bfr!gn!C734F0068C05
Generic PUP.x!03B46FD9A694
Generic Downloader.x!7D2A77388BB7
FakeAV-M.bfr!43A03569274E
Generic PUP.x!83DB9E737602
Generic Downloader.x!5304A89571A6
Downloader.gen.a!F7CEDA399735
Downloader.gen.a!A1CF38DE0EB1
Generic PUP.x!D0FF1F7E9EAA
Generic.tfr!9D8F565217FC
Generic PUP.x!460CDD7771AF
Generic Downloader.x!878A9E41231B
Generic.dx!0A92D42A8C62
Generic PUP.x!3849BA060F41
Generic.tfr!B0DCAEE488B7
Generic.tfr!7FBCD1CB442B
Generic PUP.x!591F1B0EC8B7
RDN/BackDoor-CEP!F8DD49D4704F
Generic.bfr!FC35A0E28C64
Generic Downloader.x!9635DFDE95B6
Downloader.gen.a!21E7E98B3E7C
Generic Downloader.x!FC6C86A7E60A
Generic.tfr!D93D9F2A72C2

Phishing

Vulnerebility

Exploit

AudioCoder 0.8.29 - Memory Corruption (SEH)

ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect Vulnerability

11.3.2014

Bugtraq

APPLE-SA-2014-03-10-2 Apple TV 6.1 2014-03-10
Apple Product Security (product-security-noreply lists apple com)

[ MDVSA-2014:050 ] wireshark 2014-03-10
security mandriva com

APPLE-SA-2014-03-10-1 iOS 7.1 2014-03-10
Apple Product Security (product-security-noreply lists apple com)

Android Vulnerability: Install App Without User Explicit Consent 2014-03-10
Daniel Divricean (divricean gmail com)

[security bulletin] HPSBGN02970 rev.1 - HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability 2014-03-10
security-alert hp com

[SECURITY] [DSA 2872-1] udisks security update 2014-03-10
Moritz Muehlenhoff (jmm debian org)

[SECURITY] [DSA 2871-1] wireshark security update 2014-03-10
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:049 ] subversion 2014-03-10
security mandriva com

[ MDVSA-2014:048 ] gnutls 2014-03-10
security mandriva com

Malware

Generic PUP.x!9D1F6026B065
Generic PUP.x!1A1BE127FDBD
Generic PUP.x!7180FC04B584
RDN/Generic.bfr!ge!CEBFFAC33820
RDN/Generic.bfr!ge!F454D20E83AF
Generic PUP.x!554EB73AC8C8
Generic PUP.x!E223D1330EA2
RDN/Generic.bfr!ge!0A7EE0C42B5B
RDN/Generic.dx!czl!98AF2D4FA89C
Generic PUP.x!ABB14F83464B
Generic PUP.x!8A358B37B7E5
Generic PUP.x!E445C0AA6653
RDN/Generic PUP.x!btz!DDF4B4AD6827
Generic PUP.x!24664064ECA2
Generic PUP.x!058E406DC4C4
RDN/Generic.dx!czl!F27813D293A7
RDN/Generic.bfr!ge!E9EE755CE618
Generic PUP.x!D332FF3BBDA2
RDN/Generic.dx!czl!34E08BEDCD23
Generic PUP.x!2C6C16F27A42
Generic PUP.x!FD3EA9E0BA99
Generic PUP.x!6B5998FD49E1
Generic.bfr!D6B3153753A3
RDN/Generic.bfr!gg!40AB59AED47C
Generic PUP.x!8439B18DB451
Generic PUP.x!BF81D5679793
RDN/Generic PUP.x!btz!372F1964DDC2
Generic.dx!D09780E39566
Generic.bfr!22CCCA2B5D36
Generic.bfr!C29AD5F23E81

Phishing

Regions	11th March 2014
Regions - Update Your Online Banking Information
alerts	10th March 2014
Regions Bank Alert: Account Status Update.

Vulnerebility

Exploit

SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write

Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities

10.3.2014

Bugtraq

[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability 2014-03-07
contact httpcs com

[security bulletin] HPSBUX02963 SSRT101297 rev.1 - HP-UX m4(1), Local Unauthorized Access 2014-03-07
security-alert hp com

SEC Consult SA-20140307-0 :: Unauthenticated access & manipulation of settings in Huawei E5331 MiFi mobile hotspot 2014-03-07
SEC Consult Vulnerability Lab (research sec-consult com)

CVE-2014-2044 - Remote Code Execution in ownCloud 2014-03-06
Portcullis Advisories (advisories portcullis-security com)

SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability 2014-03-06
Vulnerability Lab (admin vulnerability-lab com)

[ANN] Struts 2.3.16.1 GA release available - security fix 2014-03-06
Lukasz Lenart (lukaszlenart apache org)

[slackware-security] sudo (SSA:2014-064-01) 2014-03-06
Slackware Security Team (security slackware com)

Malware

RDN/Generic BackDoor!xi!0FF75C1096E6
Generic PUP.x!84DC1DCFADBF
Generic PUP.x!F0EF550AC1ED
RDN/Generic.dx!czk!FD1F3300D4E4
Generic PUP.x!495FBD71E5E1
Generic PUP.x!6972C4202239
Generic PUP.x!287483159EBE
Generic PUP.x!367C44F78EAA
Generic PUP.x!74218F8116CA
Generic PUP.x!0584C5E10A21
RDN/Generic.bfr!27BE325BA264
RDN/Generic.grp!gz!0B184CB5B7FA
Generic PUP.x!78FDD2B9A14D
RDN/Generic PUP.x!btx!C3A92B5E5FFE
RDN/Sytro.worm!c!AA242A0ACCC9
Generic PUP.x!00088979E043
Generic PUP.x!17C1E806D20F
Generic PUP.x!50CB434D7EFF
Generic PUP.x!08C96FAE756B
Generic.dx!22D56F37ECF5
Generic PUP.x!9FF5E60D544F
Generic PUP.x!785141F5C678
Generic PUP.x!E660D0E29377
Generic PUP.x!10BA356A7F50
Generic PUP.x!45F5D4CCB6BF
Generic PUP.x!F646EC1073E0
Generic PUP.x!ABD60F521DD7
Generic PUP.x!90EF5C07B322
RDN/Generic.bfr!ge!0013CBEAE4BF
Generic PUP.x!932E4B93C7B6

Phishing

Chase Notification (SM)	9th March 2014
New Message From Chase Online (SM)
Apple	9th March 2014
YOUR APPLE ID WAS USED TO SIGN IN TO ICLOUD ON AN
bt.comms@bt.com	9th March 2014
[SUSPECTED ] Important Information About Your Service-Mail Updateâ€?
Royalbankofscotland@rbs.com	8th March 2014
****ALERT MESSAGE FROM ROYAL BANK OF SCOTLAND****

Vulnerebility

Exploit

GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution

ClipSharePro <= 4.1 - Local File Inclusion

8.3.2014

Bugtraq

[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability 2014-03-07
contact httpcs com

[security bulletin] HPSBUX02963 SSRT101297 rev.1 - HP-UX m4(1), Local Unauthorized Access 2014-03-07
security-alert hp com

SEC Consult SA-20140307-0 :: Unauthenticated access & manipulation of settings in Huawei E5331 MiFi mobile hotspot 2014-03-07
SEC Consult Vulnerability Lab (research sec-consult com)

CVE-2014-2044 - Remote Code Execution in ownCloud 2014-03-06
Portcullis Advisories (advisories portcullis-security com)

SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability 2014-03-06
Vulnerability Lab (admin vulnerability-lab com)

[ANN] Struts 2.3.16.1 GA release available - security fix 2014-03-06
Lukasz Lenart (lukaszlenart apache org)

[slackware-security] sudo (SSA:2014-064-01) 2014-03-06
Slackware Security Team (security slackware com)

Malware

RDN/Generic Downloader.x!jw!48A35E916FC1
Generic BackDoor!B824B7722BD6
RDN/Generic.bfr!gc!E0C84AF44ED0
Generic PUP.x!A9E5866D0BB1
RDN/Generic.bfr!gc!A857FB71D0EA
Generic.tfr!32EB404F610E
RDN/Generic.dx!czj!0748493BCC77
RDN/Generic Downloader.x!jw!C4CF1F87C272
RDN/Generic Dropper!ty!FE8E0919A979
Generic Downloader.x!A833EA614DF3
RDN/Downloader.a!pj!8DF832CEA286
RDN/Generic PUP.x!btr!5A295A420C2B
RDN/Generic PUP.x!btr!FB307AE45545
RDN/Ransom!ec!D84CB06F9B43
Generic PUP.x!A8BD8B16A015
RDN/Generic BackDoor!xg!14CD43506AF1
Generic PUP.x!9AE86824D21A
RDN/Generic PUP.x!btr!E25BE66187C6
RDN/Generic PUP.x!btr!FF9CBCC46C0D
RDN/Generic PUP.x!btr!618736ED8D48
RDN/Generic PUP.x!btr!8361AD094D55
RDN/Generic PUP.x!btr!C2406593DBD5
Generic PUP.x!FDFF5EA118A1
Generic PUP.x!A611BB4CEF34
Generic PUP.x!A5D5038624CE
Generic PUP.x!A857C475935A
RDN/Generic Dropper!80079383F6AE
Generic PUP.x!A83ECB718138
RDN/Generic PUP.x!btr!9BD27EB6E99C
Generic PUP.x!A7CB8B3ACED9

Phishing

NatWest	7th March 2014
ACCESS TO ONLINE BANKING SERVICE !
Verizon Wireless	7th March 2014
Verizon Notification ID : NTVKDWQHQD
Pay Pal	7th March 2014
NEW PAYMENT TO SKYPE !
Daily	6th March 2014
Termination of account
Barclays Bank Plc	6th March 2014
Online Account Has Flagged !
Google Secured Document	6th March 2014
VERY IMPORTANT DOCUMENTS

Vulnerebility

Exploit

7.3.2014

Bugtraq

CVE-2014-2044 - Remote Code Execution in ownCloud 2014-03-06
Portcullis Advisories (advisories portcullis-security com)

SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability 2014-03-06
Vulnerability Lab (admin vulnerability-lab com)

[ANN] Struts 2.3.16.1 GA release available - security fix 2014-03-06
Lukasz Lenart (lukaszlenart apache org)

[slackware-security] sudo (SSA:2014-064-01) 2014-03-06
Slackware Security Team (security slackware com)

Malware

Generic PUP.x!D75FC6A43027
Adware-FOO!3108969DFF00
Generic PUP.x!674B8F99A22A
Generic PUP.x!8A9CB25B0D54
Generic PUP.x!0E820FAB3E88
RDN/Generic.bfr!ge!D021352EA255
Generic PUP.x!774BB4F8D900
Generic.bfr!2F4A7B485E8B
Generic PUP.x!9FFF137FF37E
Generic PUP.x!6BA06ABA2A3E
RDN/Generic.tfr!du!94ACF8F1BD71
Generic PUP.x!A0566C2ADE08
Generic PUP.x!D02BEEEEE8C0
Generic PUP.x!2410F8710D87
RDN/Generic.bfr!5A720B78AEEB
Generic PUP.x!A2CCB64887B7
Generic PUP.x!05E07049EBF8
Generic PUP.x!6DEE1DDBB91C
Generic PUP.x!40C2B3C0F316
Generic.bfr!65E780645634
Generic PUP.x!73F7D682451F
Generic PUP.x!8942A3361432
Generic PUP.x!27D4FF016F31
Generic PUP.x!121BB86DA817
Generic PUP.x!F7D7743D97BD
RDN/Generic.dx!0C33D4FA532C
Generic.bfr!5EE2D115C3A3
Generic PUP.x!49E9218EE4E8
Generic PUP.x!D95E6117E6CD
Generic PUP.x!EBC6FD456B73

Phishing

Pay Pal	7th March 2014
NEW PAYMENT TO SKYPE !
Daily	6th March 2014
Termination of account
Barclays Bank Plc	6th March 2014
Online Account Has Flagged !

Vulnerebility

Exploit

6.3.2014

Bugtraq

[CVE-2014-0683]Router Cisco RV110W - RV215W - CVR100W - Bypass Login Page - Admin Password Disclosure 2014-03-05
Gustavo Speranza (gustavosj js gmail com)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers 2014-03-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco Small Business Router Password Disclosure Vulnerability 2014-03-05
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[CVE-2014-0683]Router Cisco RV110W - RV215W - CVR100W - Bypass Login Page - Admin Password Disclosure 2014-03-05
Gustavo Speranza (gustavosj js gmail com)

ESA-2014-012: EMC Documentum TaskSpace Multiple Vulnerabilities 2014-03-05
Security Alert (Security_Alert emc com)

Multiple Vulnerabilities in OpenDocMan 2014-03-05
High-Tech Bridge Security Research (advisory htbridge com)

Cross-Site Scripting (XSS) in Ilch CMS 2014-03-05
High-Tech Bridge Security Research (advisory htbridge com)

CVE-2014-1599 - 39 Type-1 XSS in SFR DSL/Fiber Box 2014-03-05
alejandr0.w3b.p0wn3r (alejandr0 w3b p0wn3r gmail com)

[security bulletin] HPSBMU02933 rev.2 - HP SiteScope, issueSiebelCmd and loadFileContents SOAP Requests, Remote Code Execution, Arbitrary File download, Denial of Service (DoS) 2014-03-05
security-alert hp com

[security bulletin] HPSBHF02965 rev.1 - HP Security Management System, Remote Execution of Arbitrary Code 2014-03-05
security-alert hp com

[security bulletin] HPSBUX02973 SSRT101455 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-03-04
security-alert hp com

Malware

RDN/Generic PUP.x!5DC170FEED4C
RDN/PWS-Banker!da!AB86731530E5
Generic PUP.x!51F7E26ADE67
RDN/Generic.dx!czh!CA818774E197
Generic PUP.x!542374E8A30D
RDN/Generic.bfr!44B28A39BA54
Generic PUP.x!F7A9C077286C
Generic PUP.x!F0E85CD851AF
Generic.bfr!110479B5BB83
Generic.dx!D1554E3DB835
Generic PUP.x!FED5C032565F
RDN/Generic PUP.x!btm!51164F304AD7
RDN/Generic.dx!czh!0E46630EDBBF
Generic PUP.x!4C9C9775755D
RDN/PWS-Zbot.rh!c!E58D6324A9FD
RDN/Generic.dx!czh!331AC5AD27F5
Generic PUP.x!72CDDB209C4A
Generic PUP.x!D3EBCE6BEE27
RDN/Generic PUP.x!btm!F1FDDB769E75
Generic PUP.z!2BCBB93DCD39
Generic PUP.x!32457F766702
Generic PUP.x!B876B33F8141
Generic PUP.x!E13C29BBE603
Generic PUP.x!70476C02A147
Generic PUP.x!4D76DDFF1CBE
Generic PUP.x!685C963813F0
RDN/Generic.bfr!gc!F977C9EA5FFF
RDN/Generic.bfr!gc!FC7CB7A70AC5
RDN/Generic.dx!czh!1764CABD8386
RDN/Generic PUP.x!btm!4FFEF3090FF2

Phishing

Barclays Bank Plc	6th March 2014
Online Account Has Flagged !
Google Secured Document	6th March 2014
VERY IMPORTANT DOCUMENTS
VISA	6th March 2014
Visa - Urgent Action Required !
Yahoo!	6th March 2014
important update
BT	6th March 2014
Important Information About Your Service-Mail Update
Barclays Bank Plc	6th March 2014
Account Suspended
Alert@AOL.com	6th March 2014
FINAL WARNING ; YOUR AMERICA ONLINE IS DUE FOR SUSPENSION !
Barclays Bank Plc	5th March 2014
ACCOUNT SUSPENDED
Discover Customer Service	5th March 2014
IMPORTANT MESSAGE ABOUT YOUR DISCOVERÂ®

Vulnerebility

Exploit

OpenDocMan 1.2.7 - Multiple Vulnerabilities

ALLPlayer M3U Buffer Overflow

Ilch CMS 2.0 - Persistent XSS Vulnerability

5.3.2014

Bugtraq

JOIDS (Java OpenID Server) multiple vulnerabilities 2014-03-04
Bartlomiej Balcerek (Bartlomiej Balcerek pwr edu pl)

[CVE-2014-0072] Apache Cordova File-Transfer insecure defaults 2014-03-04
iclelland chromium org

[CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation 2014-03-04
iclelland chromium org

[slackware-security] gnutls (SSA:2014-062-01) 2014-03-04
Slackware Security Team (security slackware com)

[SECURITY] [DSA 2869-1] gnutls26 security update 2014-03-03
Yves-Alexis Perez (corsac debian org)

CFP: Passwords^14, Las Vegas, August 5-6 2014-03-03
Per Thorsheim (per thorsheim net)

[SECURITY] [DSA 2868-1] php5 security update 2014-03-02
Salvatore Bonaccorso (carnil debian org)

Malware

Generic PUP.x!A5DC536C29F2
RDN/Generic PUP.x!bt3!AF7E957AC2C7
RDN/Generic Dropper!ty!A3156A47A89B
Generic PUP.x!7E2B36CD320D
Generic PUP.x!8298908E477F
Generic Downloader.x!39D53FFDC21D
RDN/Generic.dx!0511CA8C87A5
RDN/Generic PUP.x!bt3!46623B6E31CD
RDN/Generic.dx!czg!737E150CC626
Generic PUP.x!832C97FAD830
Generic PUP.x!832EA0862FC0
Generic PUP.x!84B5E466A624
RDN/Generic PUP.x!bt3!17C16CC5146E
Generic.dx!97A64C5B8849
RDN/Generic.bfr!gc!A19E3E0F8862
RDN/Generic PUP.x!bt3!38A9D671C0BB
Generic PUP.x!66E691097A91
RDN/Generic BackDoor!xg!9AB801CC2C64
RDN/Generic.dx!czg!732937945531
RDN/Generic.dx!czg!3A345C2084E4
Generic PUP.x!FF377844327F
Generic PUP.x!81E0F46FA569
Generic PUP.x!1540036A3A52
Generic PUP.x!2F3648E3AB22
Generic PUP.x!81BF5E6B8A67
Generic PUP.x!82ABF6B0C488
RDN/Spybot.bfr!98946288177E
Generic PUP.x!83A67ACE0576
Generic PUP.x!62FF718C1F73
RDN/Generic PUP.x!bt3!E618F9ECDF28

Phishing

NatWest	5th March 2014
Important information about your account
ebilling@bt.com	4th March 2014
Important information about your BT account (Cell 14)
Lloyds Bank UK	4th March 2014
IMPORTANT UPDATE !
bt.comteam@bt.com	4th March 2014
Important changes to your BT email terms

Vulnerebility

Exploit

Calavera UpLoader 3.5 - SEH Buffer Overflow

4.3.2014

Bugtraq

[SECURITY] [DSA 2869-1] gnutls26 security update 2014-03-03
Yves-Alexis Perez (corsac debian org)

CFP: Passwords^14, Las Vegas, August 5-6 2014-03-03
Per Thorsheim (per thorsheim net)

[SECURITY] [DSA 2868-1] php5 security update 2014-03-02
Salvatore Bonaccorso (carnil debian org)

[CVE-2014-2206] GetGo Download Manager HTTP Response Header Buffer Overflow Remote Code Execution 2014-03-02
Julien Ahrens (info rcesecurity com)

Malware

RDN/Generic PUP.x!btg!BC2340E90466
RDN/Generic PUP.x!btg!B7EC7EF22D07
RDN/Generic PUP.x!btg!B83786AE9B5F
RDN/Generic PUP.x!btg!C56C61D99D8E
RDN/Generic PUP.x!btg!BAE6F2B5019F
RDN/Generic.tfr!du!0F138B705F44
Generic.bfr!6AC916D1006F
RDN/Downloader.a!pi!FD2AC10B4D3E
RDN/Downloader.a!pi!FCB533BA1DFB
Generic PUP.x!F42E8D9724E4
Generic.bfr!A41B2B4F3EDD
Generic.bfr!5057F7452B58
Generic.bfr!9E7C6908EA53
Generic.bfr!86B4BA149EB9
Generic PUP.x!D5B644262435
Generic PUP.x!671C73DDF2C5
Generic PUP.x!4E99A6063A7D
Generic PUP.x!F1C847E17F04
Generic.bfr!7D0D30FAFB03
RDN/Generic BackDoor!xf!8AFCA25A3C63
Generic.bfr!2905B910A689
Generic PUP.x!4D0D612435BE
Generic PUP.x!873AEA57CB85
Generic PUP.x!2AAD2B6E29AD
Generic PUP.x!12DD6F0D8395
Generic Downloader.sd!B826AC70E93F
Generic PUP.x!410D1FF68808
Generic.bfr!1D972C4D9894
Generic.bfr!18F14667E198
Generic PUP.x!1D2D8908D7CC

Phishing

Vulnerebility

Exploit

ALLPlayer 5.8.1 - (.m3u file) Buffer Overflow (SEH)

SpagoBI 4.0 - Persistent XSS Vulnerability

SpagoBI 4.0 - Persistent HTML Script Insertion

SpagoBI 4.0 - Arbitrary XSS File Upload

3.3.2014

Bugtraq

[CVE-2013-6234] XSS File Upload in SpagoBI v4.0 2014-03-01
Christian Catalano (ch catalano gmail com)

[CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0 2014-03-01
Christian Catalano (ch catalano gmail com)

[CVE-2013-6232] Persistent Cross-Site Scripting (XSS) in SpagoBI v4.0 2014-03-01
Christian Catalano (ch catalano gmail com)

WordPress thecotton Themes Remote File Upload Vulnerability 2014-03-01
iedb team gmail com

Malware

RDN/Generic PUP.x!849A7E8DE764
RDN/Generic Dropper!C249FA56D49A
RDN/Generic.dx!DD306E43F40B
RDN/Generic PUP.x!1EFC204DEF39
RDN/Generic PUP.x!687C3426EF17
RDN/Generic PUP.x!btf!8AB4EFC33F92
Generic PUP.x!C8A1A2124885
RDN/Generic PUP.x!FFFDA48865C1
RDN/Generic PUP.x!0D9DF47CA4C2
Generic PUP.x!74747F965B45
RDN/Generic.bfr!B683F9A822AB
RDN/Generic.dx!7539B94463C4
Generic PUP.x!8BD1CBE520B4
RDN/Generic.tfr!2FAF892ABE6B
RDN/Generic.dx!czf!07920555EC79
RDN/Generic.dx!czf!0486300BB033
Generic PUP.x!7D62ADE5C170
RDN/Generic.dx!36107B9789CA
Generic PUP.x!66515BD65C91
RDN/Generic.dx!06B0F906E47F
RDN/Generic PUP.x!93114C81D6E5
RDN/Generic.dx!066AA8F39786
Generic.dx!50B7F6667BE3
Generic PUP.x!3296EEE9AEE3
RDN/Generic.bfr!gc!35420596AD65
Generic PUP.x!290E6BF68915
RDN/Spybot.bfr!A031B1A14EB3
RDN/Generic.dx!06DF2FF638BD
RDN/Generic Dropper!29054F68249D
RDN/Generic PUP.x!E08C3859232E

Phishing

MBNA credit	3rd March 2014
YOUR MBNA CREDIT CARD STATEMENT
NatWest	3rd March 2014
Access to Online Banking Service !

Vulnerebility

Exploit

ALLPlayer 5.8.1 - (.m3u file) Buffer Overflow (SEH)

couponPHP CMS 1.0 - Multiple Stored XSS and SQL Injection Vulnerabilities

2.3.2014

Bugtraq

Malware

RDN/Generic Dropper!EED00ABCEFAA
Generic PUP.x!8E7F26B3230A
RDN/Generic Dropper!A348A54DE86C
Generic PUP.x!DCDA81E67C5B
RDN/Generic.bfr!F87EBDA3792C
Generic PUP.x!9C03FF3B8D32
RDN/Generic Downloader.x!50F9BD055F62
RDN/Downloader.gen.a!1569C1282F98
Generic PUP.x!B9ECB99AD6EE
RDN/Generic.dx!09117D8ADC77
RDN/Ransom!6CBA5C6FFADB
Generic PUP.x!18955B1DF795
Generic PUP.x!DD655B7B2E2C
Generic PUP.x!92ACF6559A7C
Downloader.gen.a!E5B351A04B99
RDN/Generic Dropper!B502E1BDE0FD
RDN/Generic.bfr!98141220B830
RDN/Generic Dropper!704CDDE8A8FF
RDN/Generic Dropper!A7C937D73FB1
W32/Virus.gen!B7FA363DEA1B
Generic PUP.x!A3D71CB4B96A
RDN/Generic.dx!08A4676D3AE4
Generic PUP.x!1A7A586BC220
Generic PUP.x!1585ADC4FDF0
Generic Downloader.x!CC2CD31F3E93
W32/Virus.gen!2C7179A93D12
RDN/Generic Dropper!E760D67FA53F
RDN/Generic.dx!07F1DD4284C0
Downloader.gen.a!3CEB545509C2
RDN/Generic PUP.x!F72C6A0E6318

Phishing

Barclays Bank PLC	2nd March 2014
This is an important Barclays bank security Message
Barclays	2nd March 2014
Your account has been placed on restricted status
Barclays	2nd March 2014
Online Access Suspended
Verify Update!	2nd March 2014
Note Update!

Vulnerebility

Exploit

Oracle Demantra 12.2.1 - Arbitrary File Disclosure

Oracle Demantra 12.2.1 - SQL Injection Vulnerability

Oracle Demantra 12.2.1 - Stored XSS Vulnerability

Oracle Demantra 12.2.1 - Database Credentials Disclosure

1.3.2014

Bugtraq

SEC Consult SA-20140228-1 :: Authentication bypass (SSRF) and local file disclosure in Plex Media Server 2014-02-28
SEC Consult Vulnerability Lab (research sec-consult com)

SEC Consult SA-20140228-0 :: Privilege escalation vulnerability in MICROSENS Profi Line Modular Industrial Switch 2014-02-28
SEC Consult Vulnerability Lab (research sec-consult com)

[slackware-security] subversion (SSA:2014-058-01) 2014-02-27
Slackware Security Team (security slackware com)

SEC Consult SA-20140227-0 :: Local Buffer Overflow vulnerability in SAS for Windows (Statistical Analysis System) 2014-02-27
SEC Consult Vulnerability Lab (research sec-consult com)

Multiple Vulnerabilities in VideoWhisper Live Streaming Integration WP Plugin 2014-02-27
High-Tech Bridge Security Research (advisory htbridge com)

Malware

RDN/Generic.bfr!et!45AA5D2EFE68
RDN/Ransom!B9F16BAA4758
Generic PUP.x!D3DB4A35CE0C
Generic PUP.x!12BEAA832C47
Generic PUP.x!EBF039B48A5F
Generic PUP.x!CFDBD7BF826E
RDN/Generic.bfr!et!9DEB229580F3
RDN/Generic PUP.x!41592CA7835A
RDN/Generic BackDoor!xf!50F8AFA27030
Generic PUP.x!FA72FA91312E
Generic PUP.x!10B61C5EB1E8
Generic PUP.x!BAB53D30334A
Downloader.gen.a!58F650FFF2B2
RDN/Generic.bfr!et!9EFDA4BB513A
Generic PUP.x!1546E2E6B88C
RDN/Generic PUP.x!bt3!5EF96919A7F5
RDN/Generic.bfr!et!63BEE664D401
Generic PUP.x!082B75D71993
Generic PUP.x!C1C16E6C65A7
RDN/Generic.bfr!10EF4480F35C
RDN/Generic PUP.x!bt3!400833879821
Generic PUP.x!F81DE7E5E350
Generic PUP.x!8DEC8187D9B2
Generic PUP.x!CDCFB5465C55
Generic.bfr!CA8B00154960
Generic PUP.x!91262CA91EEA
Generic PUP.x!DF93C60AA975
RDN/Generic.bfr!et!0E68FDCEBBF8
Generic PUP.x!376F7ECC8BB1
Generic PUP.x!AB1BFC43BF44

Phishing

Vulnerebility

Exploit

GE Proficy CIMPLICITY gefebt.exe Remote Code Execution

GoldMP4Player 3.3 - Buffer Overflow Exploit (SEH)

Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow

MICROSENS Profi Line Switch 10.3.1 - Privilege Escalation

PHP-CMDB 0.7.3 - Multiple Vulnerabilities

Webuzo 2.1.3 - Multiple Vulnerabilities

Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities

Wordpress VideoWhisper 4.27.3 - Multiple Vulnerabilities

SpagoBI 4.0 - Privilege Escalation Vulnerability

28.2.2014

Bugtraq

SEC Consult SA-20140227-0 :: Local Buffer Overflow vulnerability in SAS for Windows (Statistical Analysis System) 2014-02-27
SEC Consult Vulnerability Lab (research sec-consult com)

Multiple Vulnerabilities in VideoWhisper Live Streaming Integration WP Plugin 2014-02-27
High-Tech Bridge Security Research (advisory htbridge com)

Update: CVE-2014-0053 Information Disclosure when using Grails 2014-02-27
Pivotal Security Team (security gopivotal com)

Office 365 - Account Hijacking Cookie Re-Use Flaw, extended 2014-02-27
"Oei, Géry" (geryoei oei-edv de)

Malware

Generic PUP.x!7BEEF5292F79
Generic PUP.x!74843BD687C4
Generic PUP.x!7E456FE0797D
Generic PUP.x!7494722C15FD
Generic PUP.x!D3776D10F430
Generic PUP.x!7ADC4418F309
Generic PUP.x!7E5713C476E5
Generic PUP.x!7CA0E67EFB7E
Generic PUP.x!BA0E034445ED
Generic PUP.x!7954D303D74C
Generic PUP.x!749E3DC9B0AC
Generic PUP.x!7C0DF6645967
Generic PUP.x!AFC30D7929F5
RDN/PWS-Mmorpg.gen!0635CC586ACD
RDN/Generic.bfr!D0FD70C64A16
RDN/Generic PUP.x!991661206DE9
Generic PUP.x!96F3C1BB875A
Generic PUP.x!7D6055220C67
Generic PUP.x!7D5F1BD2014A
RDN/Generic.bfr!7EA7439151A9
Generic PUP.x!79E3BB1BDE3C
Generic.dx!B2FEDD083267
Generic PUP.x!7DB211DFD6C7
RDN/Generic Dropper!AA31C16B3C52
Generic PUP.x!7AC34396D13E
Generic PUP.x!7C0527E5CC8E
RDN/PWS-Mmorpg.gen!21BEB1C68F20
Generic PUP.x!7DEDAE85BAAD
Generic PUP.x!7D69FA8BD4B6
Generic PUP.x!7D6D21851496

Phishing

Google Doc no-reply@googlemail	27th February 2014
RE: ORIGINAL DOCUMENTS.........
NatWest	27th February 2014
Access to Online Banking Service
NatWest Card	27th February 2014
NatWest Secure Password Reset Confirmation

Vulnerebility

Exploit

GDL 4.2 - Multiple Vulnerabilities

Bluetooth Photo Share Pro 2.0 iOS - Multiple Vulnerabilities

27.2.2014

Bugtraq

Cisco Security Advisory: Cisco Prime Infrastructure Command Execution Vulnerability 2014-02-26
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Barracuda Networks Bug Bounty #31 Firewall - Persistent Access Policy Vulnerability 2014-02-26
Vulnerability Lab (research vulnerability-lab com)

Persistent XSS in Media File Renamer V1.7.0 wordpress plugin 2014-02-26
Larry W. Cashdollar (larry0 me com)

Authentication-Bypass in CosmoShop ePRO V10.17.00 (and lower, maybe higher) 2014-02-26
innate gmx de

Malware

Generic PUP.x!D676CDD82078
Generic Downloader.x!43788502F82D
Generic PUP.x!D7A749758FE7
RDN/Generic.dx!D0D973AFB17F
Generic PUP.x!0661CF753A7D
Generic PUP.x!3CFD3743B84F
Downloader.gen.a!F875DB96806E
Generic PUP.x!53DD01A2C97D
Downloader.gen.a!698391284F40
Generic PUP.x!44E0F8A6411F
Generic.bfr!F94877DDFD8F
Generic.bfr!FC42E1BED83B
Generic PUP.x!8C71EE43FBA2
Generic PUP.x!A90975D8C3C1
RDN/Generic.dx!B0797BE40B5E
Generic.bfr!AE228FC36D43
Generic Downloader.x!DCE9297D81D1
Generic PUP.x!536844B2631A
Generic PUP.x!5F0A16C81A7F
Generic BackDoor!81AD83623BE8
Generic PUP.x!A6D61564B53B
RDN/Generic.bfr!3DDF02D3C578
Generic.bfr!1644A34E8F7D
W32/Relnek!CFF58DE60634
Generic PUP.x!0B384FBFC679
Generic PUP.x!BA5A53622070
RDN/Generic PUP.x!bt3!3A3F88C78051
Generic PUP.x!472294837EE8
Generic.bfr!103BC1E0098F
Generic PUP.x!C9EE5CB00849

Phishing

Vulnerebility

Exploit

26.2.2014

Bugtraq

[RT-SA-2014-001] McAfee ePolicy Orchestrator: XML External Entity Expansion in Dashboard 2014-02-25
RedTeam Pentesting GmbH (release redteam-pentesting de)

Barracuda Networks Firewall Bug Bounty #32 - Filter Bypass & Persistent Web Vulnerabilities 2014-02-25
Vulnerability Lab (research vulnerability-lab com)

[SECURITY] CVE-2013-4286 Incomplete fix for CVE-2005-2090 (Information disclosure) 2014-02-25
Mark Thomas (markt apache org)

[SECURITY] CVE-2013-4590 Information disclosure via XXE when running untrusted web applications 2014-02-25
Mark Thomas (markt apache org)

[SECURITY] CVE-2013-4322 Incomplete fix for CVE-2012-3544 (Denial of Service) 2014-02-25
Mark Thomas (markt apache org)

[SECURITY] CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled 2014-02-25
Mark Thomas (markt apache org)

Malware

Generic PUP.x!211EEEFFD40E
Generic PUP.x!28A8E29D73AA
Generic PUP.x!74A1D774504F
Generic PUP.x!051A6F35BAD7
Generic PUP.x!8567D505BAC5
Generic PUP.x!28D159EAA41C
Generic PUP.x!28F38656039B
Generic PUP.x!19FB4176E17B
RDN/Generic Dropper!A4DDF52D4C4C
Generic PUP.x!7B1E03823DDC
Generic Downloader.x!279692C2F401
RDN/Generic PUP.x!28FA720C98AB
Generic Downloader.x!AD9A58094C67
Generic Downloader.x!2981ACC950C7
Generic-FAOD!4F631CD66E41!4F631CD66E41
RDN/Generic Dropper!78DB0F0675BF
Generic PUP.x!294336225DF1
Generic PUP.x!35A087773091
Generic PUP.x!4A16669C5BEB
Generic PUP.x!2674647FCF39
Generic PUP.x!F88DEE858432
Generic PUP.x!26A5F02A6FF4
Generic PUP.x!2736A9D1CFDB
Generic Downloader.x!26AD1F97E901
Generic PUP.x!A0DC3FDB47E3
Generic PUP.x!268FACCA86B7
Generic PUP.x!90F8B3EC663E
Generic PUP.x!7ECCB6021E30
Generic PUP.x!09B5C4BDDD3C
Generic PUP.x!25F6AF3A1147

Phishing

ebilling@bt.com	26th February 2014
Important Information About Your Service-Mail Update
alerts	26th February 2014
Regions Bank Alert: Account Activities Alert

Vulnerebility

Exploit

Symantec Endpoint Protection Manager Remote Command Execution

Private Camera Pro 5.0 iOS - Multiple Vulnerabilities

Piwigo 2.6.1 - CSRF Vulnerability

GoAhead Web Server 3.1.x - Denial of Service

25.2.2014

Bugtraq

[security bulletin] HPSBMU02971 rev.1 - HP Application Information Optimizer, Remote Execution of Code, Information Disclosure 2014-02-24
security-alert hp com

[security bulletin] HPSBST02937 rev.1 - HP StoreVirtual 4000 and StoreVirtual VSA Software dbd_manager, Remote Execution of Arbitrary Code 2014-02-24
security-alert hp com

Malware

Generic PUP.x!B16C243FECE8
RDN/Generic PUP.z!du!A38DFB896445
Generic PUP.x!B547E022C923
Generic PUP.x!09FB44077B38
Generic PUP.x!3A05DCC164A4
Generic PUP.x!A0BC4EB85E67
Generic PUP.x!F36DE6D99AAD
RDN/Generic PUP.x!A53C643FE90C
Generic Downloader.x!A4548C3901E9
Generic PUP.x!427AC751431B
Generic PUP.x!E6479C2D5167
RDN/Generic PUP.x!btd!27C759C7988C
RDN/Generic PUP.x!btd!1E59EBDBB46B
Generic PUP.x!224F33027A38
Generic.bfr!5E6413ADE773
RDN/Generic PUP.x!btd!84E5E38D4ACE
Generic PUP.x!C925E0DC02DD
Generic PUP.x!3003B9FF33E0
Generic PUP.x!A6A5125F6F1C
RDN/Generic.bfr!gc!6C7C1C45FB79
RDN/Generic PUP.x!79993B81ED8C
RDN/Generic.dx!czc!EA4E45DECE9B
Generic PUP.x!32943206AC83
RDN/Generic PUP.x!btd!AEC83FAD1707
Generic PUP.x!AC4518823681
Generic PUP.x!0720219AD385
Generic PUP.x!9D750C34E6C3
Generic PUP.x!21CB0DA32C9B
RDN/Generic PUP.x!btd!0F0B41A855DB
Generic PUP.x!09CDF1C0C03C

Phishing

ebilling@bt.com	24th February 2014
We Are Switching BT BROADBAND 2014
alerts	24th February 2014
Regions Bank Alert: Contact Details Changed
Natwest Bank Plc	23rd February 2014
SECURITY ALERT (SECURE YOUR ONLINE CREDIT CARD ACCESS)
Western Union	23rd February 2014
PLEASE UPDATE YOUR INFORMATION

Vulnerebility

Exploit

Python socket.recvfrom_into() - Remote Buffer Overflow

Technicolor TC7200 - Credentials Disclosure

WiFiles HD 1.3 iOS - File Inclusion Vulnerability

Sendy 1.1.8.4 - SQL Injection Vulnerability

24.2.2014

Bugtraq

Malware

Generic PUP.x!7045B147DFB9
Generic PUP.x!2ECE454F42B9
Generic PUP.x!0316144CECE8
Generic PUP.x!FD19FF7E4E80
Generic.bfr!11ACDF947094
Generic PUP.x!9C7CCC43F4FA
Generic PUP.x!232C51E930C7
Generic PUP.x!B604C0CFFAF9
Generic PUP.x!214926AEC244
Generic PUP.z!24CA01ECEB12
Generic PUP.x!59D35D72F59B
Generic PUP.x!93DF05246C51
Generic PUP.x!6913CC850116
Generic PUP.x!00B356D66576
Generic PUP.x!AE2CDE4C2043
Generic PUP.x!9FF6D35FD51A
Generic PUP.x!61E035A69DEE
Generic PUP.x!6102724B50B9
Generic PUP.x!6EACF224CCBF
Generic PUP.x!AB4832535479
Generic PUP.x!80997C2F21A3
Generic PUP.x!B99A537FD007
Generic PUP.x!0670FE123503
Generic PUP.x!922F322655C4
Generic PUP.x!37E7A7F47998
Generic PUP.x!12E777E4FAD8
Generic PUP.x!EF93D8649CEB
Generic PUP.x!EDF29CD2F4F4
Generic PUP.x!5579B688688E
Generic PUP.x!695D73A682D8

Phishing

Natwest Bank Plc	23rd February 2014
SECURITY ALERT (SECURE YOUR ONLINE CREDIT CARD ACCESS)
Western Union	23rd February 2014
PLEASE UPDATE YOUR INFORMATION
eBay Collections	22nd February 2014
FRIENDLY REMINDER: PAYMENT AND UPDATED INFO NEEDED

Vulnerebility

Exploit

Symantec Endpoint Protection Manager Remote Command Execution Exploit

22.2.2014

Bugtraq

CNNVD Gov CN #1 - Filter Bypass & Persistent Web Vulnerability 2014-02-21
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2014:046 ] phpmyadmin 2014-02-21
security mandriva com

Barracuda Bug Bounty #36 Firewall - Client Side Exception Handling Web Vulnerability 2014-02-21
Vulnerability Lab (research vulnerability-lab com)

ASUS router drive-by code execution via XSS and authentication bypass 2014-02-21
buqtraq kyber fi

Malware

Generic PUP.x!918DB3E64C28
Generic PUP.x!48D996DC13DF
Generic PUP.x!3E879961DF6C
DirectDownminer!A9E36AA6F7C0
RDN/Downloader.gen.a!B85C23AEB0AE
Generic PUP.x!1127173922FA
RDN/Generic PUP.x!46497CFB1F34
Generic PUP.x!05FEFC179278
Generic PUP.x!9AA31FA8D44A
Generic PUP.x!280A50AEB431
Generic PUP.x!0F8905A3E70E
Generic.bfr!CA64C34603B7
RDN/Generic Dropper!4A3097A6151C
DirectDownminer!66AA51834D1A
RDN/Generic.bfr!gd!96AD5C930E20
Generic PUP.x!747E894FC4C5
Generic PUP.x!A4251266735A
Generic PUP.x!080A17D7F02E
Generic PUP.x!1E23AB6A084B
Generic PUP.x!AA4A14F3B326
Generic PUP.x!34401878122F
Generic PUP.x!5691473E7192
Generic PUP.x!F124319D2E1A
Generic PUP.x!623E7CFCC831
Generic PUP.x!643009AAB5C0
Generic.bfr!F17F924BDBD6
Generic PUP.x!AE859727903D
DirectDownminer!C3AF09F7CFE1
Generic PUP.x!AA4236DE0D8D
RDN/Generic.bfr!gd!CDAA2F7BDFB7

Phishing

eBay Collections	22nd February 2014
FRIENDLY REMINDER: PAYMENT AND UPDATED INFO NEEDED
Barclays Bank Plc	22nd February 2014
Account Suspended
CreditCardOnlineServices	21st February 2014
ONLINE STATEMENTS - RBS
PayPal	21st February 2014
»Customer Support»

Vulnerebility

Exploit

21.2.2014

Bugtraq

Android & iOS Hands-on Exploitation at SyScan 2014 2014-02-20
xys3c team (security xysec com)

[ MDVSA-2014:045 ] libtar 2014-02-20
security mandriva com

SQL Injection in AdRotate 2014-02-20
High-Tech Bridge Security Research (advisory htbridge com)

[slackware-security] mariadb, mysql (SSA:2014-050-02) 2014-02-20
Slackware Security Team (security slackware com)

[slackware-security] kernel (SSA:2014-050-03) 2014-02-20
Slackware Security Team (security slackware com)

[HITB-Announce] Haxpo CFP 2014-02-20
Hafez Kamal (aphesz hackinthebox org)

VideoCharge Studio v2.12.3.685 cc.dll CHTTPResponse::GetHttpResponse() Buffer Overflow Remote Code Execution 2014-02-19
Julien Ahrens (info rcesecurity com)

Malware

Generic PUP.x!6527C3E9EA44
RDN/Generic.bfr!gd!5D735CC3D7DB
Generic PUP.x!FEF6C7BB7D3B
Generic PUP.x!3EA58306CE8C
Generic PUP.x!D50C027C0C7D
RDN/Spybot.worm!l!815DCFA3ACD3
RDN/Generic.bfr!gd!6C4615643479
Generic.bfr!19D127CAE839
Generic PUP.x!5F0854DD77C0
Generic PUP.x!9504B093CDBC
Generic PUP.x!9608EFFF53DC
Generic PUP.x!79AB9270C758
Generic PUP.x!2272DAF1D67F
Generic PUP.x!A4F1D6321725
Generic.bfr!609F56796ECB
Generic PUP.x!FE54A77A50D3
Generic PUP.x!83F0F7388500
Generic PUP.x!AEA396BF8888
Generic PUP.x!92FAF5A28909
RDN/Generic.bfr!gd!877D10157B85
Generic PUP.x!BE4570D1436E
Generic PUP.x!ED943F186476
Generic.bfr!A7ABCF03E6C2
Generic PUP.x!C1E3FB61F7AE
Generic.dx!A34C5693E49D
Downloader.gen.a!8030F7FFE7DB
RDN/Generic.bfr!gc!7CCD0FF941FA
RDN/Generic.bfr!gd!1E8B2CEB0FF5
Generic PUP.x!7CB5BB7798C1
Generic PUP.x!BCA9C2DEA423

Phishing

Skype	21st February 2014
New Payment To Skype !
Paypal	21st February 2014
Your PayPal account has been temporarily limited
ebilling@bt.com	20th February 2014
Account Update

Vulnerebility

Exploit

VideoCharge Studio 2.12.3.685 GetHttpResponse() - MITM Remote Code Execution Exploit

Barracuda Firewall 6.1.0.016 - Multiple Vulnerabilities

Stark CRM 1.0 - Multiple Vulnerabilities

Catia V5-6R2013 "CATV5_Backbone_Bus" - Stack Buffer Overflow

20.2.2014

Bugtraq

CA20140218-01: Security Notice for CA 2E Web Option 2014-02-19
Williams, James K (Ken Williams ca com)

[ MDVSA-2014:039 ] libgadu 2014-02-18
security mandriva com

Malware

Generic PUP.x!EC2C63088FB4
RDN/Generic PUP.x!1F87FBD740C3
RDN/Generic PUP.x!DD656B80E57F
RDN/Generic PUP.x!0A22584033D1
RDN/Generic PUP.x!8A11AC1FF9FA
Generic PUP.x!72A4FACF87CB
RDN/Generic PUP.x!4DDA4D44AD80
RDN/Generic PUP.x!bs3!CE38F6BD8CBE
Adware-SweetIM!14DB2AA0B37C
RDN/Autorun.worm.gen!0442E8FE39A7
Generic PUP.x!8F342DC84700
Generic PUP.x!19F3EB806002
Generic PUP.x!B4C8A76D7840
RDN/Generic PUP.x!8F62DF654129
Generic PUP.x!2D94B70C9EA2
Generic PUP.x!87B5CCD64863
Generic.bfr!8BEBC44CF377
Generic.bfr!8C19B842E888
RDN/Generic StartPage!605B47FF6A71
RDN/Generic BackDoor!E6E38AB466FA
Generic PUP.x!75985210F43A
Generic PUP.x!0C6353DF19E9
Generic PUP.x!599DE26AEB2D
Generic PUP.x!3C1F0DE685B4
Generic PUP.x!D7C538513C05
Generic PUP.x!B6005E0B3CCF
Generic PUP.x!BB33859E6CCD
Generic PUP.x!02632639377D
Generic PUP.x!B13C894EBDD9
RDN/Generic PUP.x!8ABF35BD3F5D

Phishing

alerts	20th February 2014
Regions Bank Alert: Contact Details Changed
Halifax	19th February 2014
Online Banking Suspention

Vulnerebility

Exploit

19.2.2014

Bugtraq

CA20140218-01: Security Notice for CA 2E Web Option 2014-02-19
Williams, James K (Ken Williams ca com)

[ MDVSA-2014:039 ] libgadu 2014-02-18
security mandriva com

[SECURITY] [DSA 2863-1] libtar security update 2014-02-18
Luciano Bello (luciano debian org)

CVE-2014-1215 - Local Code Execution in CoreFTP Core FTP Server 2014-02-18
Portcullis Advisories (advisories portcullis-security com)

[ MDVSA-2014:040 ] puppet 2014-02-18
security mandriva com

SEC Consult SA-20140218-0 :: Multiple critical vulnerabilities in Symantec Endpoint Protection 2014-02-18
SEC Consult Vulnerability Lab (research sec-consult com)

Re: [Full-disclosure] CVE-2013-1643 - Unauthorised Access To Other Users Email Messages in Symantec PGP Universal Web Messenger 2014-02-18
Tim Brown (tmb 65535 com)

Malware

Generic BackDoor!F7E4A2585172
RDN/Generic BackDoor!xd!55F54FB0DEC1
Generic BackDoor!A518956E4BBB
RDN/Generic.bfr!gb!B8D273711A4C
RDN/Generic.dx!c2y!C8F295A3337B
RDN/Generic.dx!c2y!847EBF9246D6
Generic.dx!D3523465760B
RDN/Generic PWS.y!yr!FF012BDDAD2F
RDN/Generic.dx!c2y!0B565C82C21B
RDN/Generic.tfr!du!135938230D4F
Qhost-Gen!A4D42AD2C23D
Generic Downloader.x!CC735773F021
DNSChanger.bfr!1431EBC7FE6E
Generic PUP.x!486DE03E83C8
RDN/Generic.tfr!00B268A7B20F
RDN/Generic BackDoor!BF51565D860B
Backdoor-FBSO!A727E4405A36
RDN/Qhost-Gen!be!C46AA8BAE3CF
RDN/Generic PUP.x!7AA461AD73F1
RDN/Generic.dx!BE2AAF72D9FE
Generic.bfr!E3BEFC028654
RDN/Generic.dx!D2BDEB0AF62C
Generic PUP.x!C8065F23A08D
RDN/Qhost-Gen!be!F15F23D2DA36
RDN/Spybot.bfr!0A04B49E6A00
Generic PUP.x!7A8FC79539DA
RDN/Generic.bfr!71CE3042A26F
RDN/Generic PUP.x!A4C97A4A1CC0
Generic PUP.x!6B1A44C4CAE6
RDN/Generic PUP.x!428E35E70A93

Phishing

Discover Card	19th February 2014
IMPORTANT MESSAGE ABOUT YOUR DISCOVER CARDÂ®
National Westminster Bank	19th February 2014
YOUR NATWEST CREDIT CARD ONLINE SERVICES IS LOCKED OUT
ebilling@bt.com	19th February 2014
Account Update
Maria Ellis	19th February 2014
TESCO PRIZE INFORMATION - JOHN PLATTS
Barclays PLC	19th February 2014
Review Your Account For Payment Notification
Mail Team	19th February 2014
Upgrade Your E-mail!
Natwest	18th February 2014
NatWest Bank Notice.

Vulnerebility

Exploit

WRT120N 1.0.0.7 Stack Overflow

MediaWiki Thumb.php Remote Command Execution

Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow

Oracle Forms and Reports Remote Code Execution

Audiotran PLS File Stack Buffer Overflow

Dlink DIR-615 Hardware vE4 Firmware v5.10 - CSRF Vulnerability

Barracuda Message Archiver 650 - Persistent XSS Vulnerability

Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities

My PDF Creator & DE DM 1.4 iOS - Multiple Vulnerabilities

Concrete5 5.6.2.1 (index.php, cID param) - SQL Injection

Open Web Analytics 1.5.4 (owa_email_address param) - SQL Injection Vulnerability

Catia V5-6R2013 "CATV5_AllApplications" - Stack Buffer Overflow

SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service

18.2.2014

Bugtraq

Malware

Generic.tfr!07EC7F41EE59
Generic PUP.x!3DFA77C9085C
RDN/Generic PWS.y!yq!B23C2925EE2D
RDN/Generic.dx!C6794E6B2FD9
Generic PUP.x!FCA495EC69D7
Generic.bfr!DEDD160C2068
Generic.bfr!335DBF59314D
Generic.bfr!5ABD565B38FD
Generic PUP.x!B593693DCF9D
Generic.bfr!41B61BE8E3E5
Generic PUP.x!0AE0DB2DE7DC
Generic PUP.x!2A7119E4B747
Generic PUP.x!8CDEE2A986D8
Generic PUP.x!2255352F15B1
Generic PUP.x!1BF63394C47F
Generic.bfr!33C1329F75F6
Generic.bfr!3C60D084CD8A
Generic PUP.x!76973511D7A5
Generic PUP.x!FB46700C54A1
Generic PUP.x!37BB9B20A0A1
RDN/Generic.bfr!DD0D1BD9BDDC
Generic.bfr!37E0F302EE36
Generic.bfr!37D17CEC9675
Generic PUP.x!6929E54C6B8B
Generic.bfr!4B3B7C8ED2AB
Generic.bfr!6AAC2F1932F7
RDN/Generic PUP.x!C3A876EAECBB
Generic PUP.x!689CC3724B46
Generic PUP.x!BB6634BD651F
Generic PUP.x!54FE6D5E4309

Phishing

Vulnerebility

Exploit

17.2.2014

Bugtraq

[ MDVSA-2014:038 ] kernel 2014-02-17
security mandriva com

Recon 2014 Call For Papers - June 27-29, 2014 - Montreal, Quebec 2014-02-17
cfp2014 recon cx

[ MDVSA-2014:036 ] varnish 2014-02-17
security mandriva com

[ MDVSA-2014:035 ] libpng 2014-02-17
security mandriva com

My PDF Creator & DE DM v1.4 iOS - Multiple Vulnerabilities 2014-02-17
Vulnerability Lab (research vulnerability-lab com)

Jetro Cockpit Secure Browsing vulnerability - Client missing input validation allowing RCE 2014-02-17
Ronen Z (ronen quaji com)

[SECURITY] [DSA 2862-1] chromium-browser security update 2014-02-16
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2861-1] file security update 2014-02-16
Salvatore Bonaccorso (carnil debian org)

File Hub v1.9.1 iOS - Multiple Web Vulnerabilities 2014-02-15
Vulnerability Lab (research vulnerability-lab com)

mbDriveHD v1.0.7 iOS - Multiple Web Vulnerabilities 2014-02-15
Vulnerability Lab (research vulnerability-lab com)

Malware

DNSChanger.bfr!D6D7FFF0C4E0
Generic PUP.x!C5418A37E0C0
Generic PUP.x!773748404D04
Generic.bfr!E345D42F5DA2
DNSChanger.bfr!D4F09B5C20C0
Generic PUP.x!9065551320DD
Generic PUP.x!DBA3691C9A85
Generic PUP.x!7C52E14F2773
Generic PUP.x!ED7D5EC0779A
Generic PUP.x!9735CB2A5223
Generic PUP.x!894BC0214D98
Generic PUP.x!960937B74DEC
Generic PUP.x!ACA42B26934A
RDN/Generic PUP.x!6F1E23838748
RDN/Generic.bfr!555148E82B5A
Downloader-FLN!68542708B4E8!68542708B4E8
Generic PUP.x!19BD5A833071
Downloader.gen.a!0BC50BC00F68
Generic PUP.x!BE413BDE1662
Obfuscated-FBU!hb!E4997B15061E
RDN/Generic.bfr!6EC0F1C5D8E6
Generic PUP.x!2CAF348FC90B
Generic PUP.x!9CF02A0359AB
Generic PUP.x!95A908EDC05A
Generic PUP.x!262B794586BB
Generic.bfr!0D8D14A50134
Generic PUP.x!18BE9FCF90F4
Generic PUP.x!71B1A9C7F68B
Generic PUP.x!08E8CD1C35D1
Generic PUP.x!95BF5FBAE06A

Phishing

Skype	17th February 2014
New Payment To Skype !
Barclays Bank Plc	17th February 2014
ACCOUNT SUSPENDED.
Virgin Media	17th February 2014
VIRGIN PROFILE UPDATE
Barclays Bank	17th February 2014
BARCLAYS - NEW E-STATEMENT NOTIFICATION!
Barclays Online Banking	16th February 2014
Barclays - You Have An Important Account Message!
Natwest	16th February 2014
Natwest Account Warning Alert

Vulnerebility

Exploit

Linksys E-series Unauthenticated Remote Code Execution Exploit

HP Data Protector EXEC_BAR Remote Command Execution

Dexter (CasinoLoader) SQL Injection

ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)

Dexter (CasinoLoader) Panel - SQL Injection

Trendchip HG520 ADSL2+ Wireless Modem CSRF Vulnerability

Office Assistant Pro 2.2.2 iOS - File Include Vulnerability

mbDriveHD 1.0.7 iOS - Multiple Vulnerabilities

File Hub 1.9.1 iOS - Multiple Vulnerabilities

14.2.2014

Bugtraq

[ISecAuditors Security Advisories] - Reflected XSS vulnerability in Boxcryptor (www.boxcryptor.com) 2014-02-13
ISecAuditors Security Advisories (advisories isecauditors com)

Wordpress plugin Buddypress <= 1.9.1 privilege escalation vulnerability 2014-02-13
Pietro Oliva (pietroliva gmail com)

Wordpress plugin Buddypress <= 1.9.1 stored xss vulnerability 2014-02-13
Pietro Oliva (pietroliva gmail com)

Malware

Generic PUP.x!90B2D665A0F2
Adware-FFN!A32167A96CC9!A32167A96CC9
RDN/Downloader.a!pf!C70B46EBBE51
Generic PUP.x!AD67B6CF54A0
Generic PUP.x!88EA0D7CFDAB
Generic PUP.x!E4D67963ABEF
Generic PUP.x!B9EBA116675A
Generic PUP.x!4BDC428DA0CA
Generic PUP.x!981476C97A60
Adware-FFN!F6290526CADD!F6290526CADD
Generic PUP.x!945DD0108032
Generic PUP.x!05A341AACF3C
Generic PUP.x!E9F94C5BD494
Generic PUP.x!82F2A5874FB9
Generic PUP.x!EB3A9FF9C52B
Generic PUP.x!9A24AEB8709C
Generic PUP.x!B2101E45F06B
Generic PUP.x!9EE3A6A6DB3E
Generic PUP.x!BB24EF80AE8B
Generic PUP.x!EB4A82F55C23
Generic PUP.x!AFBF569361BE
Generic PUP.x!8484262D7C65
Generic PUP.x!3F07829D27BE
Generic.bfr!A1384C8CA6A7
W32/Relnek!ACD4A259A8E9
RDN/Generic PUP.x!41001E72B74A
Generic PUP.x!51551E907802
Generic.bfr!D9F2F66537A0
Generic PUP.x!2E48626DB59D
Generic PUP.x!DE13FCE2C7CE

Phishing

PayPal	14th February 2014
WARNING ! YOUR ACCOUNT HAS BEEN LIMITED
Tesco	13th February 2014
SPECIAL REWARD FOR TESCO CUSTOMERS
Barclays Bank UK	13th February 2014
WE NEED TO UPDATE SOME IMPORTANT INFORMATION

Vulnerebility

Exploit

13.2.2014

Bugtraq

Malware

RDN/Spybot.bfr!2F45E74088D6
RDN/Generic.bfr!fy!9CE787D29873
RDN/Generic PUP.x!bsj!B1F1CD68B610
RDN/Spybot.bfr!BF55FDA2D98B
RDN/Generic.bfr!fy!43EA03E6D29F
Generic PUP.x!31B1DE6A6684
RDN/Spybot.bfr!6D86F521CF90
RDN/Spybot.bfr!l!C716003F60D0
Generic PUP.x!E5E0E2D0F132
Generic PUP.x!F99F904A07ED
Generic PUP.x!4A1872E45C72
Generic PUP.x!E52FD65FC2D5
Generic PUP.x!357FD1A9D2FD
Generic PUP.x!594F081F5B60
Generic PUP.x!22687B17A46D
RDN/Generic.dx!AB1F69E43A6A
Generic PUP.x!A59240F45D23
Generic PUP.x!FA15C06D9704
Generic PUP.x!EC5DD3CDB5F1
Generic PUP.x!2E8A715C97BA
RDN/PWS-Zbot.agg!c!DF6B0D82EBAB
Generic PUP.x!2EE7EF151323
Generic PUP.x!36307428256C
Generic PUP.x!BCFEE7F8D422
Generic PUP.x!CEE18FF92219
Generic PUP.x!F32C506FD294
Generic PUP.x!E534C07AA94A
RDN/Spybot.bfr!7CA8657F3C3B
Generic PUP.x!9B99F7320796
RDN/Generic.bfr!D22A0A6FA421

Phishing

NatWest PLC	12th February 2014
You have 1 new message
Barclays Bank	12th February 2014
ACCOUNT SUSPENDED BY ERRORS....... YUGZPTPONF
Natwest	12th February 2014
Account Suspenstion Notification
Apple	12th February 2014
YOUR APPLE ID WAS USED TO SIGN IN TO ICLOUD ON AN IPHONE 5

Vulnerebility

Exploit

12.2.2014

Bugtraq

Malware

Generic PUP.x!62EDA83E116B
Generic PUP.x!2A89D7054CDF
Generic PUP.x!1AD24DA7CA3A
RDN/Generic.bfr!fz!CE239D77E1E9
Generic PUP.x!DFF0546A381D
Generic PUP.x!2D68C2377AF7
Generic PUP.x!EF35B32A86AF
Generic.bfr!1F6AD4D872CA
Generic PUP.x!C7B20062626B
Generic PUP.x!4B1A62776CDA
Generic.bfr!A972E22AF1A7
RDN/Generic PUP.x!bsh!B5307C301B0A
Generic PUP.x!8816F5259ED5
RDN/Generic PUP.x!bsh!00B45CA0B583
Generic PUP.x!04E7F6A8361D
Generic PUP.x!228C284E5D8F
Generic PUP.x!9B60BF120716
Generic PUP.x!59B670E66FA9
Generic PUP.x!4D983943C4F3
Generic PUP.x!C4AF3FB46D5A
Generic PUP.x!E70C7773BFAC
Generic PUP.x!CC1992898715
Generic.bfr!92943D2E4085
RDN/Generic Dropper!D26DA2C617D3
Generic PUP.x!69D546E4FCEC
Generic PUP.x!5CD52A4AE9C7
RDN/Spybot.bfr!507272B43A65
Generic PUP.x!A19F97BC457B
RDN/Generic Downloader.x!js!B1C468E865F8
RDN/Spybot.bfr!8D57FCB7BE1C

Phishing

Apple	12th February 2014
YOUR APPLE ID WAS USED TO SIGN IN TO ICLOUD ON AN IPHONE 5
BARCLAYS	11th February 2014
BARCLAYS - New Payment Notification!
USAA	10th February 2014
USAA: Validate Your Online Account
Natwest Bank Plc	10th February 2014
SECURITY ALERT (SECURE YOUR ONLINE CREDIT CARD ACCESS)

Vulnerebility

Exploit

jDisk (stickto) v2.0.3 iOS - Multiple Vulnerabilities

NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities

Apache Commons FileUpload and Apache Tomcat Denial-of-Service

11.2.2014

Bugtraq

Malware

Generic PUP.x!FA74FC0E6033
Generic.bfr!4593E006D508
RDN/Generic Downloader.x!js!8A53F59A07D6
Generic PUP.x!BE133F079524
Generic PUP.x!1BB1685351B4
Generic BackDoor!C7B49A622711
Generic.bfr!655F6BC7F534
Generic PUP.x!E47F57BB260F
Generic PUP.x!29FEC593A7EF
Generic PUP.x!23B63E37C4DF
Generic PUP.x!E3566A24D9D5
Generic PUP.x!8F71DDA7DBFF
Generic.bfr!293DA473698C
RDN/Generic Dropper!FB220D2D3A82
Generic PUP.z!3B6D78F39501
Generic.bfr!930580A3A1CF
RDN/Spybot.bfr!B74C62B903D6
Generic PUP.x!C9F3586B86B1
Generic PUP.x!03C4A271A68F
Generic.bfr!4FE223BA47FA
Generic.bfr!98231E49725C
Generic.bfr!AA478346B536
Generic PUP.x!15C1218DE5B7
Generic.bfr!F7ABF5061A86
Generic PUP.x!C9279C4F50F4
PWS-FBPC!E8297E038D9F
Generic.bfr!11558D7D6EF9
RDN/Generic.bfr!fz!53E4184503AD
RDN/Generic.bfr!fz!05892C24389E
RDN/Generic.bfr!fz!982D58676A42

Phishing

USAA	10th February 2014
USAA: Validate Your Online Account
Natwest Bank Plc	10th February 2014
SECURITY ALERT (SECURE YOUR ONLINE CREDIT CARD ACCESS)
Natwest	9th February 2014
Natwest Credit Card Security Alert
Lloyds Bank	9th February 2014
ONLINE SECURITY - RECOGNISING charset=utf-8"> New Page 2
Discover.com	9th February 2014
Please Update your Discover.com Account

Vulnerebility

Exploit

KingScada kxClientDownload.ocx ActiveX Remote Code Execution

Kloxo SQL Injection and Remote Code Execution

Windows TrackPopupMenuEx Win32k NULL Page

D-Link DSL-2750B ADSL Router - CSRF Vulnerability

Wordpress Frontend Upload Plugin - Arbitrary File Upload

WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities

Tableau Server - Blind SQL Injection Vulnerability

Titan FTP Server 10.32 Build 1816 - Directory Traversal Vulnerability

10.2.2014

Bugtraq

[slackware-security] mozilla-thunderbird (SSA:2014-039-02) 2014-02-08
Slackware Security Team (security slackware com)

ASUS AiCloud Enabled Routers 12 Models - Authentication bypass and Sensitive file/path disclosure 2014-02-08
kyle Lovett (krlovett gmail com)

[slackware-security] seamonkey (SSA:2014-039-03) 2014-02-08
Slackware Security Team (security slackware com)

#CONFidence 2014- Call for Papers, only 0111 days left to become CONFidence ninja 2014-02-08
Andrzej Targosz (andrzej targosz proidea org pl)

[slackware-security] mozilla-firefox (SSA:2014-039-01) 2014-02-08
Slackware Security Team (security slackware com)

[SECURITY] [DSA 2857-1] libspring-java security update 2014-02-08
Moritz Muehlenhoff (jmm debian org)

[oCERT-2014-001] MantisBT input sanitization errors 2014-02-08
Andrea Barisani (lcars ocert org)

Malware

RDN/Downloader.a!pd!A4E26BE78666
Generic PUP.x!F5C2FD75AF66
Generic PUP.x!D727DEF39B0F
Generic PUP.x!60B939897DDA
Generic PUP.x!750691431D17
Generic.bfr!0288D5C42736
Generic PUP.x!B1364BA4237B
Generic PUP.x!AC62EC4694DB
Generic PUP.x!FC581FC7B498
Generic PUP.x!4FFCDC5FC3B6
Generic PUP.x!9A9B38D1824F
Generic PUP.x!707BD1F66C35
Generic PUP.x!111BE75E12E8
RDN/Generic.dx!A12B21E01E97
Generic PUP.x!6A07A05457A5
Generic PUP.x!47B984F561BC
Generic PUP.x!E217D36BDCAE
Generic PUP.x!1D1D5B376653
RDN/Generic PUP.x!27F6143589CE
Generic PUP.x!99A46C6C7D19
Generic PUP.x!E1DFA29B170A
RDN/Spybot.bfr!A35F9A7504F1
Generic PUP.x!880AFE6CFD37
Generic PUP.x!861B05922153
Generic PUP.x!6213C7B09F93
Generic PUP.x!8199FEF50A9E
Generic PUP.x!0F754D46C88A
RDN/Generic PUP.x!1229061EAB56
Generic PUP.x!3E3993DCB770
Generic PUP.x!D1EE0F6E61AA

Phishing

Natwest	9th February 2014
Natwest Credit Card Security Alert
Lloyds Bank	9th February 2014
ONLINE SECURITY - RECOGNISING charset=utf-8"> New Page 2
Discover.com	9th February 2014
Please Update your Discover.com Account
Lloyds Internet Banking	8th February 2014
YOUR ONLINE BANKING ACCESS HAS BEEN SUSPENDED
Barclays Bank Plc	8th February 2014
Account Suspended.
Google Inc.	8th February 2014
GOOGLE PRIVACY POLICY TERMS OF SERVICE
Discover.com	8th February 2014
Please Update your Discover.com Account

Vulnerebility

Exploit

ZTE ZXV10 W300 Router - Hardcoded Credentials

8.2.2014

Bugtraq

Malware

Generic PUP.x!EB18DD64286E
RDN/Generic BackDoor!wz!B1D666B17B7C
Generic PUP.x!A3319E0DA236
Generic.bfr!5F046B2022EF
Generic PUP.x!319C6306DCEE
Generic PUP.x!22FCC93FBD23
Generic PUP.x!C200A6682C8A
Generic PUP.x!4A183BC84664
Generic PUP.x!2F2965A26024
Generic.dx!B01FE5CA1A77
Generic PUP.x!83D86F4D7F11
Generic PUP.x!8BA44FADF429
Adware-OpenCandy!3A5F36CCD3B4!3A5F36CCD3B4
Adware-OpenCandy!60A7EB857FB0!60A7EB857FB0
Generic PUP.x!19C7E40FC52F
Generic.bfr!6040F8325E61
BackDoor-CEP.gen.cn!ACF3CB90EC4F
Generic PUP.x!649E151AA743
RDN/Generic.bfr!4B3A0892BCE8
RDN/Generic.bfr!EFFBD34C39B0
Generic PUP.x!58FCE07537DE
Generic PUP.x!D7C029035793
Generic PUP.x!CDC7AED8A916
Generic PUP.x!E932293C96E9
Generic PUP.x!4E89AA41CFEA
Generic PUP.x!305A7DCA5CCE
Generic PUP.x!7B3FB6674817
Generic PUP.x!8D76B57AF6AF
Generic PUP.x!CF06DD69EAF6
Generic PUP.x!370F982D3808

Phishing

Barclays Bank Plc	8th February 2014
ACCOUNT SUSPENDED !
Barclays	7th February 2014
Alert - Service(s) listed suspended!

Vulnerebility

Exploit

Pandora FMS Remote Code Execution

Android Browser and WebView addJavascriptInterface Code Execution

Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities

CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS

AuraCMS 2.3 - Multiple Vulnerabilities

doorGets CMS 5.2 - SQL Injection Vulnerability

7.2.2014

Bugtraq

Information on recently-fixed Oracle VM VirtualBox vulnerabilities 2014-02-07
Matthew Daley (mattd bugfuzz com)

[SECURITY] [DSA 2852-1] libgadu security update 2014-02-06
Florian Weimer (fw deneb enyo de)

Malware

Generic PUP.x!7C81EC28E23D
Generic PUP.x!B6E1E46D6E77
Generic PUP.x!AABDC10D7A74
Generic PUP.x!D35102C73E58
W32/Expiro.gen.p!62827F36DE95
Generic PUP.x!CC402283B599
Generic PUP.x!57C2C2D8A183
Generic PUP.x!A56D845E944A
Generic.bfr!C24AF1032EF2
Generic PUP.x!52DB55219AD8
Generic PUP.x!96934F399C5C
Generic.bfr!00CFB4727B29
Generic.bfr!676EFCEB6345
Generic PUP.x!3E278A30FA5A
Generic PUP.x!60EC6CA17C25
Downloader.gen.a!14051428EE36
Generic.bfr!278FDC1B73E2
Generic PUP.x!98EAADE69FB5
Generic PUP.x!D65FB8C4BB89
Generic.bfr!FDBF7FD0FC8B
Generic PUP.x!AE9C6625CC40
Generic PUP.x!BD6E6DDCCC9A
Generic PUP.x!72E95C59BFF2
Generic.bfr!7DC1E5555C7B
Generic.bfr!B84A2E37C4E7
RDN/Generic.dx!c2o!87C524A3BA5E
Generic.bfr!031E09513247
Generic.bfr!576D9F1102B5
Generic PUP.x!F63A785FF9AE
Generic.bfr!2B67C434A684

Phishing

Apple	6th February 2014
YOUR APPLE ID WAS USED TO SIGN IN TO ICLOUD ON AN IPHONE 5

Vulnerebility

Exploit

Asseco SEE iBank FX Client 2.0.9.3 - Local Privilege Escalation Vulnerability

PHP Webcam Video Conference - Multiple Vulnerabilities

Joomla 3.2.1 - SQL Injection Vulnerability

Publish-It 3.6d - Buffer Overflow Vulnerability

6.2.2014

Bugtraq

ESA-2014-005: EMC Documentum Foundation Services (DFS) Content Access Vulnerability 2014-02-05
Security Alert (Security_Alert emc com)

Security Advisory: NETGEAR Router D6300B Firmware: V1.0.0.14_1.0.14 2014-02-05
marcel mangold syss de

Malware

Generic PUP.x!2FE6E138E8E3
Generic PUP.x!0DCDA4206CEA
Generic PUP.x!B7E0B0C088FD
Generic PUP.x!741A18F99B8E
Generic.dx!07F8BAD3AB0D
Generic PUP.x!41A23BC4699F
RDN/Generic PUP.x!43A69ECE2F2A
Generic.bfr!0BAE712925D1
Generic.bfr!589C2FC40C40
Generic PUP.x!4E2680E323C5
Generic PUP.x!1B9E0146B418
Generic PUP.x!3AAC827224EE
Generic.bfr!30A9EA17FC27
Generic PUP.x!25E27B8D4073
Generic PUP.x!EC62F01A1F61
Generic PUP.x!1D4E16DCAD50
Generic PUP.x!F63A16AAFD9D
Downloader.gen.a!84CB36C44CE5
Generic PUP.x!292DD85DA792
Generic PUP.x!701C69E22E6A
Generic PUP.x!2EF2BAC4405C
RDN/Spybot.bfr!9C22A84E3325
RDN/Generic PUP.x!brv!464BBEED1735
Generic PUP.x!FDEEEA9667A8
Generic PUP.x!360E52E176D2
Generic PUP.x!F419CBE9F662
Generic PUP.x!8EB5CD4110A5
Generic PUP.x!9238A395DA75
Generic Downloader.x!1935632AFA29
Generic PUP.x!2661C0C0667A

Phishing

Digital Banking Service	5th February 2014
YOU HAVE 1 NEW SECURITY MESSAGE FROM RBS CREDITCARD.

Vulnerebility

Exploit

5.2.2014

Bugtraq

Malware

Generic PUP.x!973ACFE031E7
RDN/Generic PUP.x!br3!49FAA2AAF4F2
RDN/Generic PUP.x!br3!43E724E3BE1B
Generic PUP.x!CDAECF7B37D3
RDN/Generic.bfr!855E323E8ABE
Downloader.gen.a!4416CE93C50E
RDN/Generic PUP.x!br3!D70DC41C685E
Generic PUP.x!9FF03194A815
Generic PUP.x!F5670026AB3F
RDN/Generic.dx!C2984B8C3EFE
Generic PUP.x!3D539FAE85B1
Generic PUP.x!A48C76007E63
Generic PUP.x!3D3E19C74F89
Generic PUP.x!4B1622A6853C
Generic PUP.x!B1E3C1FE05EB
Generic PUP.x!C8A4B687B514
RDN/Generic PUP.x!br3!46CEA7883887
Generic PUP.x!3D78D1759EB1
Generic PUP.x!1BA8A6075CA7
Generic PUP.x!013EB8BC746D
Generic PUP.x!BCAA8FA75150
RDN/Generic.dx!c2m!4CA2A200F976
Generic PUP.x!B0E7A8B3107C
Generic BackDoor!5F9E787E495B
Generic.dx!F8CF942C9EF4
Generic PUP.x!3DF1120EBF04
RDN/Generic PUP.x!br3!A4BE7A8384FD
RDN/Generic PUP.x!F179875EE41E
RDN/Generic PUP.x!br3!058490EE593D
RDN/Generic PUP.x!br3!264DCB3925BB

Phishing

Vulnerebility

Exploit

XnView 1.92.1 Command-Line Arguments Buffer Overflow Vulnerability

4.2.2014

Bugtraq

Security advisory, LedgerSMB 1.3.0-1.3.36 2014-02-03
Chris Travers (chris metatrontech com)

[SECURITY] [DSA 2851-1] drupal6 security update 2014-02-02
Salvatore Bonaccorso (carnil debian org)

Malware

Generic.bfr!90E58D92341B
W32/Expiro!B6289BE777E1
Generic PUP.x!B9563F4CA835
Generic PUP.x!F0EE6C6A43A6
Generic.bfr!E961C6A36ACE
Generic PUP.x!96A7A263161F
Generic PUP.x!B7183D448DDB
RDN/Spybot.bfr!EAF542C07A83
Generic.dx!2579FFEFC43A
RDN/Spybot.bfr!919E757CE3BD
Generic.bfr!4FCF516CC401
Generic PUP.x!3082F0B795EA
Generic.bfr!F795F6AD468A
Generic PUP.x!FDEA95E76230
Generic PUP.x!8D7F3B3056D3
Generic PUP.x!874FCAB3951A
Generic PUP.x!4CD72AEBCF62
Generic PUP.x!F74DE2665A8B
Generic PUP.x!7996DC8EEECD
Generic PUP.x!A61BF8ABC369
Generic PUP.x!674381C21C14
Generic PUP.x!091AD20AB7FD
Generic PUP.x!B7D5FF7631DA
Generic.bfr!ECDE07ED92BA
Generic PUP.x!08C91B555974
Generic PUP.x!ED1B2B97B2AB
Generic PUP.x!36980223966A
RDN/Generic.bfr!fv!768BFF70B00C
RDN/Generic.bfr!fv!18F60A2FDDE6
Generic PUP.x!1AFA92AA163A

Phishing

Halifax	3rd February 2014
SECURITY MESSAGE: READ CAREFULLY
BARCLAYS	3rd February 2014
BARCLAYS - Processing your billing information!
Amazon.com	2nd February 2014
Please Update your Amazon.com Account

Vulnerebility

Exploit

3.2.2014

Bugtraq

Malware

Generic PUP.x!AC58CB877C13
Generic PUP.x!158EA6028242
Generic PUP.x!7CB4362C821C
Generic PUP.x!D4FCCB823148
W32/Expiro!9BB6F99AF291
RDN/Generic PUP.x!47164F09FDDA
RDN/Spybot.bfr!DC67143A8FB4
Generic PUP.x!C2C39BAAC5E5
Generic.bfr!B499FA83368D
RDN/Spybot.bfr!74DFABE96F93
RDN/Generic PUP.x!brr!95BF9890B9E3
RDN/Spybot.bfr!B661281577C8
RDN/Generic PUP.x!brr!40DCD0E8A247
Generic PUP.x!F211B0C28CE9
Generic PUP.x!0802A2020AA6
Generic PUP.x!44A54D28BC60
Generic PUP.x!94B8E26ED931
RDN/Downloader.gen.a!C3DDF9C185BA
RDN/Spybot.bfr!AA3824DB3A2D
Generic PUP.x!BF1B93C8398B
Generic PUP.x!97894B7C15DA
Generic PUP.x!6362C3C0E597
Generic PUP.x!BF2794157D75
RDN/Generic.bfr!fu!DCAE0D7C51B2
Generic PUP.x!6F1B94CEEAE9
RDN/Generic PUP.x!brr!EDB81A90FFB7
Downloader.gen.a!C37FF467DC9F
Generic PUP.x!477731A9B3B5
Generic PUP.x!04DAE92DF0BC
Generic PUP.x!69E7F2C188A8

Phishing

Amazon.com	2nd February 2014
Please Update your Amazon.com Account
RBS Bank	2nd February 2014
YOU HAVE 1 NEW SECURITY MESSAGE FROM RBS CREDITCARD
Natwest	1st February 2014
Account will be closed in the next 24 hours
NatWest	1st February 2014
YOU HAVE 1 NEW SECURITY MESSAGE FROM NATWEST CREDITCARD

Vulnerebility

Exploit

Linux 3.4+ Arbitrary write with CONFIG_X86_X32

linux 3.4+ local root (CONFIG_X86_X32=y)

31.1.2014

Bugtraq

Ektron CMS Take Over - Hijacking Accounts 2014-01-30
Mark Litchfield (mark securatary com)

SimplyShare v1.4 iOS - Multiple Web Vulnerabilities 2014-01-29
Vulnerability Lab (research vulnerability-lab com)

Malware

W32/Relnek!AD7F51EB2C06
Generic.bfr!6CCEA8D78529
Generic PUP.x!186E1B88992E
Generic PUP.x!E7876A3EB817
Generic PUP.x!181AFE6957C5
Generic PUP.x!5BE2D3B4DB9E
Generic PUP.x!7423FB5121BE
Generic PUP.x!E52EC1C068C1
Generic.bfr!A749685028F3
W32/Expiro!ADE83FDD8A85
RDN/Generic PUP.x!br3!0335700E8271
Generic PUP.x!F440A722CB7C
Generic PUP.x!182B14ACC468
Generic.bfr!F439F6C36000
Generic PUP.x!17EBF4E57525
Generic PUP.x!73DCB99AEF38
Generic PUP.x!1F96D2CD89A2
Generic.bfr!17BAA166B355
Generic.bfr!5665C184D838
Dowloader-FEX!09ACB5D12BA5
Generic PUP.x!A054DDFA5014
Generic.bfr!676A6B2980EF
W32/Expiro!B07224AE1B87
Generic PUP.x!379B097BF495
Generic.bfr!D96F35CCD103
Generic PUP.x!475CA9B16C58
Generic.bfr!848E75C2553B
Generic PUP.x!71A538CE6949
Generic PUP.x!F543945817C4
Generic PUP.x!E4D6E58E2D9E

Phishing

MINT	30th January 2014
MINT ACCOUNT REVIEW NOTIFICATION.
Lloyds Group	30th January 2014
LLOYDS BANK - ACCOUNT REINSTATEMENT
Halifax	30th January 2014
Update and verify your online Billing
NatWest Credit Card Online	30th January 2014
LATEST NATWEST CREDIT CARD ACCOUNT STATEMEN
NatWest Credit Card Online	30th January 2014
LATEST NATWEST CREDIT CARD ACCOUNT STATEMENT
Barclays	30th January 2014
Important Update

Vulnerebility

Exploit

Linux 3.4+ recvmmsg x32 compat Proof of Concept

30.1.2014

Bugtraq

SiteCore XML Control Script Insertion 2014-01-29
Mark Litchfield (mark securatary com)

[slackware-security] mozilla-nss (SSA:2014-028-02) 2014-01-28
Slackware Security Team (security slackware com)

Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail 2014-01-28
Mark Litchfield (mark securatary com)

Malware

Generic PUP.x!6D0409CB0FD3
Generic PUP.x!77BAD7BC4570
Generic PUP.x!29335C111F2D
Generic PUP.x!044D6B5A0252
Generic PUP.x!D7BE021EC25F
Generic PUP.x!F61238EC7128
Generic PUP.x!74E3C9F04BD5
Generic PUP.x!65F3B5F0C92D
Generic PUP.x!2AF227E63E65
Generic PUP.x!2A0195267960
Generic PUP.x!150E8FFEE83B
Generic PUP.x!D6BA17170D63
Generic PUP.x!C59115D3693E
Generic PUP.x!952878653E9D
Generic PUP.x!FD3E45BB3D3D
Generic PUP.x!5207F2842F14
Generic PUP.x!9497EB4F012F
Generic PUP.x!53729D638488
Generic PUP.x!0E45A8C96D7F
Generic PUP.x!8FADA4685985
Generic PUP.x!36BF7AD8D48E
Generic PUP.x!8A14C413B2A5
Generic PUP.x!04707068422D
Generic PUP.x!8C0E149F881C
Generic PUP.x!8620497265C4
Generic PUP.x!F6779CCC9846
Generic PUP.x!41AACDB43DF2
Generic PUP.x!047A82ECF667
Generic PUP.x!297D00A85D3F
Generic PUP.x!25B93F0719AA

Phishing

American Express	29th January 2014
AMERICAN EXPRESS SECURITY NOTIFICATION
Chase	29th January 2014
Chase Online Banking Notification
PayPal	29th January 2014
Important Information about your PayPal account
Barclays Bank	29th January 2014
Your Barclays Account is Suspended

Vulnerebility

Exploit

Oracle Forms and Reports 11.1 - Remote Exploit

Simple E-Document Arbitrary File Upload

SimplyShare 1.4 iOS - Multiple Vulnerabilities

A10 Networks Loadbalancer - Directory Traversal

ManageEngine Support Center Plus 7916 - Directory Traversal

pfSense 2.1 build 20130911-1816 - Directory Traversal

29.1.2014

Bugtraq

Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability 2014-01-27
Vulnerability Lab (research vulnerability-lab com)

DC4420 - London DEFCON - January meet - Tuesday 28th January 2014 2014-01-27
Major Malfunction (majormal pirate-radio org)

Multiple Vulnerabilities in Eventum 2014-01-27
High-Tech Bridge Security Research (advisory htbridge com)

Malware

Generic.bfr!344E80BF1B50
RDN/Generic PUP.x!brm!AD5398408013
Generic PUP.x!4C66AAB80C9F
W32/Expiro!20E458313ED4
Generic.bfr!11A530D8AB38
Generic PUP.x!38C14DE2C403
W32/Expiro!0B632754088A
Generic.bfr!BECEE78D4777
W32/Expiro!FADFC1410EFC
Generic PUP.x!8BF133BF8755
Generic.bfr!FDCED4A13A64
Generic PUP.x!2EFFD8E93004
Generic PUP.x!8990AEF55740
Generic PUP.x!8A19C8675CA8
Generic PUP.x!AB2C3C85BF81
Generic PUP.x!CE91909F3010
Generic PUP.x!AD706008CAD2
Generic PUP.x!5070F15E0A82
Generic PUP.x!1BEAA7F01AE6
RDN/Downloader.a!oy!5EDBCE39BAF0
Generic PUP.x!F3C7F1ADA158
RDN/Generic PUP.x!brm!5A3C6351204E
Generic PUP.x!DF0CFBBAC5E0
Generic PUP.x!BA2CF4F2478F
Generic PUP.x!A8FB2C29F0EC
Generic PUP.x!6FA19C9D322E
Generic PUP.x!20BC0519D4AB
Generic PUP.x!3F15A0CA7796
Generic.bfr!A50E693128F7
Generic PUP.x!189D2969E129

Phishing

Chase	28th January 2014
New Message From Chase Online (SM)
RBS	28th January 2014
YOUR RBS CARD IMPORTANT NOTIFICATION.
NATWEST	28th January 2014
NATWEST CREDIT CARD ONLINE SERVICES
RBS	28th January 2014
YOUR LATEST STATEMENT FOR ACCOUNT ENDING 952 IS READY FOR YOU ONLINE NOW
PayPal	28th January 2014
Account Notification

Vulnerebility

Exploit

28.1.2014

Bugtraq

Malware

RDN/Downloader.a!oy!AC08A9F4C29E
Generic PUP.x!1E3D0DA0E39A
Generic.bfr!045F826DACAB
Generic.bfr!0A8249690995
Generic.bfr!1599AFD60537
RDN/Generic BackDoor!A95389472155
Generic PUP.x!F8F657F2BF6D
Generic PUP.x!C1A2E45D4276
Generic PUP.x!CC862D3B8521
W32/Expiro!27CEE36B8457
Generic PUP.x!BD2F8B363A61
RDN/Downloader.a!oy!49BC767AED90
RDN/Generic.dx!c2d!D1C874703CED
W32/Sdbot.worm!A791ABA045DF
Generic.bfr!4B02F8FA4646
Generic PUP.x!8AE4D2780616
Generic.bfr!623E945441EA
RDN/Generic PUP.x!brk!54F393CA274B
Generic PUP.x!1606B7EB88C3
Generic PUP.x!9001D9284D1B
RDN/Generic PUP.x!brk!E2DD8ACF01D1
Adware-FDI!B7BD8FCD0265!B7BD8FCD0265
RDN/Generic PUP.x!8A7CA4C7372E
Generic PUP.x!415FD088C9C6
Generic.bfr!8F1C8E778185
Generic.bfr!D8DE28BFB8ED
Generic.bfr!95B6D166EFD6
Generic PUP.x!54CF97A0B720
Generic PUP.x!56F9E1AC6788
Generic PUP.x!5AFF340B19BC

Phishing

PayPal	28th January 2014
Account Notification
PayPal	27th January 2014
* CACTUS * Your account status has changed!
Natwest Bank Plc	27th January 2014
SECURITY ALERT (SECURE YOUR ONLINE CREDIT CARD ACCESS)
service@paypal.co.uk	27th January 2014
Your Account PayPal Has Been Limited !

Vulnerebility

Exploit

27.1.2014

Bugtraq

Malware

Generic PUP.x!6AE4423081B1
Generic PUP.x!85E911031511
RDN/Spybot.bfr!l!BD7D4E092BB0
Generic.bfr!627057A6267F
Generic PUP.x!BDACB46BC263
RDN/Generic PUP.x!2DFA591E16C1
Adware-DomaIQ!7DC6AC9A22CF!7DC6AC9A22CF
RDN/Generic.dx!2B07199D0153
Generic PUP.x!76414AE6C97D
Generic PUP.x!C83600C82870
Generic PUP.x!2D33BC265D1A
Adware-DomaIQ!F287AC4D253B!F287AC4D253B
RDN/Ransom!ea!B1E7ABA36A01
Generic PUP.x!3E5C3A47D034
Generic.bfr!B25DDFD38762
Generic PUP.x!B2A29854239F
Generic PUP.x!09EA90A70171
RDN/Generic PUP.x!1E73BAA774C0
Generic PUP.x!BBB97AF8D165
Adware-DomaIQ!5CDFD0D91100!5CDFD0D91100
Generic.bfr!354B7DA27B5E
Generic PUP.x!7393AE297ECE
Adware-DomaIQ!8F21208F4DFE!8F21208F4DFE
Generic PUP.x!4FC1B186BC4B
Adware-DomaIQ!BADBAB0C488D!BADBAB0C488D
Generic PUP.x!80B59DC20BCD
Generic PUP.x!B011DABAF433
Generic PUP.x!FD72D12C8679
Generic PUP.x!97697AEFF25F
Generic.bfr!D87EFCF365A3

Phishing

service@paypal.co.uk	26th January 2014
YOU HAVE CHANGED YOUR PAYPAL EMAIL ADDRESS
PayPal	26th January 2014
WE NOTICED AN ISSUE WITH YOUR ACCOUNT
NATWEST PLC	26th January 2014
Important information regarding internet banking
NatWest Bank	26th January 2014
NatWest Account Notice!
RBS	26th January 2014
Your RBS Card Important Notification.
Natwest	26th January 2014
SECURITY MESSAGE: READ CAREFULLY.
RBS	26th January 2014
RE-CONFIRM YOUR RBS CARD MEMBERSHIP
NatWest Bank	25th January 2014
Your NatWest account will be suspended
Bank of America	25th January 2014
Bank of America Alert: Sign-in to Online Banking Locked

Vulnerebility

Exploit

Ability Mail Server 2013 - Password Reset CSRF from Stored XSS (Web UI)

Oracle Outside In MDB File Parsing Stack Based Buffer Overflow PoC

Mozilla Thunderbird 17.0.6 - Input Validation Filter Bypass

25.1.2014

Bugtraq

Security Vulnerabilities in Apache Cordova / PhoneGap 2014-01-24
mgeorgiev utexas edu

[CTF] nullcon HackIM 2014 will start at 24-01-2014, when the clock will strike at 11:59 (+5:30 GMT) 2014-01-24
nullcon (nullcon nullcon net)

[CVE-2014-1664] GoToMeeting Information Disclosure via Logging Output (Android) 2014-01-24
cjlacayo gmail com

Malware

RDN/Generic PWS.y!BA8B495DA9F8
Generic.bfr!9E1764E7D22C
Generic PUP.x!36649F93DABA
Generic PUP.x!50419017E7B6
Generic PUP.x!FE238B7C19AA
Generic PUP.x!B34E098A17AA
Generic BackDoor!AB6139FA6523
Generic PUP.x!168F78F0178D
Generic.bfr!DF776E9DFAA0
Generic PUP.x!BE00272BD4AD
Generic PUP.x!257A23600F61
Generic PUP.x!4677D81A38D5
Generic PUP.x!895E707AC080
Generic PUP.x!82241E34E53B
Generic PUP.x!F880BE71BEFB
Adware-FFN!6A0003461B4B!6A0003461B4B
Generic.bfr!6C77E1806D9A
RDN/Generic.bfr!fs!AE054DC761F0
RDN/Generic Dropper!tn!43962F8DEA71
Generic.bfr!00F1B9312028
Generic PUP.x!BF0DBF080D74
RDN/Generic PUP.x!br3!8FF51606EC9A
Generic.bfr!8A476C0A8EF7
Generic PUP.x!6CC44EC0729F
Generic Downloader.x!6C0328DC3C32
Generic.bfr!F9123C673DF5
Generic PUP.x!781CED597B5F
Generic.bfr!CA6B76D9FD7A
Generic PUP.x!119A689EA497
Generic.bfr!2DC58CB145C3

Phishing

Bank of America	25th January 2014
Bank of America Alert: Sign-in to Online Banking Locked
Natwest	24th January 2014
Message From NatWest Credit Card Secuity System
NatWest	24th January 2014
WE DETECT AN ERROR WITH YOUR ACCOUNT.

Vulnerebility

Exploit

24.1.2014

Bugtraq

Cross-Site Scripting (XSS) in Komento Joomla Extension 2014-01-23
High-Tech Bridge Security Research (advisory htbridge com)

SQL Injection in JV Comment Joomla Extension 2014-01-23
High-Tech Bridge Security Research (advisory htbridge com)

Reflected cross-site scripting (XSS) vulnerability in Mediatrix Web Management Interface login page 2014-01-23
tudor enache helpag com

Malware

Generic PUP.x!FB1F5220F4C7
Generic PUP.x!AD88769E6CE7
Generic PUP.x!21E103B290C5
Generic PUP.x!975DEEBDF44B
Generic PUP.x!F269AA2FEA04
Generic PUP.x!95D500798758
Generic PUP.x!43C4FAB152A8
W32/Sdbot.worm!B8A5EC6329AA
Generic PUP.x!2C114D64DFB9
W32/Expiro!090B3B70E41B
Generic.bfr!7D629D8EF7E3
Generic PUP.x!80ACFEB29F44
Generic PUP.x!C576750AAB1B
Generic PUP.x!5A201BB4A327
Generic PUP.x!98542A0D01A0
Generic PUP.x!952DD5E71F5A
Generic PUP.x!E3731E5A05DF
Generic PUP.x!B57D9FBC11D7
Generic PUP.x!593AA8225B27
Generic PUP.x!D24C31DA58C9
Generic PUP.x!58A876CB7D6A
Generic PUP.x!92AFDECE8AC7
Generic PUP.x!4FFDB093E5AA
Generic PUP.x!A63EEEF9352A
Generic PUP.x!EBE47AFD8155
Generic.bfr!9481CCF0A6A0
Generic.bfr!E01B63D7CA76
RDN/Generic BackDoor!ws!E0580DD8BB98
Generic.bfr!B87F1FB2762D
Generic PUP.x!609CDA89DA8F

Phishing

NatWest Card	23rd January 2014
Account Schedule Maintenance !
NatWest	23rd January 2014
We Detect An Error With Your Account.

Vulnerebility

Exploit

NCH Software Express Burn Plus 4.68 (.EBP) Project File Buffer Overflow

Daum Game 1.1.0.5 ActiveX (IconCreate Method) - Stack Buffer Overflow

HP Data Protector Backup Client Service Directory Traversal

Ammyy Admin 3.2 - Authentication Bypass

MW6 Technologies Aztec ActiveX (Data param) - Buffer Overflow

MW6 Technologies DataMatrix ActiveX (Data param) - Buffer Overflow

MW6 Technologies MaxiCode ActiveX (Data param) - Buffer Overflow

23.1.2014

Bugtraq

[ MDVSA-2014:020 ] x11-server 2014-01-22
security mandriva com

Cisco Security Advisory: Cisco TelePresence System Software Command Execution Vulnerability 2014-01-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability 2014-01-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Cisco Security Advisory: Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability 2014-01-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)

Malware

Generic PUP.x!7DCC5A5683AF
Generic PUP.x!3E5BD9B7B65A
RDN/Generic PUP.x!brh!3452C439CAAE
Generic PUP.x!334716DAE2C4
RDN/Generic PUP.x!3377C4FCFD19
Generic.bfr!C350BA135F8D
Generic.bfr!E481AD73D3D2
Generic.bfr!9124533533D1
Generic.bfr!06E61C34F2B0
Generic PUP.x!931B69DB713E
Generic PUP.x!3B37D28DC1FE
Generic PUP.x!C047EFE8D69A
Generic PUP.x!A127D9D3E19D
Generic PUP.x!82D1B32D7859
Generic.bfr!BDF5BCC1C644
Generic.bfr!332C7DD20CEA
RDN/Downloader.a!ox!204AA3243D16
Generic PUP.x!34620204317D
Generic PUP.x!BE85B509057C
Generic PUP.x!8344D925DA50
Generic PUP.x!DCF09820AD6F
Generic PUP.x!15D89C0172B0
Generic PUP.x!53B8161A2F86
Generic.bfr!BE416AAFC707
Generic PUP.x!7EE05A33D866
Generic PUP.x!F60BB2A632B3
Generic PUP.x!00F4DEC3433A
Generic PUP.x!36ECD6EDA172
Generic PUP.x!B6FA48188FBE
Generic.bfr!BEAC62E01B12

Phishing

Vulnerebility

Exploit

iTechClassifieds 3.03.057 - SQL Injection

godontologico 5 - SQL Injection (0day)

Simple e-document 1.31 - Login bypass

PizzaInn_Project - SQL Injection

mySeatXT 0.2134 - SQL Injection

Easy POS System - SQL Injection (login.php)

Cells Blog 3.3 - XSS Reflected & Blind SQLite Injection

Adult Webmaster PHP - Password Disclosure

22.1.2014

Bugtraq

[ MDVSA-2014:017 ] net-snmp 2014-01-22
security mandriva com

[ MDVSA-2014:016 ] spice 2014-01-22
security mandriva com

[ MDVSA-2014:015 ] cups 2014-01-22
security mandriva com

SEC Consult SA-20140122-0 :: Critical vulnerabilities in T-Mobile HOME NET Router LTE (Huawei B593u-12) 2014-01-22
SEC Consult Vulnerability Lab (research sec-consult com)

[FFRRA-20131213] Crafted ICMP ECHO REQUEST can cause denial of service on Juniper SSG20 2014-01-22
research-feedback ffri jp

[ MDVSA-2014:014 ] php 2014-01-21
security mandriva com

[ MDVSA-2014:013 ] libxfont 2014-01-21
security mandriva com

[SECURITY] [DSA 2847-1] drupal7 security update 2014-01-20
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2014:012 ] nss 2014-01-20
security mandriva com

[ MDVSA-2014:011 ] java-1.7.0-openjdk 2014-01-20
security mandriva com

Secunia Research: OpenPNE PHP Object Injection Vulnerability 2014-01-20
Secunia Research (remove-vuln secunia com)

Malware

Generic PUP.x!B463B172F182
Generic PUP.x!B3F990F20234
RDN/Generic.bfr!fq!FF7991869860
Generic PUP.x!0C9261676A40
Generic PUP.x!A9A40EF593BC
Generic PUP.x!B023BAE9797C
Generic PUP.x!133D8BC96C17
Generic PUP.x!FD0A06D6BE4D
Generic PUP.x!558AA708B6FB
Generic PUP.x!B899CADB2455
Generic PUP.x!CAF0A68E9C57
Generic PUP.x!AF238503D913
Generic PUP.x!2AC9ABB8860C
Generic PUP.x!2DCB6FE1694D
Generic PUP.x!B471F916408E
Generic.bfr!92A6AE6A3EBA
Generic PUP.x!982E8C1E53A0
Generic PUP.x!9CA007295A67
Generic PUP.x!9D74EA03FA23
Generic PUP.x!7B2E86FBC055
Generic PUP.x!983BA72D7AD2
Generic.bfr!01B72F872C74
Generic.bfr!60297A90BB4A
Generic PUP.x!B048AF932CBA
Generic PUP.x!0C6807A1AD7D
Generic PUP.x!51C3334073FC
Generic PUP.x!873E19782A7F
Generic.bfr!AF85D05BF519
Generic PUP.x!65F9BFD8A05C
Generic PUP.x!B29208BCE2BA

Phishing

service@paypal.co.uk	21st January 2014
ONLINE ACCESS HAS BEEN SUSPENDED
Barclays Bank	21st January 2014
You Have One Unread Message
Google Docs noreply@google.com	21st January 2014
ORIGINAL DOCUMENTS!!.....

Vulnerebility

Exploit

21.1.2014

Bugtraq

Malware

RDN/Spybot.bfr!01845607536E
Generic PUP.x!755E0C8F87B5
Generic.bfr!4E68E2C90340
Generic.bfr!41740D36713E
Generic.bfr!C24795FC534D
Generic PUP.x!3C73BFAB70AD
Generic PUP.x!A292D658637E
Generic.bfr!7D3884CBEAC5
Generic.bfr!C7F8202D631B
RDN/Generic PUP.x!F6A3A4E0BBD7
Generic PUP.x!1865A2D81372
Generic PUP.x!5A7377252A5C
Generic PUP.x!D11CB2C12110
Generic PUP.x!8E05B2F74EFE
Generic.bfr!48F67FEADAA6
Generic.bfr!BEA2FB22065E
Generic PUP.x!5A60D62FF2D9
Generic PUP.x!7C189E51FB45
Generic PUP.x!164C52FDD6CF
Generic.bfr!9D849AD00DC5
Generic.bfr!70A4E884D945
Generic.bfr!B4F16DBDB39C
Generic PUP.x!D15ABA7360BB
Generic PUP.x!E9BA9409E615
Generic.bfr!B474AD1DEBEE
Generic.bfr!A5F4083B045A
Generic.bfr!AE884668A52D
Generic PUP.x!2020FE8323E7
Generic PUP.x!CDB5A6CF8411
Generic.bfr!F6EABA5F08B0

Phishing

Vulnerebility

Exploit

MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color()

Doodle4Gift - Multiple Vulnerabilities

AfterLogic Pro and Lite 7.1.1.1 - Stored XSS

Teracom Modem T2-B-Gawv1.4U10Y-BI - Stored XSS Vulnerability

BLUE COM Router 5360/52018 - Password Reset Exploit

20.1.2014

Bugtraq

Malware

Generic PUP.x!8509B16AC4DA
Generic PUP.x!886D34CF019E
ObfuscatedASX!hb!0F8C66629D8D!0F8C66629D8D
Generic PUP.x!01FA35524D3E
Adware-FFN!5347A9F3D929!5347A9F3D929
Generic.bfr!093F94A72FE0
RDN/Generic PUP.x!83AAF4C2F6D4
Generic PUP.x!5131F5306D92
Generic PUP.x!89941A66E3B4
Generic PUP.x!86614121DBD8
Generic PUP.x!67BA1C34CC88
RDN/Generic.dx!cxv!4BFD6DDB0F67
Generic PUP.x!2618C770AF33
Generic PUP.x!88EC6F996519
Generic PUP.x!E7C0C125F6A8
RDN/DNSChanger.bfr!1EA30796BD9A
Generic PUP.x!87FBBAF67D80
Generic PUP.x!6C5313536266
Generic PUP.x!E61A2ECFB2AF
Generic PUP.x!9EB2787C196F
Generic.bfr!26AFDEE6EDE7
RDN/Generic Downloader.x!17D96FC2B4AF
Generic PUP.x!1B76546139E4
RDN/Generic BackDoor!wq!D7DAACD9C373
Generic PUP.x!87EF2405D18C
Generic PUP.x!87A4FA471587
ObfuscatedASX!hb!0FF85F2C41B8!0FF85F2C41B8
Generic PUP.x!89FEB748AF86
PWSZbot-FON!0F76EC2115A5!0F76EC2115A5
Generic PUP.x!25722B752690

Phishing

ebilling@bt.com	20th January 2014
Important Information About Your BT account (cell 13)
PayPal.com	20th January 2014
ACCOUNT VALIDATION
Bank of America Alert	20th January 2014
Bank of America Alert: Thats New Required Verification Process From Bank of America Alert
Mint Credit card	19th January 2014
MINT.CO.UK - MINIMUM PAYMENT DUE
Natwest	19th January 2014
Your NatWest Card Importante Notification !
Tesco	19th January 2014
Tesco Credit Card
Google Drive	18th January 2014
IMPORTANT DOCUMENTS

Vulnerebility

Exploit

17.1.2014

Bugtraq

Open-Xchange Security Advisory 2014-01-17 2014-01-17
Martin Braun (martin braun open-xchange com)

[security bulletin] HPSBUX02961 SSRT101420 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2014-01-17
security-alert hp com

[ MDVSA-2014:004 ] nagios 2014-01-16
security mandriva com

[ MDVSA-2014:006 ] libxslt 2014-01-16
security mandriva com

[ MDVSA-2014:005 ] ejabberd 2014-01-16
security mandriva com

[ MDVSA-2014:003 ] nrpe 2014-01-16
security mandriva com

[ MDVSA-2014:002 ] bind 2014-01-16
security mandriva com

SQL Injection in Sexy Polling Joomla Extension 2014-01-16
High-Tech Bridge Security Research (advisory htbridge com)

[HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL 2014-01-16
Hafez Kamal (aphesz hackinthebox org)

CVE-2013-4200 - Plone URL redirection / Forwarding of cookie data (session hijack) in certain browsers 2014-01-16
Alexandre Herzog (alexandre herzog csnc ch)

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System 2014-01-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)

[slackware-security] openssl (SSA:2014-013-02) 2014-01-14
Slackware Security Team (security slackware com)

Online OWASP Security Challenges 2014-01-15
Ivan Buetler (ivan buetler csnc ch)

[SECURITY] [DSA 2844-1] djvulibre security update 2014-01-15
Raphael Geissert (geissert debian org)

FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete 2014-01-14
Pivotal Security Team (security gopivotal com)

[CVE-2014-1238] Cross Site Scripting(XSS) in q-pulse application 2014-01-14
ali hussein helpag com

FreeBSD Security Advisory FreeBSD-SA-14:02.ntpd 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-14:04.bind 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

FreeBSD Security Advisory FreeBSD-SA-14:03.openssl 2014-01-14
FreeBSD Security Advisories (security-advisories freebsd org)

CVE-2013-6430 Possible XSS when using Spring MVC 2014-01-14
Pivotal Security Team (security gopivotal com)

[slackware-security] libXfont (SSA:2014-013-01) 2014-01-14
Slackware Security Team (security slackware com)

[slackware-security] samba (SSA:2014-013-04) 2014-01-14
Slackware Security Team (security slackware com)

[slackware-security] php (SSA:2014-013-03) 2014-01-14
Slackware Security Team (security slackware com)

[CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application 2014-01-14
Daniel Wood (daniel wood owasp org)

[security bulletin] HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS) 2014-01-13
security-alert hp com

[SECURITY] [DSA 2843-1] graphviz security update 2014-01-13
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2842-1] libspring-java security update 2014-01-13
Moritz Muehlenhoff (jmm debian org)

[ MDVSA-2014:001 ] kernel 2014-01-13
security mandriva com

NETGEAR WNR1000v3 Password Recovery Vulnerability 2014-01-12
c1ph04mail gmail com

Malware

Generic PUP.x!2A33D3EB453C
Generic PUP.x!4BE668A899F3
Generic PUP.x!52D85A1A04C9
RDN/Generic.dx!cx3!D105C840469B
Generic.bfr!F01BD1D3CDEA
Generic.bfr!1C143D846EE7
Generic PUP.x!609AD050C20E
Generic.bfr!93568AD0DCAD
Generic PUP.x!24980CA029C6
Generic PUP.x!6BAD5DC85B03
Generic PUP.x!1E41299BF6C2
Generic PUP.x!378C14E44945
Generic PUP.x!C03843372EB8
Generic.dx!0ACB289832A8
Generic.bfr!15DC5F96AD53
Generic PWS.y!F81ECD6EDFA2
Generic PUP.x!69FB0C5E2576
RDN/Generic PUP.x!brd!AADC62FF9B93
RDN/Generic Dropper!tl!E3FD6EEA2646
Generic PUP.x!29799CD10DFD
Generic PUP.x!C6D8B34778AD
Generic PUP.x!F53437834FF7
Generic PUP.x!CABAB29710AE
Generic PUP.x!F6B486585543
Generic PUP.x!D3C407B21048
Generic PUP.x!6376D3A9D760
RDN/Generic Qhost!l!007C93968434
RDN/Generic.dx!cx3!38AD97469A9A
RDN/Generic PUP.x!brd!171A035EA516
Generic PUP.x!A5354B6452B1

Phishing

Citi Cards	17th January 2014
YOUR CITI CREDIT CARD STATEMENT
Natwest	16th January 2014
NatWest Card Online Membership Identification
NatWest ;	16th January 2014
NatWest Card Important Maintenance.
Natwest	16th January 2014
Account Schedule Maintenance
Pay Pal	15th January 2014
NEW PAYMENT TO SKYPE !
Paypal	15th January 2014
Your Account Has Been Limited
eBilling@bt.com	15th January 2014
Important Information About Your Service-Mail Update
Vodafone	15th January 2014
HMRC Notification - Tax refund (HM Revenue FONT-SIZE: 10pt">After the last annual calculations of your fiscal
Royal Bank of Scotland	15th January 2014
Account Schedule Maintenance
Apple	14th January 2014
ACCOUNT INFO CHANGES
Barclays Internet Banking	14th January 2014
BARCLAYS BANK - THIS MONTH'S E-STATEMENT IS NOW AVAILABLE TO VIEW ONLINE
Career	14th January 2014
Job Post: Customer Service Representatives
Lloyds	14th January 2014
Important Update !

Vulnerebility

Exploit

SoapUI 4.6.3 - Remote Code Execution

SerComm Device Remote Code Execution

vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload

CCProxy 7.3 - Integer Overflow Exploit

haneWIN DNS Server 1.5.3 - Denial of Service

2013

12.12.2013

Bugtraq

CORE-2013-0807 - Divide Error in Windows Kernel 2013-12-11
CORE Advisories Team (advisories coresecurity com) (1 replies)

Re: CORE-2013-0807 - Divide Error in Windows Kernel 2013-12-11
CORE Advisories Team (advisories coresecurity com)

ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities 2013-12-11
Security Alert (Security_Alert emc com)

[SOJOBO-ADV-13-05] - Vtiger 5.4.0 Reflected Cross Site Scripting 2013-12-11
advisories enkomio com

FlashCanvas 1.5 proxy.php XSS Vulnerability 2013-12-11
code 7elements co uk

Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities 2013-12-11
Vulnerability Lab (research vulnerability-lab com)

SQL Injection in InstantCMS 2013-12-11
High-Tech Bridge Security Research (advisory htbridge com)

Android Fragment Injection vulnerability 2013-12-10
Roee Hay (roeeh il ibm com)

[security bulletin] HPSBPI02945 rev.1 - HP Officejet Pro 8500 (A909) All-in-One Printer, Cross-Site Scripting (XSS) 2013-12-10
security-alert hp com

CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability 2013-12-10
CORE Advisories Team (advisories coresecurity com)

[security bulletin] HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10
security-alert hp com

[security bulletin] HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10
security-alert hp com

LiveZilla 5.1.1.0 Stored XSS in operator clients 2013-12-10
zoczus gmail com

Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities 2013-12-10
Vulnerability Lab (research vulnerability-lab com)

EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution 2013-12-10
nospam gmail it

[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application 2013-12-10
Daniel Wood (daniel wood owasp org)

Malware

RDN/Generic.dx!c2t!E2371BD49040
RDN/Generic PUP.x!b2u!5AB2B784E6DC
Generic PUP.x!0205CFA2B03C
RDN/Generic PWS.y!wl!FAB06F03AFDB
Generic PUP.x!A7D87D9348D1
Generic PUP.x!CD82FE51A89F
Generic PUP.x!7D71309AC99A
Generic PUP.x!DDC48EC3B486
RDN/Generic PUP.x!b2u!5AB1AC601775
Generic PUP.x!C4222555B389
RDN/Generic PUP.x!852F59E3739A
RDN/Generic PUP.x!b2u!5AA97EA698D8
Generic PUP.x!41F9F29C394D
Generic PUP.x!C38CE01E1665
RDN/Generic PUP.x!b2u!5AACF8923CAA
RDN/Generic PUP.x!3A01D25280B5
RDN/Generic PUP.x!b2u!FFC0454E738D
Generic PUP.x!663FC91CBA2B
Generic PUP.x!CD72784B0BEB
Generic PUP.x!5AB31AFBE7ED
RDN/Generic PUP.x!A102F55D197D
Generic PUP.x!B68A36CF29F6
Generic PUP.x!77A310C27A52
RDN/Generic.dx!c2t!34443CE7466B
RDN/Generic PUP.x!b2u!5AA8E8553C4C
Generic PUP.x!1FDA5EACFA3A
RDN/Generic.dx!c2t!7ECC6294E429
Generic PUP.x!1158BC940088
RDN/Generic PUP.x!458DFC8AD931
Generic PUP.x!F139F4F7E5FE

Phishing

DigitalBankingService	11th December 2013
Your RBS Card has been blocked
USAA	10th December 2013
Please Update your Usaa.com Account
USAA	9th December 2013
Please Update your Usaa.com Account
Bank of America	9th December 2013
your Bank of America Billing Information records are out of date.

Vulnerebility

Exploit

Adobe ColdFusion 9 - Administrative Login Bypass

HP LoadRunner EmulationAdmin - Web Service Directory Traversal

EMC Data Protection Advisor DPA Illuminator - EJBInvokerServlet RCE

vBulletin 5 - index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection

eFront v3.6.14 (build 18012) - Stored XSS in Multiple Parameters

Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities

IcoFX 2.5.0.0 (.ico) - Buffer Overflow Vulnerability

11.12.2013

Bugtraq

Android Fragment Injection vulnerability 2013-12-10
Roee Hay (roeeh il ibm com)

[security bulletin] HPSBPI02945 rev.1 - HP Officejet Pro 8500 (A909) All-in-One Printer, Cross-Site Scripting (XSS) 2013-12-10
security-alert hp com

CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability 2013-12-10
CORE Advisories Team (advisories coresecurity com)

[security bulletin] HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10
security-alert hp com

[security bulletin] HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10
security-alert hp com

LiveZilla 5.1.1.0 Stored XSS in operator clients 2013-12-10
zoczus gmail com

Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities 2013-12-10
Vulnerability Lab (research vulnerability-lab com)

EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution 2013-12-10
nospam gmail it

[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application 2013-12-10
Daniel Wood (daniel wood owasp org)

[SECURITY] [DSA 2815-1] munin security update 2013-12-09
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2813-1] gimp security update 2013-12-09
Moritz Muehlenhoff (jmm debian org)

Vulnerabilities in Apache Solr < 4.6.0 2013-12-09
Nicolas Grégoire (nicolas gregoire agarri fr)

[SECURITY] [DSA 2814-1] varnish security update 2013-12-09
Salvatore Bonaccorso (carnil debian org)

[SECURITY] [DSA 2812-1] samba security update 2013-12-09
Moritz Muehlenhoff (jmm debian org)

Print n Share v5.5 iOS - Multiple Web Vulnerabilities 2013-12-09
Vulnerability Lab (research vulnerability-lab com)

LiveZilla 5.1.0.0 Reflected XSS in translations 2013-12-08
zoczus gmail com

[SECURITY] [DSA 2811-1] chromium-browser security update 2013-12-08
Michael Gilbert (mgilbert debian org)

Opencart Multiple Vulnerabilities 2013-12-06
trueend5 yahoo com

[slackware-security] hplip (SSA:2013-339-04) 2013-12-06
Slackware Security Team (security slackware com)

[slackware-security] seamonkey (SSA:2013-339-03) 2013-12-06
Slackware Security Team (security slackware com)

[slackware-security] mozilla-thunderbird (SSA:2013-339-02) 2013-12-06
Slackware Security Team (security slackware com)

[slackware-security] mozilla-nss (SSA:2013-339-01) 2013-12-06
Slackware Security Team (security slackware com)

ESA-2013-080: RSA Security Analytics Multiple Vulnerabilities 2013-12-04
Security Alert (Security_Alert emc com)

NEW VMSA-2013-0015 VMware ESX updates to third party libraries 2013-12-06
Edward Hawkins (security vmware com)

[KIS-2013-10] openSIS <= 5.2 (ajax.php) PHP Code Injection Vulnerability 2013-12-05
Egidio Romano (research karmainsecurity com)

Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities 2013-12-05
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic.dx!442299583D6B
Generic PUP.x!3C322D39C64C
Generic.bfr!92C5B9C6C25B
RDN/Generic Qhost!F4A2F4BBBB20
RDN/Generic PUP.x!EFA160727696
RDN/Generic PUP.x!AC3EFA3871FE
RDN/Generic PUP.x!3DF32A17E3FD
RDN/Generic PUP.x!16CA5C880283
RDN/Generic PUP.x!D44D7934EFAB
RDN/Generic PUP.x!027654543518
RDN/Generic PUP.x!312BA37A5ABF
RDN/Generic PUP.x!D636036C0CAA
RDN/Generic.bfr!D5DA1C173E31
RDN/Generic PUP.x!4C7AF4D6C9B9
RDN/Generic PUP.x!4F0D842DC946
RDN/Generic PUP.x!B4F0AE315444
RDN/Generic PUP.x!8B7641CD7491
RDN/Generic BackDoor!vq!36B44890EC5B
RDN/Generic PUP.x!9B7A3703448B
RDN/Generic PUP.x!990B93FF4B17
RDN/Generic PUP.x!F921EBB55ED8
RDN/Generic PUP.x!75DA465F1EB0
RDN/Generic PUP.x!7E97855A7E2B
RDN/Generic PUP.x!FE1E34652A7B
RDN/Generic PUP.x!A344DDD4102F
RDN/Generic PUP.x!29A333ECA5BC
RDN/Generic PUP.x!F20A281E943F
RDN/Generic PUP.x!AA99670A8CC1
RDN/Generic PUP.x!F919C6CDCCE8
RDN/Generic PUP.x!2E79D4355139

Phishing

th December 2013
your Bank of America Billing Information records are out of date.
Paypal UK	9th December 2013
ERRORS WERE DETECTED ON YOUR ACCOUNT (FIX NOW)
Financial Services Authority	9th December 2013
New e-Document arrived
Wellsfargo	9th December 2013
YEAR END ONLINE BANKING UPDATE
APPLE	8th December 2013
Please confirm your apple acocunt information Date: Sun, 8 Dec 2013 02:59:01 +0200 MIME-Version: 1.0
Virgin Media Profile Updat	7th December 2013
VIRGIN MEDIA UPDATE
MINT	7th December 2013
YOUR MINT CARD IMPORTANT NOTIFICATION.

Vulnerebility

Exploit

PlaySMS <= 0.9.9.2 - CSRF

6.12.2013

Bugtraq

[PT-2013-63] Hash Length Extension in HTMLPurifier 2013-12-04
noreply ptsecurity com

NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation 2013-12-04
\VMware Security Response Center\ (security vmware com)

bugs in IJG jpeg6b & libjpeg-turbo 2013-12-04
Michal Zalewski (lcamtuf coredump cx)

[SECURITY] [DSA 2808-1] openjpeg security update 2013-12-03
Raphael Geissert (geissert debian org)

Malware

Generic.bfr!82986EEBE29B
Generic PUP.x!818698869C9D
RDN/Generic PUP.x!9F809C867BEA
RDN/Generic PUP.x!b2k!5681B913AA62
RDN/Generic PUP.x!110B508EB457
RDN/Generic Qhost!l!EF760468CACA
RDN/Generic PUP.x!b2k!FAF0DDE0E8E6
Generic PUP.x!371B3943B509
Generic.bfr!9DFF50564D16
Generic PUP.x!FF8A23074BC1
Generic PUP.x!C1F348BA5A2D
Generic PUP.x!AB5BC0042135
RDN/Generic PUP.x!D670348685EE
Generic PUP.x!20EE3E18B4C0
RDN/Generic PUP.x!D6B94F936AD1
RDN/Generic PUP.x!b2k!A35CDC4F7FEF
PWS-Zbot!5EC47A18E323
RDN/Generic BackDoor!vn!235D35074387
RDN/Generic PUP.x!b2k!FA5F4183D6FE
RDN/Generic PUP.x!b2k!70F8C2B83DDE
RDN/Generic PUP.x!b2k!7A87BE14DF1B
RDN/Generic PUP.x!b2k!9579116DDD6B
Generic PUP.x!E5335783A4B4

Phishing

© 2013 Aol Email Service	5th December 2013
ACCOUNT UPDATE (2013)
MBNA	5th December 2013
Urgent Update Required
eBay	5th December 2013
EBAY CUSTOMER SUPPORT MADE A DECISION
LLOYDS BANK REWARD	4th December 2013
Lloyds Bank - 35% cashback rewards you
Chase	4th December 2013
New Message From Chase Bank Online (SM)
Tesco	4th December 2013
TESCO REWARDS YOU!

Vulnerebility

Exploit

Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities

Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability (0Day)

Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities

5.12.2013

Bugtraq

[PT-2013-63] Hash Length Extension in HTMLPurifier 2013-12-04
noreply ptsecurity com

NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation 2013-12-04
\VMware Security Response Center\ (security vmware com)

bugs in IJG jpeg6b & libjpeg-turbo 2013-12-04
Michal Zalewski (lcamtuf coredump cx)

Malware

Generic.bfr!986F4DFCD563
RDN/Generic BackDoor!vm!A51FC455C505
RDN/Generic BackDoor!vm!F41A36A6DE19
Generic Downloader.x!10893AD8A1D0
Generic.bfr!EC5D4B5B3BEE
Generic PUP.x!F59BA0FA8913
RDN/PWS-LegMir!23C59399493C
RDN/Generic.bfr!FA5C4A4322ED
RDN/Downloader.a!oe!EC3DD30700F4
Downloader.gen.a!118228DB7BB1
Generic.bfr!208231CB08DB
Generic PUP.x!E3696F986C4B
Generic PUP.x!9EBFA84AB184
Generic PUP.x!8A671F74198F
RDN/Generic BackDoor!vm!350F57023717
RDN/Generic.bfr!fj!D4DBEC5E56EB
Generic.bfr!F23BBF8575B7
Generic Downloader.x!F2B5F740AF1B
Generic.bfr!1F0FD432B89F
Generic PUP.x!F57EDBA5A34C
Generic Downloader.x!0645E0B152F2
Generic.bfr!516758D5A813
RDN/Generic Dropper!3CDF5CFB2593
Generic PUP.x!818F2868D546
Generic.bfr!76B622A52DAD
Generic.bfr!DB32E96327D0
RDN/Generic PUP.x!b2h!B71BE1E12821
Generic.bfr!17A8AEC73717
Generic.bfr!D663010FAA8B

Phishing

LLOYDS BANK REWARD	4th December 2013
Lloyds Bank - 35% cashback rewards you
Chase	4th December 2013
New Message From Chase Bank Online (SM)
Tesco	4th December 2013
TESCO REWARDS YOU!
NatWest Credit Cards Online	3rd December 2013
[SUSPICIOUS MESSAGE] Credit Card Online Payment Confirmed - NatWest

Vulnerebility

Exploit

MySQL 5.0.x IF Query Handling Remote Denial Of Service Vulnerability

4.12.2013

Bugtraq

NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation 2013-12-04
\VMware Security Response Center\ (security vmware com)

bugs in IJG jpeg6b & libjpeg-turbo 2013-12-04
Michal Zalewski (lcamtuf coredump cx)

[SECURITY] [DSA 2808-1] openjpeg security update 2013-12-03
Raphael Geissert (geissert debian org)

Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). 2013-12-02
ScripT setInterval$function\(${for{alert$'fixme'$} } 10\) /scRIpt (tytusromekiatomek inbox com)

D-Link DIR-XXX remote root access exploit. 2013-12-02
ScripT setInterval$function\(${for{alert$'fixme'$} } 10\) /scRIpt (tytusromekiatomek inbox com)

Malware

Generic PUP.x!600892C29424
RDN/Generic Dropper!sm!2B4AF82E2FE5
RDN/Generic BackDoor!D1805079B1C0
Generic PUP.x!5A2827CFDCEE
Generic PUP.x!B7076522D78A
RDN/Generic PWS.y!wh!39939CB7CE15
RDN/PWS-Banker!cw!305D999FF37F
BackDoor-DKA!DDC2EE078D4F
BackDoor-DKA!79CB3EDEF020
BackDoor-DKA!090660944218
BackDoor-DKA!AB46739BE67C
RDN/Ransom!dw!D1ACC649466D
BackDoor-DKA!26A0C66123DC
RDN/Generic PUP.x!b2g!F42A5089BA48
RDN/Generic.dx!c2k!450A855AD379
RDN/Generic PUP.x!b2g!8DF86794356E
RDN/Generic PUP.x!b2g!8BABC1C33650
RDN/Generic PUP.x!b2g!F500D0CDF4C9
RDN/Generic PUP.x!b2g!D5918BB99456
RDN/Generic PUP.x!b2g!F4267472F832
RDN/Generic PUP.x!b2g!F42615C9F962
RDN/Qhost-Gen!bc!24C1C3F802F5
Generic Downloader.x!D63E4C93948F
RDN/Generic PUP.x!b2g!A4A2C9E31BB1
Generic PUP.x!7AFC710AFF02
RDN/PWS-Banker!cw!D49D89523D07
RDN/Generic.bfr!fe!520015E543EA
RDN/Generic PUP.x!b2g!F4267CE1A805
RDN/Generic PUP.x!b2g!949857832725

Phishing

NatWest Credit Cards Online	3rd December 2013
[SUSPICIOUS MESSAGE] Credit Card Online Payment Confirmed - NatWest
Yahoo! Mail	3rd December 2013
Validate Your Account
eBay	3rd December 2013
eBay Customer Support made a decision

Vulnerebility

Exploit

NDPROXY Local SYSTEM Privilege Escalation

3.12.2013

Bugtraq

Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities 2013-12-02
Vulnerability Lab (research vulnerability-lab com)

WorldCIST'14 - Submission deadline: December 7 2013-12-01
WorldCIST (marialemos72 gmail com)

[SECURITY] [DSA 2807-1] links2 security update 2013-11-30
Moritz Muehlenhoff (jmm debian org)

Malware

Generic.bfr!AB8CCD9B630F
RDN/Generic BackDoor!vk!5A397AAC1D8E
W32/Virut.gen!73A5FF3F5A84
RDN/Downloader.a!od!65BAC857068A
RDN/Generic BackDoor!vk!F4438E2B87BC
RDN/Generic Dropper!F8813F808D0A
Generic PUP.x!1942BC94FB6B
RDN/Generic PUP.x!b2f!7C1ADBC4CC38
RDN/Generic Dropper!83D66CBAF54D
Generic.bfr!043CF1444D40
RDN/Generic Dropper!sm!C568F291AFDD
RDN/Generic.bfr!fj!0A8EB5086E74
RDN/Generic.bfr!fj!300B87EE4757
RDN/Generic Dropper!sm!DEB9C4D62C39
RDN/Generic Dropper!CBC25DB774D9
Generic BackDoor!0BB5D7147099
RDN/Generic PUP.x!b2f!B6B2B5F9C8B6
RDN/Generic PUP.x!B515C3F11D11
RDN/Generic Dropper!sm!146ACC4D3A5D
Generic.bfr!387189DA6CE3
Generic.bfr!99FC65A63B1A
RDN/PWS-Banker!4A1B9B6ECF73
RDN/Generic PUP.x!0C5488DD43C6
Downloader-FKW!EE83F4A69265!EE83F4A69265
RDN/Generic PUP.x!b2f!843E87433B07
Generic.bfr!2CCEDA15A39C
RDN/Generic BackDoor!vk!870D2F9000BB
RDN/Generic PUP.x!b2f!E20DB1D49CBD
RDN/Generic PUP.x!b2f!BEE98C96B18A

Phishing

eBay	3rd December 2013
eBay Customer Support made a decision
NatWest	2nd December 2013
NATWEST CARD ONLINE SERVICE REVIEW
Santander Online Banking	2nd December 2013
New Security Features
Barclays Bank Plc	2nd December 2013
Additional Security Again Fraud.
INTERNATIONAL MONETARY FUND (I	2nd December 2013
INTERNATIONAL MONETARY FUND (IMF)

Vulnerebility

Exploit

Cisco Prime Data Center Network Manager Arbitrary File Upload

ABB MicroSCADA wserver.exe Remote Code Execution

Notepad++ Plugin Notepad# 1.5 - Local Exploit

2.12.2013

Bugtraq

[SECURITY] [DSA 2806-1] nbd security update 2013-11-29
Thijs Kinkhorst (thijs debian org)

FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED] 2013-11-29
FreeBSD Security Advisories (security-advisories freebsd org)

NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability 2013-11-28
Vulnerability Lab (research vulnerability-lab com)

Malware

RDN/Generic PWS.y!wg!6B42E9B43B00
RDN/Generic PUP.x!AF271DE8A2D3
Generic PUP.x!C679520E3C44
RDN/Generic PUP.x!2988EA1D6514
RDN/Generic Dropper!95629DD8B481
RDN/Generic PUP.x!b2e!1CCE15AD3CB5
RDN/Generic PUP.x!b2e!2757938A9965
RDN/Generic PUP.x!b2e!86D51585366C
RDN/Generic PUP.x!b2e!B90C846076A0
RDN/Generic PUP.x!b2e!D63B8817FDA7
RDN/Generic PUP.x!b2e!ACD8F11A543E
RDN/Generic Dropper!sl!2CC5005FB07E
Generic PUP.x!ADE558DAC967
RDN/Generic PUP.x!b2e!0E27214DD357
Generic.bfr!2BA872F6E359
Generic PUP.x!40AF2149D175
RDN/Generic PUP.x!b2e!082531D4602E
Generic Downloader.x!36B360DEE87E
Generic.bfr!1C36EF70440A
RDN/Generic PUP.x!b2e!7183E0F50BEB
RDN/Generic PUP.x!b2e!2AD89C6F8A5C
RDN/Generic PUP.x!b2e!47B8FC32B84E
RDN/Generic PUP.x!b2e!114C1CB3BBB9
RDN/Generic PUP.x!b2e!D470CC67F9DE
RDN/Generic Dropper!F85DD9CE100F
Generic PUP.x!8759E49BE198
Generic PUP.x!B8F4DE6CF93F
Generic PUP.x!B9013B047288
RDN/Generic.bfr!5B8472DF5A6C

Phishing

INTERNATIONAL MONETARY FUND (I	2nd December 2013
INTERNATIONAL MONETARY FUND (IMF)
Joanne Nemia	1st December 2013
Fwd: Important Document

Vulnerebility

Exploit

Wordpress Orange Themes CSRF File Upload Vulnerability

TVT TD-2308SS-B DVR - Directory Traversal Vulnerability

Wordpress Orange Themes CSRF File Upload Vulnerability

1.12.2013

Bugtraq

[SECURITY] [DSA 2806-1] nbd security update 2013-11-29
Thijs Kinkhorst (thijs debian org)

FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED] 2013-11-29
FreeBSD Security Advisories (security-advisories freebsd org)

NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability 2013-11-28
Vulnerability Lab (research vulnerability-lab com)

RUCKUS ADVISORY ID 10282013 - User authentication bypass vulnerability in Ruckus Access Point's administrative web interface 2013-11-27
Ruckus Product Security Team (security ruckuswireless com)

[SECURITY] [DSA 2805-1] sup-mail security update 2013-11-27
Luciano Bello (luciano debian org)

[HITB-Announce] #HITB2014AMS Call for Papers Now Open 2013-11-27
Hafez Kamal (aphesz hackinthebox org)

SQL Injection in Chamilo LMS 2013-11-27
High-Tech Bridge Security Research (advisory htbridge com)

SQL Injection in Dokeos 2013-11-27
High-Tech Bridge Security Research (advisory htbridge com)

[security bulletin] HPSBGN02942 rev.1 - HP Service Manager and ServiceCenter, Remote Code Execution 2013-11-26
security-alert hp com

[SECURITY] [DSA 2804-1] drupal7 security update 2013-11-26
Moritz Muehlenhoff (jmm debian org)

Multiple Cross-Site Scripting (XSS) in Claroline 2013-11-27
High-Tech Bridge Security Research (advisory htbridge com)

[ MDVSA-2013:287 ] drupal 2013-11-26
security mandriva com

Malware

RDN/Generic Downloader.x!iy!E2D861DBB6B9
RDN/Generic PUP.x!b2c!7953E09191C9
RDN/Autorun.worm!da!3E4953AC167F
RDN/Generic PUP.x!b2c!78F237CAA053
RDN/Generic PUP.x!b2c!78EFD1474B5C
RDN/Generic PUP.z!dn!1C429D8FA31E
Generic Dropper!107E86C655F3
Generic.bfr!6171ED25BBF3
RDN/Generic PUP.x!2831C5FF7986
RDN/Generic PUP.x!b2c!7915C2755B5B
Generic PUP.x!0C9264ECB366
Generic.bfr!A6A512BCB577
Generic.bfr!1042B955515E
Generic.bfr!A36092F1CC5B
Generic.bfr!4A73B5209687
RDN/Generic PUP.x!b2c!7924ADE455DF
Generic.bfr!27ACAAD4670C
Generic.bfr!6CAF938D077D
Generic.bfr!1F3EB7DF546F
Generic PUP.x!4418621244B5
Generic.bfr!4D1C67414FC7
RDN/Generic PUP.x!b2c!78F7E5BC00B5
Generic.bfr!B4182611C85C
Generic.bfr!E0B8E29B3172
Generic.bfr!032DB266006F
Generic.bfr!5D51370B4E11
FakeAV-Y.bfr!CD4AD0620DC0
RDN/Generic PUP.x!b2c!791F3ED6A729
RDN/Generic.bfr!D5B7E6C91BB3

Phishing

Joanne Nemia	1st December 2013
Fwd: Important Document
Virgin Media Profile Updat	30th November 2013
virgin media Update
PAYPAL	30th November 2013
Your Account Has Been Limited
Natwest Credit Card Online Ser	28th November 2013
You Have 1 New Message

Vulnerebility

Exploit

TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS

23.11.2013

Bugtraq

Unauthorized console access on Satechi travel router v1.5 2013-11-22
Luc Dore (ldore mailc net)

CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater 2013-11-22
andrew cloudpassage com

[SECURITY] [DSA 2802-1] nginx security update 2013-11-21
Thijs Kinkhorst (thijs debian org)

ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities 2013-11-21
Security Alert (Security_Alert emc com)

DC4420 (DefCon London) meeting next Tuesday, 26th November 2013 2013-11-21
Tony Naggs (tonynaggs gmail com)

[SECURITY] [DSA 2801-1] libhttp-body-perl security update 2013-11-21
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2013:278 ] samba 2013-11-21
security mandriva com

Malware

Adware-Eorezo
Generic.bfr!ECE3F818F159
Generic.bfr!25E1AF4F6913
Generic.dx!607F416EAB2E
Generic.bfr!B712F0B23E0E
Generic PUP.x!13B566957C15
RDN/Generic PUP.x!bn3!25742E9A43E3
Generic PUP.x!D6839E70F8D4
Generic.bfr!1AB02BAFD1C9
Generic.bfr!B8004B19784C
Generic.bfr!140930F7D6C7
Generic PUP.x!701E9F147B5B
Generic PUP.x!19A66E0CD9B0
RDN/Generic Dropper!D03A15184E27
Generic Downloader.x!ED1FD98F6914
Generic PUP.x!186E4446983F
RDN/Generic PUP.x!bn3!509A3EB77BF4
Generic PUP.x!18D5524D2ED3
Generic.bfr!B6DB707F7AC7
RDN/Generic PUP.x!bn3!A6995656A3D6
RDN/Generic PUP.x!bn3!14233794B8FB
RDN/Generic PUP.x!bn3!3CB0929500E4
Generic Downloader.x!B8C57FB46C65
Generic PUP.x!19BC8E91CCEE
Generic PUP.x!1684CD6DBA78
Generic.bfr!17597A39BFD4
RDN/Generic PUP.x!bn3!6F2A7AB13B74
RDN/Generic PUP.x!bn3!3DA4F5FDDAB6
Generic Downloader.x!8EF1A50C6990
RDN/Generic PUP.x!bn3!67C4B5426512

Phishing

Amazon	23rd November 2013
Important - Action Required to Amazon Account Update
PayPal	22nd November 2013
Your account has been limited until we hear from you PP-503-472-F29
YAHOO! ASIA DRAW	22nd November 2013
Yahoo! Asia Winner!

Vulnerebility

Exploit

Light Alloy 4.7.3 (.m3u) - SEH Buffer Overflow (Unicode)

22.11.2013

Bugtraq

[SECURITY] [DSA 2802-1] nginx security update 2013-11-21
Thijs Kinkhorst (thijs debian org)

ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities 2013-11-21
Security Alert (Security_Alert emc com)

DC4420 (DefCon London) meeting next Tuesday, 26th November 2013 2013-11-21
Tony Naggs (tonynaggs gmail com)

[SECURITY] [DSA 2801-1] libhttp-body-perl security update 2013-11-21
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2013:278 ] samba 2013-11-21
security mandriva com

[ MDVSA-2013:274 ] libjpeg 2013-11-21
security mandriva com

[ MDVSA-2013:276 ] curl 2013-11-21
security mandriva com

Instagram Photo Upload and Flattr Money Redirection Vulnerability 2013-11-21
pfohl rt-solutions de

Facebook Vulnerability Discloses Friends Lists Defined as Private 2013-11-21
qsrc Quotium (qsrc quotium com)

[ MDVSA-2013:277 ] lighttpd 2013-11-21
security mandriva com

[ MDVSA-2013:275 ] krb5 2013-11-21
security mandriva com

[ MDVSA-2013:272 ] poppler 2013-11-21
security mandriva com

[ MDVSA-2013:271 ] pmake 2013-11-21
security mandriva com

[ MDVSA-2013:273 ] libjpeg 2013-11-21
security mandriva com

Malware

Adware-Eorezo
RDN/Downloader.gen.a!F0F25991E6C8
RDN/Generic BackDoor!va!941A38F79F7D
RDN/Spybot.bfr!h!A0AAED80C1DA
Generic PUP.x!E0164F6178D2
Generic PUP.x!08F5CCAF1F94
Generic.bfr!C60C6A0D987D
RDN/Generic BackDoor!va!6200C664C58A
RDN/PWS-Banker!D6D41B88CD6E
Downloader-FWD
Generic Downloader.x!EB6D354F3D36
RDN/Generic BackDoor!uf!7741AA9FB399
Generic PUP.x!4457C187A244
Generic PUP.x!C1DAF2798171
ZeroAccess!288A3AFDA0EB
Generic PUP.x!E230347BCC16
Generic.bfr!543958ACD986
Generic PUP.x!26A045312A42
Generic Downloader.x!E66FAC67E0E6
Generic Downloader.x!FD0E500C22FC
Generic PUP.x!0147D4829C1C
Generic PUP.x!0BEF1D43D4E0
Generic PUP.x!EA64484540FF
Generic PUP.x!185239D49DB5
Generic PUP.x!FA3034423555
FakeAV-M.bfr!B42CC8EC08BC
Generic PUP.x!76819794D569
Generic PUP.x!FE0267C2DBA7
Generic PUP.x!5443C717B9B8
RDN/Generic.bfr!fi!6102209FCEF6

Phishing

Barclays Bank PLC	21st November 2013
YOU HAVE ONE UNREAD MESSAGE
Natwest	20th November 2013
Important NatWest Notice
Earthlink	20th November 2013
ACTION REQUIRED: EarthLink Account Update

Vulnerebility

Exploit

21.11.2013

Bugtraq

[SECURITY] [DSA 2798-2] curl security update 2013-11-20
Salvatore Bonaccorso (carnil debian org)

[ MDVSA-2013:270 ] nss 2013-11-20
security mandriva com

[ MDVSA-2013:269 ] firefox 2013-11-20
security mandriva com

Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities 2013-11-20
Vulnerability Lab (research vulnerability-lab com)

Mybb Ajaxfs Plugin Sql Injection vulnerability 2013-11-20
iedb team gmail com

Malware

Adware-Eorezo
RDN/Generic PUP.x!bm3!F521E00DFBFA
RDN/Generic.grp!gj!18B349E8C823
RDN/Generic BackDoor!uz!D17178E6E98E
Generic PUP.x!20B76EDFFD8D
Generic PUP.x!2030374CC4B6
Generic PUP.x!1E9B34ED5348
RDN/Generic BackDoor!D57F0D2C84C5
Generic PUP.x!1CF7BF9DDD9A
RDN/Generic.dx!D48D880F75C0
Generic PUP.x!1C170BB12F73
RDN/Generic PUP.x!bm3!1A9C54F85E28
Generic PUP.x!1A36D4944B31
Generic PWS.y!D0A66CA64774
RDN/Generic BackDoor!uz!1D11231E8CBC
Generic PUP.x!1E31DF58629D
RDN/Generic PUP.x!bm3!1C4E5C1721BE
RDN/Generic BackDoor!uz!ED8509FE8E19
Generic PUP.x!19BFB3AB6AB3
Generic PUP.x!1B1954767052
Generic PUP.x!1A8F730DE23A
RDN/Generic PUP.x!bm3!168E6401D25D
Generic PUP.x!6C5938C5CCE3
Generic PUP.x!1A457B0FF6AA
RDN/Qhost-Gen!bb!1A1ADB10E612
Generic PUP.x!18CE5CB13915
Generic PUP.x!197A4749108E
Generic PUP.x!1CE41085BCF3
Generic PUP.x!1D170C5114DE
Generic PUP.x!178AC3B23A3C

Phishing

Natwest	20th November 2013
Important NatWest Notice
Earthlink	20th November 2013
ACTION REQUIRED: EarthLink Account Update
Yahoo! Services	20th November 2013
Yahoo! Account Update
Natwest Credit Card Online Ser	20th November 2013
YOU HAVE 1 NEW MESSAGE
ANZ	20th November 2013
ANZ Account Transactions

Vulnerebility

Exploit

20.11.2013

Bugtraq

Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities 2013-11-20
Vulnerability Lab (research vulnerability-lab com)

Mybb Ajaxfs Plugin Sql Injection vulnerability 2013-11-20
iedb team gmail com

Paypal Bug Bounty #14 - Persistent Payment Mail Encoding Vulnerability 2013-11-20
Vulnerability Lab (research vulnerability-lab com)

[ MDVSA-2013:268 ] torque 2013-11-19
security mandriva com

Intersystems Cache Remote Code Execution (via Default 'Minimal Security' Install) 2013-11-19
bruk0ut sec gmail com

XADV-2013007 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow 2013-11-19
geinblues gmail com

XADV-2013008 Linux Kernel 3.11.7 <= sk_attach_filter Kernel Heap Corruption 2013-11-19
geinblues gmail com

XADV-2013003 Linux Kernel fbdev Driver arcfb_write() Overflow 2013-11-19
geinblues gmail com

pineapp mailsecure remote no authenticated privilege escalation & remote execution code 2013-11-19
rubengarrote gmail com

ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities 2013-11-19
Security Alert (Security_Alert emc com)

[ MDVSA-2013:267 ] java-1.7.0-openjdk 2013-11-19
security mandriva com

[ MDVSA-2013:266 ] java-1.6.0-openjdk 2013-11-19
security mandriva com

16TH AVAR INTERNATIONAL SECURITY CONFERENCE 2013 - (4th-7th Dec'13, Chennai. India) 2013-11-19
Gregory Panakkal (gregory_panakkal fastmail fm)

FreeBSD Security Advisory FreeBSD-SA-13:14.openssh 2013-11-19
FreeBSD Security Advisories (security-advisories freebsd org)

SKIDATA RFID Freemotion.Gate Unauthenticated Web Service Aribtrary Remote Command Execution 2013-11-19
Dennis Kelly (dennis kelly gmail com)

Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] seamonkey (SSA:2013-322-04) 2013-11-19
Slackware Security Team (security slackware com)

PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] samba (SSA:2013-322-03) 2013-11-19
Slackware Security Team (security slackware com)

[slackware-security] openssh (SSA:2013-322-02) 2013-11-19
Slackware Security Team (security slackware com)

[slackware-security] mozilla-firefox (SSA:2013-322-01) 2013-11-19
Slackware Security Team (security slackware com)

Malware

Generic FakeAlert!FDDB8ECBABC6
Generic PUP.x!792F635505E6
RDN/Generic Dropper!sh!C51C24B84683
Generic PUP.x!B23D6AEEAFF1
Generic.dx!8BE96C170761
Generic PUP.x!F7A8AA16C49A
Downloader-FLN!181C2FF53647!181C2FF53647
Downloader-FLN!D01A7E94A30B!D01A7E94A30B
Generic.bfr!D2DA276EC91D
RDN/Generic PUP.x!bmv!CEAAEDD6240D
Generic StartPage!DF4D9A853865
RDN/Generic PUP.x!6453DC723515
RDN/Generic PUP.x!bmv!91F294458C94
RDN/BackDoor-AWQ!2465084E350F
Generic Downloader.x!C6F7CD2976A0
RDN/Generic BackDoor!uz!C20CA45EAD0C
RDN/Generic BackDoor!uz!D7819D0B02FB
RDN/Generic PUP.x!43439DF81A87
Generic PUP.x!794A61131ACE
RDN/Generic PUP.x!bmv!D75ED91895BB
RDN/Generic PUP.x!bmv!25721ACADE01
RDN/Generic.dx!ctr!CE28277A897B
W32/Sality.gen!8C4444BC9B86
Generic Downloader.x!7F5566C5E924
Generic PWS.y!43E08AFF881E
RDN/Generic PUP.x!bmv!2CECC82A6ADF
RDN/Generic PUP.x!bmv!EC8C6CD163B2
Generic PUP.x!E3070FDF06D4
RDN/Generic PUP.x!bmv!2EDB7054965E
Generic PUP.x!672D79478DAD

Phishing

Barclays	19th November 2013
Important Information From Barclays
Halifax	19th November 2013
Irregular activity on your halifax online Account
Lloyds	19th November 2013
YOU HAVE 1 NEW MESSAGES AVAILABILITY
Littlewoods	19th November 2013
YOU HAVE 1 NEW MESSAGE

Vulnerebility

Exploit

Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass

DeepOfix SMTP Server 3.3 - Authentication Bypass

JPEGView 1.0.29 - Crash PoC

19.11.2013

Bugtraq

Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] seamonkey (SSA:2013-322-04) 2013-11-19
Slackware Security Team (security slackware com)

PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability 2013-11-19
Vulnerability Lab (research vulnerability-lab com)

[slackware-security] samba (SSA:2013-322-03) 2013-11-19
Slackware Security Team (security slackware com)

[slackware-security] openssh (SSA:2013-322-02) 2013-11-19
Slackware Security Team (security slackware com)

[slackware-security] mozilla-firefox (SSA:2013-322-01) 2013-11-19
Slackware Security Team (security slackware com)

[SOJOBO-ADV-13-04] - PHP-Nuke 8.2.4 multiple vulnerabilities 2013-11-18
advisories enkomio com

Re: Fwd: vulnerability issue for DB2 express 2013-11-18
shatter appsecinc com

[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass 2013-11-15
Tim Brown (timb openvas org)

Information Security Forecast 2014 2013-11-17
Jeimy Cano (jjcano yahoo com)

[SECURITY] [DSA 2798-1] curl security update 2013-11-17
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2797-1] chromium-browser security update 2013-11-17
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2795-2] lighttpd regression update 2013-11-17
Michael Gilbert (mgilbert debian org)

XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs 2013-11-16
geinblues gmail com

XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug 2013-11-16
geinblues gmail com

[CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability 2013-11-16
Julien Ahrens (info rcesecurity com)

Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin 2013-11-15
High-Tech Bridge Security Research (advisory htbridge com)

NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability 2013-11-15
\VMware Security Response Center\ (security vmware com)

Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x 2013-11-14
Kevin Cernekee (cernekee gmail com)

APPLE-SA-2013-11-14-1 iOS 7.0.4 2013-11-14
Apple Product Security (product-security-noreply lists apple com)

Re: [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-11-14
Rodzbry27 yahoo com

Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-11-14
Rodzbry27 yahoo com

Re: DS3 Authentication Server - Multiple Issues 2013-11-13
support ds3global com

Dahua DVR Authentication Bypass - CVE-2013-6117 2013-11-13
Jake Reynolds (Jake depthsecurity com)

[SECURITY] [DSA 2797-1] icedove security update 2013-11-13
Moritz Muehlenhoff (jmm debian org)

Android Superuser shell character escape vulnerability 2013-11-13
Kevin Cernekee (cernekee gmail com)

Superuser unsanitized environment vulnerability on Android <= 4.2.x 2013-11-13
Kevin Cernekee (cernekee gmail com) (1 replies)

Malware

Generic Dropper!A65DFFFA94E2
Generic.bfr!F4F4FC4E3F10
Generic PUP.z!09F87F62B341
Generic Flooder!3F561BFAA5B2
Generic Downloader.x!5D6883464307
RDN/Generic.bfr!fi!F87C2405733B
W32/Sality.gen!9A273DCD874F
RDN/Generic PUP.x!bms!A7764F29DD2A
Generic Dropper!3285F012406F
RDN/Generic PUP.x!bms!D92C9496B9AC
RDN/Autorun.worm!cz!4F877FDF574D
Generic.bfr!C9E0B9F09327
Generic.bfr!B68B2EED282E
RDN/Generic BackDoor!B8F41659FFEC
Generic Downloader.x!1B22A2F64829
Generic StartPage!41151BF4172E
Downloader.gen.a!854BEF265929
Generic FakeAlert!46CAFBEA3831
RDN/Generic FakeAlert!49507F1C8DBA
Generic StartPage!02DC990C95BB
Generic PUP.x!3FD2B7E5AA3C
RDN/BackDoor-AWQ!D8E3687B1E03
Generic PUP.x!977A5D300DB3
RDN/Generic PUP.x!bms!FB3F684A7668
RDN/Generic PUP.x!bms!F4CD10FA097C
RDN/Spybot.bfr!h!58FD7364D301
RDN/Generic PUP.x!bms!90557AC8A306
RDN/PWS-Lineage!bb!28569F0D1EFF
RDN/Generic BackDoor!uy!BAEFF604AAC3
RDN/Generic Dropper!28BF9469D254

Phishing

Lloyds	19th November 2013
YOU HAVE 1 NEW MESSAGES AVAILABILITY
Littlewoods	19th November 2013
YOU HAVE 1 NEW MESSAGE
Littlewoods	18th November 2013
YOU HAVE 1 NEW MESSAGE
Lloyds	17th November 2013
YOU HAVE 1 NEW MESSAGES AVAILABILITY

Vulnerebility

Exploit

18.11.2013

Bugtraq

[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass 2013-11-15
Tim Brown (timb openvas org)

Information Security Forecast 2014 2013-11-17
Jeimy Cano (jjcano yahoo com)

[SECURITY] [DSA 2798-1] curl security update 2013-11-17
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2797-1] chromium-browser security update 2013-11-17
Michael Gilbert (mgilbert debian org)

[SECURITY] [DSA 2795-2] lighttpd regression update 2013-11-17
Michael Gilbert (mgilbert debian org)

XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs 2013-11-16
geinblues gmail com

XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug 2013-11-16
geinblues gmail com

Malware

RDN/Generic Dropper!sf!329682E7DEFF
RDN/Generic Dropper!sf!9868A5DC2A85
RDN/Generic Dropper!sf!3B7BDF550EE7
RDN/Generic Dropper!sf!770A8F3380AE
RDN/Generic Dropper!sf!9D1AE0579116
RDN/Generic Dropper!sf!6492110A768B
RDN/Generic Dropper!sf!244BC9C64EE1
RDN/Generic Dropper!sf!95B0F6DF318C
RDN/Generic Dropper!sf!251314C41409
RDN/Generic Dropper!sf!9EF184DD93BD
RDN/Generic Dropper!sf!95BF9A222FD9
RDN/Generic Dropper!sf!04278BDF5F30
RDN/Generic Dropper!sf!26D85522E115
RDN/Generic Dropper!sf!2CF608D43A99
RDN/Generic Dropper!sf!451B300DE980
RDN/Generic Dropper!sf!9D33A106D863
RDN/Generic Dropper!sf!0963E79F1BB6
RDN/Generic Dropper!sf!8916548D0F12
RDN/Generic Dropper!sf!26AD05643784
RDN/Generic Dropper!sf!3B9B29389872
RDN/Generic Dropper!sf!2D0DCB953762
RDN/Generic Dropper!sf!24F6727A7A6E
RDN/Generic Dropper!sf!79E758C5260D
RDN/Generic Dropper!sf!45C9F6E50F1C
RDN/Generic Dropper!sf!2454492E36F0
RDN/Generic Dropper!sf!462146729751
RDN/Generic Dropper!sf!1DDF8285BEBE
RDN/Generic Dropper!sf!26F127A658BD
RDN/Generic Dropper!sf!3BB2835DA26E
RDN/Generic Dropper!sf!45414B7AE885

Phishing

Lloyds	17th November 2013
YOU HAVE 1 NEW MESSAGES AVAILABILITY
National Westminster	15th November 2013
ACCOUNT REVEIW
Lloyds Bank	14th November 2013
ACCESS TO ONLINE BANKING SERVICE

Vulnerebility

Exploit

Avira Secure Backup 1.0.0.1 Build 3616 (.reg) - Buffer Overflow

Supermicro Onboard IPMI close_window.cgi Buffer Overflow

Wordpress Euclid Theme - CSRF Vulnerability

Wordpress Dimension Theme - CSRF Vulnerability

Wordpress Amplus Theme - CSRF Vulnerability

Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability

LiveZilla version 5.0.1.4 - Remote Code Execution

Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass

ManageEngine DesktopCentral 8.0.0 build 80293 - Arbitrary File Upload Vulnerability

Kaseya 6.3.0.2 - Arbitrary File Upload Vulnerability