End-of-Shift report
Timeframe: Freitag 19-10-2012 18:00 − Montag 22-10-2012 18:00
Handler: Robert Waldner
Co-Handler: Christian Wojner
Dutch government seeks to let law enforcement hack foreign computers
"The Dutch government wants to give law enforcement authorities the power to hack into computers, including those located in other countries, for the purpose of discovering and gathering evidence during cybercrime investigations. In a letter that was sent to the lower house of the Dutch parliament on Monday, the Dutch Minister of Security and Justice Ivo Opstelten outlined the governments plan to draft a bill in upcoming months that would provide law enforcement authorities with new
http://www.cio.com.au/article/439620/dutch_government_seeks_let_law_enforcement_hack_foreign_computers/?fp=4&fpid=51238
Joomla Commedia 3.1 SQL Injection
Topic: Joomla Commedia 3.1 SQL Injection Risk: Medium Text: Exploit Title: Joomla commedia Remote Exploit dork: inurl:index.php?option=com_commedia Date: [18-10-2012] Autho...
http://feedproxy.google.com/~r/securityalert_database/~3/ixjlWHyPfk0/WLB-2012100160
F5 FirePass SSL VPN 4xxx Series & Arbitrary URL Redirection
Topic: F5 FirePass SSL VPN 4xxx Series & Arbitrary URL Redirection Risk: Low Text:1. OVERVIEW F5 FirePass SSL VPN is vulnerable to Open URL Redirection. 2. BACKGROUND F5 FirePass SSL VPN provides se...
http://feedproxy.google.com/~r/securityalert_database/~3/jehSXRUk280/WLB-2012100175
WordPress Wordfence Security XSS and IAA vulnerabilities
Topic: WordPress Wordfence Security XSS and IAA vulnerabilities Risk: Low Text:I want to warn you about Cross-Site Scripting and Insufficient Anti-automation vulnerabilities in Wordfence Security for Word...
http://feedproxy.google.com/~r/securityalert_database/~3/ixOVIlVAzxA/WLB-2012100168
Joomla Tag SQL Injection
Topic: Joomla Tag SQL Injection Risk: Medium Text: Exploit Title: Joomla tag Remote Sql Exploit dork: inurl:index.php?option=com_tag Date: [18-10-2012] Author: Dan...
http://feedproxy.google.com/~r/securityalert_database/~3/t2QhRZO4mj0/WLB-2012100162
Joomla Freestyle Support 1.9 SQL Injection
Topic: Joomla Freestyle Support 1.9 SQL Injection Risk: Medium Text: Exploit Title: Joomla Freestyle Support com_fss sqli Dork: N/A Date: [17-10-2012] Author: Daniel Barragan "D4NB4...
http://feedproxy.google.com/~r/securityalert_database/~3/BL5miMrFF0w/WLB-2012100161
Internet Explorer 9 XSS Filter Bypass
Topic: Internet Explorer 9 XSS Filter Bypass Risk: Low Text: # Internet Explorer 9 XSS Filter Bypass # Discovered by: Jean Pascal Pereira
http://feedproxy.google.com/~r/securityalert_database/~3/0YxVKyCrmJU/WLB-2012100176
US government cyber attack warnings are hypocritical, claims F-Secure chief
"Renowned security expert Mikko Hypponen has publicly given the US government a tongue lashing by claiming its warnings on cyber attacks are hypocritical. The F-Secure security chief criticised the US Defense Secretary Leon Panetta for saying that the country is on the cusp of experiencing a "cyber Pearl Harbor" in a speech last week. Panetta had claimed that the US government and critical infrastructure businesses are currently being besieged by state sponsored hackers with
http://www.v3.co.uk/v3-uk/news/2218614/us-government-cyber-attack-warnings-are-hypocritical-claims-fsecure-chief
Billabong hacked, threats of mass data leaks from @GoatseSec
One of the worlds largest surfing based brands has come under the eye of hackers after they gained access to its database via a exploitable wordpress installation.
http://www.cyberwarnews.info/2012/10/21/billabong-hacked-threats-of-mass-data-leaks-from-goatsesec/
Adobe reader 10.1.4 memory corruption
Topic: Adobe reader 10.1.4 memory corruption Risk: High Text:#!/usr/bin/perl #Title : Adobe reader 10.1.4 memory corruption #Version : 10.1.4.38 #Date : 2012-10-12 #Vendor ...
http://feedproxy.google.com/~r/securityalert_database/~3/qrIZMwM6M7g/WLB-2012100190
cpanel 11.32.5 (build 11) 11.32.5.11 CSRF
Topic: cpanel 11.32.5 (build 11) 11.32.5.11 CSRF Risk: Low Text: = Vulnerable Software: cPanel version : 11.32.5 (build 11)-11.32.5.11 [ cPanel Pro ] Vulnerability: CSRF Vendor: cpanel....
http://feedproxy.google.com/~r/securityalert_database/~3/CNVJqOmG7OI/WLB-2012100188
Service Sells Access to Fortune 500 Firms
An increasing number of services offered in the cybercrime underground allow miscreants to purchase access to hacked computers at specific organizations. For just a few dollars, these services offer the ability to buy your way inside of Fortune 500 company networks.
http://feedproxy.google.com/~r/KrebsOnSecurity/~3/3T5OQmyiwT4/
Movable Type Pro 5.13en Cross Site Scripting
Topic: Movable Type Pro 5.13en Cross Site Scripting Risk: Low Text:Keywords: CVE-2012-1503, Movable Type Pro 5.13en, Stored XSS, JavaScript Injection, Vendor Unresponsive, Full Disclosure In...
http://feedproxy.google.com/~r/securityalert_database/~3/UKDndJWwGNA/WLB-2012100193