28Jul 2016

0

0

0
Gary Johnson: I’d Consider Pardoning Snowden, Chelsea Manning
The News by w00t

An anonymous reader writes from a report via Vocativ: [Vocativ reports:] “The U.S.’s most popular third-party presidential candidate says he would ‘consider’ pardoning the highest profile convicts of computer-related crimes in the country, including Chelsea Manning, Ross Ulbricht, & Jeremy Hammond. Libertarian candidate Gary Johnson, a former governor of New Mexico, moreover reiterated his possible […]

Read More
28Jul 2016

0

0

0
WikiLeaks Releases Hacked Voicemails From DNC Officials
The News by w00t

An anonymous reader writes: Late Wednesday afternoon as the Democratic National Convention was in full swing, Julian Assange & WikiLeaks decided to follow through with an earlier statement by publishing hacked voicemails of top democratic officials. There are 29 leaked recordings, which are identified by phone number & total approximately 14 minutes combined. Many of […]

Read More
28Jul 2016

0

0

0
Google Launches Docs and Sheets Add-ons For Android
The News by w00t

An anonymous reader writes: Google today announced the launch of new add-ons for the Android versions of Google Docs & Google Sheets. Those services have offered integrations with third-party tools on the web, & now a similar capability is coming to Google’s mobile operating system. There’s now a dedicated section for add-ons for Docs & […]

Read More
28Jul 2016

0

0

0
Microsoft Faces Two New Lawsuits Over Aggressive Windows 10 Upgrade Tactics
The News by w00t

Microsoft is facing two more lawsuits over its Windows 10 upgrade tactics. The first lawsuit comes from U.S. District Court in Florida, where the company has been accused of violating “laws governing unsolicited electronic advertisements” The suit, PCWorld reports, says Microsoft’s tactics are against the FTC’s rules on deceptive & unfair practices. The second lawsuit […]

Read More
28Jul 2016

0

0

0
Stiglitz Calls Apple’s Profit Reporting In Ireland ‘a Fraud’
The News by w00t

Jeanna Smialek, & Alex Webb, reporting for Bloomberg: Nobel economist Joseph Stiglitz said U.S. tax law that allows Apple to hold a large amount of cash abroad is “obviously deficient” & called the company’s attribution of significant earnings to a comparatively small overseas unit a “fraud.” “Our current tax system encourages companies to keep their […]

Read More
28Jul 2016

0

0

0
Microsoft To Disable Policies In Windows 10 Pro With Anniversary Update
The News by w00t

Reader BobSwi writes: More changes in the Windows Anniversary update, due August 2nd, are being discovered. After yesterday’s news approximately Cortana not able to be turned off in the Windows Anniversary update, certain registry entries & group policies have been found to be updated with a note stating that they only apply to Enterprise & […]

Read More
28Jul 2016

0

1

0
Tumblr To Introduce Ads Across All Blogs
The News by w00t

Reader evelynlewis445 writes: Tumblr this week quietly announced plans to roll out a new advertising program across its site which will see it implementing ads across users’ blogs. The company did not provide specific details on how the program will operate, yet it appears to be an expansion of its earlier Creators program, which connects […]

Read More
28Jul 2016

0

0

0
AT&T Violated Rule Requiring Low Prices For Schools, FCC Says
The News by w00t

Jon Brodkin, reporting for Ars Technica: AT&T overcharged two Florida school districts for phone service & should have to pay approximately $170,000 to the U.S. government to settle the allegations, the Federal Communications Commission said yesterday. AT&T disputes the charges & will contest the decision. The FCC issued a Notice of Apparently Liability (NAL) to […]

Read More
28Jul 2016

0

0

0
Getty Sued For $1 Billion For Selling Publicly Donated Photos
The News by w00t

An anonymous reader writes: Online stock media library Getty Images is facing a $1 billion lawsuit from an American photographer for illegally selling copyright for thousands of photos. The Seattle-based company has been sued by documentary photographer Carol Highsmith for ‘gross misuse’, after it sold more than 18,000 of her photos despite having already donated […]

Read More
28Jul 2016

0

0

0
Using VPN in UAE Could Cost You $545,000
The News by w00t

An anonymous reader writes: The President of the United Arab Emirates has issued a series of new federal laws relating to IT crimes, including a regulation that forbids anyone in the UAE from making use of virtual private networks to secure their web traffic from prying eyes. The new law states that anyone who uses […]

Read More
28Jul 2016

0

1

0
Oracle To Buy Cloud-Software Provider NetSuite For $9.3 Billion
The News by w00t

Oracle announced Thursday that it has agreed to buy NetSuite for $9.3 billion, in a move to bolster its cloud-computing offerings as it races to catch up to rivals. Both companies provide applications for running a business called enterprise-resource-planning software. Bloomberg reports: Oracle, which sells software to huge corporations, has been trying to shift more […]

Read More
28Jul 2016

0

0
Exponent CMS 2.3.9 XSS / User Injection

Exponent CMS version 2.3.9 suffers from a cross site scripting vulnerability that allows for user account addition. View Source

Read More
28Jul 2016

0

0
Zortam Media Studio 20.60 Buffer Overflow

Zortam Media Studio version 20.60 suffers from a buffer overflow vulnerability. View Source

Read More
28Jul 2016

0

0
Debian Security Advisory 3633-1

Debian Linux Security Advisory 3633-1 – Multiple vulnerabilities have been discovered in the Xen hypervisor. View Source

Read More
28Jul 2016

0

0

0
The Most Popular Product Of All Time
The News by w00t

Apple announced on Wednesday that it sold its one-billionth iPhone last week. To understand the magnitude of the milestone, Asymco’s Horace Dediu has compiled a list of the best-selling products across several categories. From his post (link shared via email by reader JoshTops):Car model: VW Beetle 21.5 million; car brand: Toyota Corolla 43 million; music […]

Read More
28Jul 2016

0

1

0
E-Cigarettes Emit Toxic Vapors, Says Study
The News by w00t

An anonymous reader quotes a report from UPI: All electronic cigarettes emit harmful chemicals, & levels of those toxic compounds are affected by factors such as temperature, type & age of the device, a new study finds. In laboratory tests, scientists found that the heat-related breakdown of propylene glycol & glycerin — two solvents found […]

Read More
28Jul 2016

0

1
Saveya Script Insertion

Saveya suffers from a malicious script insertion vulnerability. View Source

Read More
28Jul 2016

0

1
Zoll Checklist 1.2.2 Script Insertion

Zoll Checklist version 1.2.2 suffers from a malicious script insertion vulnerability. View Source

Read More
28Jul 2016

0

0

0
ULA Interns Launch Record-Breaking 50-Foot Rocket
The News by w00t

schwit1 writes: A team of United Launch Alliance (ULA) interns, working in their spare time, have successfully launched the largest model rocket every built. Space.com reports: “On Sunday (July 24), ULA launched the 50-foot-tall (15.24 meters) Future Heavy rocket out of Fort Carson Army Post, breaking the record for ‘the largest sport rocket launched anywhere […]

Read More
28Jul 2016

0

1
AppArmor aa_fs_seq_hash_show Reference Count Leak

AppArmor has a reference count leak in aa_fs_seq_hash_show that can be used to overflow the reference counter & trigger a kernel use-after-free. View Source

Read More
28Jul 2016

0

0

0
Tech Takes Its K-12 CS Education and Immigration Crisis To the DNC
The News by w00t

theodp writes: In early 2013, Code.org & FWD.us coincidentally emerged after Microsoft suggested tech’s agenda could be furthered by creating a crisis linking U.S. kids’ lack of computer science savvy to tech’s need for tech worker visas. Three years later, CNET’s Marguerite Reardon reports that tech took its K-12 computer science & immigration crisis to […]

Read More
28Jul 2016

0

1
Wireshark Analyzer 2.0.5

Wireshark is a GTK+-based network protocol analyzer that lets you capture & interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix & Win32 & to donate Wireshark features that are missing from closed-source sniffers. View Source

Read More
28Jul 2016

0

0
AXIS Authenticated Remote Command Execution

Multiple products from AXIS suffer from a remote command execution vulnerability. View Source

Read More
28Jul 2016

0

1
Avaya VOSS 4.1.0.0 SPB Traffic Traversal

Avaya Fabric Connect VSP, under specific conditions, can accept & process specially crafted & spoofed Ethernet frames, which can lead to unauthorized access to devices intended to be secured from untrusted traffic sources. The vulnerability is caused by mishandling VLAN & I-SID indexes within the Fabric infrastructure. Version 4.1.0.0 is affected. View Source

Read More
28Jul 2016

0

1
Red Hat Security Advisory 2016-1519-01

Red Hat Security Advisory 2016-1519-01 – Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, & monitor JBoss Enterprise Middleware, applications, & services. This JBoss Operations Network 3.3.6 release serves as a replacement for JBoss Operations Network 3.3.5, & includes several bug fixes. View […]

Read More
28Jul 2016

0

1
Debian Security Advisory 3632-1

Debian Linux Security Advisory 3632-1 – Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.26. Please see the MariaDB 10.0 Release Notes for further details. View Source

Read More
28Jul 2016

0

1

0
Tor Project Confirms Sexual Misconduct By Developer Jacob Appelbaum
The News by w00t

An anonymous reader quotes a report from The Verge: The Tor Project, a nonprofit known for its online anonymity software, says it has verified claims that former employee Jacob Appelbaum engaged in “sexually aggressive behavior” with people inside & outside of its organization. “We have confirmed that the events did take place as reported,” Shari […]

Read More
28Jul 2016

0

1
LastPass 4.1.20a Communication Design Flaw

LastPass version 4.1.20a on Windows suffers from some issues where the add-on works by injecting elements & event handlers into the page. The attached proof of concept will delete a given file. View Source

Read More
28Jul 2016

0

1

0
Tesla and Autopilot Supplier Mobileye Split Up After Fatal Crash
The News by w00t

An anonymous reader quotes a report from USA Today: Tesla & Mobileye, one of the top suppliers to its Autopilot partial self-driving system, are parting ways in the wake of the May accident that killed an owner of one of its electric Model S sedans. Mobileye is considered a leader in developing the equipment that […]

Read More
28Jul 2016

0

2

0
Hyperloop One Announces Opening of Its First Manufacturing Plant
The News by w00t

An anonymous reader quotes a report from TechCrunch: Hyperloop One is today announcing the opening of its first manufacturing plant. Called Hyperloop One Metalworks, the 105,000 square-foot building in North Las Vegas will be the new professional home of many of the company’s 170 employees, including engineers, machinists & welders. These folks will build & […]

Read More
28Jul 2016

0

1

0
ALS Ice Bucket Challenge Funding Leads To New Genetic Findings
The News by w00t

An anonymous reader writes: Researchers are crediting the ALS Ice Bucket Challenge, a fundraiser for amyotrophic lateral sclerosis that went viral in 2014, for funding a new study that has possibly identified a usual gene that contributes to the nervous system disease. Yahoo reports via Good Morning America: “In a study published in The Nature […]

Read More
27Jul 2016

0

1

0
Office 365 Gets New Word, PowerPoint and Outlook Features
The News by w00t

New submitter Miche67 writes: As part of the July 2016 update to Office 365, Microsoft is adding several features across the board to Word, PowerPoint & Outlook. Word, however, is getting the biggest new features — Researcher & Editor — to improve your writing. “As its name implies, Researcher is designed to assist the user […]

Read More
27Jul 2016

0

1

0
Amazon Debuts a Dedicated Shop For Kickstarter Products
The News by w00t

An anonymous reader quotes a report from TechCrunch: Today, Amazon announced it’s teaming up with Kickstarter to offer those successful Kickstarter products a way to reach more customers through a dedicated section on Amazon’s website. Via www.amazon.com/launchpad/kickstarter, the online retailer is now featuring a group of over 300 Kickstarter products across a variety of categories, […]

Read More
27Jul 2016

0

2

0
One Billion iPhones Have Been Sold, Apple Says
The News by w00t

Apple announced on Wednesday that it has sold its one billionth iPhone handset. The milestone comes nine years after the iPhone was first introduced. The phone has unarguably shaped the smartphone industry & bolstered the apps market. In a statement, Tim Cook said: iPhone has become one of the most important, world-changing & successful products […]

Read More
27Jul 2016

0

1

0
Comcast Excited To Have Lost 4,000 TV Subscribers This Spring
The News by w00t

An anonymous reader writes from a report via The Consumerist: Comcast has released their second quarter results & they are pleased to announce that they lost 4,000 TV subscribers in the last three months. Why are they so pleased to announce such a loss? Because, compared to the same time last year where they lost […]

Read More
27Jul 2016

0

1

0
Rio Olympics Will Be First Sporting Event Watched By ‘Eye In The Sky’ Drone Cameras
The News by w00t

tedlistens quotes a report from Fast Company: When the Olympic Games commence next month in Rio de Janeiro, billions of people are expected to watch athletes from countries around the world compete. But moreover watching over the Olympic & Paralympic events will be a set of futuristic, balloon-mounted surveillance camera systems capable of monitoring a […]

Read More
27Jul 2016

0

1

0
C Top Programming Language For 2016, Finds IEEE’s Study
The News by w00t

IEEE Spectrum, a highly regarded magazine edited by the Institute of Electrical & Electronics Engineers, has released its annual programming languages list, sharing with the world how several languages fared against each other. To assess the languages the publication says it worked with a data journalist & looked into 10 online sources — including social […]

Read More
27Jul 2016

0

2

0
New York DA Wants Apple, Google To Roll Back Encryption
The News by w00t

An anonymous reader writes: Manhattan District Attorney Cyrus Vance Jr. called on Apple & Google to weaken their device encryption, arguing that thousands of crimes remained unsolved because no one can crack into the perpetrators’ phones. Vance, speaking at the International Conference on Cyber Security here, said that law enforcement officials did not need an […]

Read More
27Jul 2016

0

2

0
James Cameron: Theater Experience Key To Containing Piracy
The News by w00t

Director James Cameron says that the key to containing movie piracy is preserving the theater experience as something special. He made the remarks when reporters asked him approximately his views on Sean Parker’s upcoming streaming service Screening Room which will reportedly allow users to watch a new movie on the same day as its theatre […]

Read More
27Jul 2016

0

2

0
You Can’t Turn Off Cortana In the Windows 10 Anniversary Update
The News by w00t

Microsoft will release Windows 10 Anniversary Update next week. Earlier this week we listed some of its best features. PCWorld is now reporting approximately a major alter that may annoy some users: once you’ve installed the update, Cortana can no longer be disabled. From the article: Cortana, the personal digital assistant that replaced Windows 10’s […]

Read More
27Jul 2016

0

2

0
Olympics Committee Says Non-Sponsors Are Banned From Tweeting About the Olympics
The News by w00t

An anonymous reader shares a Gizmodo report:The U.S. Olympics Committee has gone off the deep end, when it comes to intellectual property. It’s willing to sue anyone to protect their trademarks, even when the use is no real threat. But the committee’s latest claim is an entirely new level of absurdity. What’s getting the U.S. […]

Read More
27Jul 2016

0

3

0
Trump Calls For Russia To Cyber-Invade the United States To Find Clinton’s ‘Missing’ Emails
The News by w00t

Republican presidential nominee Donald Trump publicly called on the Russian hackers allegedly responsible for the recent leak of DNC emails to launch another cyber-attack on the United States, this time to hack emails from Hillary Clinton’s tenure as secretary of State, according to reporters who attended the press conference Wednesday. (Alternate source: NYTimes, Quartz, & […]

Read More
27Jul 2016

0

3

0
Google Play Rolls Out Family Sharing
The News by w00t

Google on Wednesday announced a new Google Play feature dubbed Family Library that allows up to 6 people to share apps, movies, books purchases. It will roll out to people in the next 48 hours in 12 countries (Australia, Brazil, Canada, France, Germany, Ireland, Italy, Japan, Mexico, New Zealand, the U.K., & the United States) […]

Read More
27Jul 2016

0

3

0
Android’s New Feature Can Share Your Exact Location In Emergency Situation
The News by w00t

An anonymous reader shares a report on The Next Web: When the police, fire brigade or ambulances need to respond quickly to an emergency call, accurate information approximately the caller’s location is crucial in helping them arrive in time to be of assistance. With that in mind, Google has introduced a feature in Android that […]

Read More
27Jul 2016

0

4
Centreon Web Interface 2.5.3 Command Execution

Centreon Web Interface versions 2.5.3 & below utilize an ECHO for logging SQL errors. This functionality can be abused for arbitrary code execution, & can be triggered via the login screen prior to authentication. View Source

Read More
27Jul 2016

0

4
Iris ID IrisAccess iCAM4000/iCAM7000 Hardcoded Creds / Remote Access

The Iris ID IrisAccess iCAM4000/7000 series suffer from a use of hard-coded credentials. When visiting the device interface with a browser on port 80, the application loads an applet JAR file ‘ICAMClient.jar’ into user’s browser which serves additional admin features. In the JAR file there is an account ‘rou’ with password ‘iris4000’ that has read […]

Read More
27Jul 2016

0

3
Iris ID IrisAccess ICU 7000-2 Remote Root Command Execution

The Iris ID IrisAccess ICU 7000-2 device suffers from an unauthenticated remote command execution vulnerability. The vulnerability exist due to several POST parameters in the ‘/html/SetSmarcardSettings.php’ script not being sanitized when using the exec() PHP function while updating the Smart Card Settings on the affected device. Calling the ‘$CommandForExe’ variable which is set to call […]

Read More
27Jul 2016

0

3
Huge IT Joomla Slider 1.0.9 XSS / SQL Injection

Huge IT Joomla Slider extension version 1.0.9 suffers from cross site scripting & remote SQL injection vulnerabilities. View Source

Read More
27Jul 2016

0

4

0
Xiaomi Launches Mi Notebook Air Windows 10 Laptop Featuring 1080p Display, Starts at $520
The News by w00t

Speaking of Chinese electronics giants, Xiaomi on Wednesday announced it is entering the PC market. The company, which is often referred to as “Apple of China”, announced its first-ever laptop line, the Mi Notebook Air, running on Windows 10. It comes in two sizes — 13.3-inch & 12.5-inch — with both models featuring a slim […]

Read More
27Jul 2016

0

2

0
Xiaomi Launches Slim Mi Notebook Air Windows 10 Laptop Line Featuring 1080p Display, Starts at $520
The News by w00t

Speaking of Chinese electronics giants, Xiaomi, which has in the recent months delved its toes into wearable, smart cookers, air purifiers, suitcases products, on Wednesday announced it is entering the PC market. The company, which is often referred to as “Apple of China”, announced its first-ever laptop line, the Mi Notebook Air, running on Windows […]

Read More
27Jul 2016

0

3
Iris ID IrisAccess ICU 7000-2 XSS / Cross Site Request Forgery

Iris ID IrisAccess ICU 7000-2 is prone to multiple reflected cross site scripting vulnerabilities due to a failure to properly sanitize user-supplied input to the ‘HidChannelID’ & ‘HidVerForPHP’ POST parameters in the ‘SetSmarcardSettings.php’ script. Attackers can exploit this issue to execute arbitrary HTML & script code in a user’s browser session. The application moreover allows […]

Read More
27Jul 2016

0

3
DornCMS 1.4 FileManager Cross Site Scripting

DornCMS version 1.4 suffers from a persistent cross site scripting vulnerability. View Source

Read More
27Jul 2016

0

3
Microsoft GDI+ Untrusted Data Filter Bypass

The GDI+ library can handle bitmaps originating from untrusted sources through a variety of attack vectors, like EMF files, which may embed bitmaps in records such as EMR_PLGBLT, EMR_BITBLT, EMR_STRETCHBLT, EMR_STRETCHDIBITS etc. The GDI+ implementation supports bitmaps compressed with the BI_RLE8 (8-bit Run-Length Encoding) compression algorithm, & performs the actual decompression in the gdiplus!DecodeCompressedRLEBitmap function. […]

Read More
27Jul 2016

0

2
Ubuntu Security Notice USN-3043-1

Ubuntu Security Notice 3043-1 – Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, & availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. A vulnerability was discovered in the OpenJDK JRE related to data integrity. […]

Read More
27Jul 2016

0

2
Debian Security Advisory 3631-1

Debian Linux Security Advisory 3631-1 – Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. View Source

Read More
27Jul 2016

0

3
Debian Security Advisory 3630-1

Debian Linux Security Advisory 3630-1 – Secunia Research at Flexera Software discovered an integer overflow vulnerability within the _gdContributionsAlloc() function in libgd2, a library for programmatic graphics creation & manipulation. A remote attacker can take advantage of this flaw to cause a denial-of-service against an application using the libgd2 library. View Source

Read More
27Jul 2016

0

2
HP Security Bulletin HPSBST03603 1

HP Security Bulletin HPSBST03603 1 – HPE StoreVirtual products running LeftHand OS has addressed stack based buffer overflows in glibc’s implementation of getaddrinfo(). This vulnerability could be remotely exploited to cause Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 […]

Read More
27Jul 2016

0

2
Red Hat Security Advisory 2016-1504-01

Red Hat Security Advisory 2016-1504-01 – The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment & the OpenJDK 7 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the Hotspot & Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple […]

Read More
27Jul 2016

0

3
Huge IT Joomla Catalog Extension 1.0.4 XSS / SQL Injection

Huge IT Joomla Catalog extension version 1.0.4 suffers from cross site scripting & remote SQL injection vulnerabilities. View Source

Read More
27Jul 2016

0

3
Joomla Huge IT Catalog Extension 1.0.4 XSS / SQL Injection

Joomla Huge IT Catalog extension version 1.0.4 suffers from cross site scripting & remote SQL injection vulnerabilities. View Source

Read More
27Jul 2016

0

2

0
LastPass Accounts Can Be ‘Completely Compromised’ When Users Visit Sites
The News by w00t

Reader mask.of.sanity writes: A dangerous zero-day vulnerability has been found in popular cloud password vault LastPass, which can completely compromise user accounts when users visit malicious websites. The flaw is today being reported to LastPass by established Google Project zero hacker Tavis Ormandy who says he has found other “obvious critical problems”. Interestingly, Mathias Karlsson, […]

Read More
27Jul 2016

0

1

0
Florida Regulators OK Plan To Increase Toxins In Water
The News by w00t

An anonymous reader quotes a report from Washington Times: Despite the objection of environmental groups, state environmental regulators voted Tuesday to approve new standards that will increase the amount of cancer-causing toxins allowed in Florida’s rivers & streams under a plan the state says will protect more Floridians than current standards. The Environmental Regulation Commission […]

Read More
27Jul 2016

0

3

0
Nintendo NX Is a Portable Console With Detachable Controllers, Says Report
The News by w00t

An anonymous reader writes from a report via Eurogamer.net: We now have a satisfactory idea as to what the Nintendo NX will consist of thanks to a new report from Eurogamer. According to a number of sources, Nintendo’s upcoming NX will be a portable, handheld console with detachable controllers. Eurogamer.net reports: “On the move, NX […]

Read More
27Jul 2016

0

1

0
Subscribers Pay 61 Cents Per Hour of Cable, But Only 20 Cents Per Hour of Netflix
The News by w00t

An anonymous reader writes from a math-heavy report via AllFlicks: The folks at AllFlicks decided to crunch some numbers to determine just how much more expensive cable is than Netflix. They answered the question: how much does Netflix cost per hour of content viewed, & how does that compare with cable’s figures? AllFlicks reports: “We […]

Read More
27Jul 2016

0

2
Nusiorung CMS 2016 SQL Injection

Nusiorung CMS 2016 suffers from a remote SQL injection vulnerability that allows for authentication bypass. View Source

Read More
27Jul 2016

0

2
Ubuntu Security Notice USN-3042-1

Ubuntu Security Notice 3042-1 – Andreas Cord-Landwehr discovered that KDE-Libs incorrectly handled extracting certain archives. If a user were tricked into extracting a specially-crafted archive, a remote attacker could use this issue to overwrite arbitrary files out of the extraction directory. View Source

Read More
27Jul 2016

0

2
WordPress ColorWay 3.4.1 Cross Site Scripting

WordPress ColorWay theme version 3.4.1 suffers from a cross site scripting vulnerability. View Source

Read More
27Jul 2016

0

3
Red Hat Security Advisory 2016-1489-01

Red Hat Security Advisory 2016-1489-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way certain interfaces of the Linux kernel’s Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using […]

Read More
27Jul 2016

0

2
Silurus Classifieds 2.0 Cross Site Scripting

Silurus Classifieds version 2.0 suffers from a cross site scripting vulnerability. View Source

Read More
27Jul 2016

0

2
Huawei ISM Professional Cross Site Scripting

Huawei ISM Professional suffers from a cross site scripting vulnerability. View Source

Read More
27Jul 2016

0

1

0
‘Sister Clones’ Of Dolly The Sheep Have Aged Like Any Other Sheep, Study Says
The News by w00t

An anonymous reader quotes a report from NPR: About four years ago, Kevin Sinclair inherited an army of clones. “Daisy, Debbie, Denise & Diana,” says Sinclair, a developmental biologist at the University of Nottingham in England. “‘Sister clones’ probably best describes them,” Sinclair says. “They actually come from the exactly the same batch of cells […]

Read More
27Jul 2016

0

1

0
Tesla Model S In Fatal Autopilot Crash Was Going 74 MPH In a 65 Zone, NTSB Says
The News by w00t

An anonymous reader quotes a report from Los Angeles Times: The Tesla car involved in a fatal crash in Florida this spring was in Autopilot mode & going approximately 10 miles faster than the speed limit, according to safety regulators, who moreover released a picture of the mangled vehicle. Earlier reports had stated the Tesla […]

Read More
27Jul 2016

0

1

0
EU Plans To Create Database of Bitcoin Users With Identities and Wallet Addresses
The News by w00t

An anonymous reader writes from a report via Softpedia: “The European Commission is proposing the creation of a database that will hold information on users of virtual currencies,” reports Softpedia. “The database will record data on the user’s real world identity, along with all associated wallet addresses.” The database will be made available to financial […]

Read More
27Jul 2016

0

1

0
Highest-Paid CEOs Run Worst-Performing Companies, Research Finds
The News by w00t

An anonymous reader writes from a report via The Independent: According to a study carried out by corporate research firm MSCI, CEO’s that obtain paid the most run some of the worst-performing companies. It found that every $100 invested in companies with the highest-paid CEOs would have grown to $265 over 10 years. However, the […]

Read More
27Jul 2016

0

1

0
Apple Q3 Earnings: iPhone Sales Continue To Slide, But Apple Beats Estimates
The News by w00t

An anonymous reader quotes a report from BGR: Apple on Tuesday announced fiscal third-quarter earnings of $1.42 per share, or $7.8 billion in net income, on sales totaling $42.4 billion. That compares to a net profit of $1.85 per share in the same quarter last year, while revenue slid from the Q3 record of $49.6 […]

Read More
26Jul 2016

0

3
Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit (2)

This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware Version <= 8.0.1.007 & Load Balancer Firmware <= v5.4.0.004 by exploiting a two vulnerabilities in the web administration interface. The first bug leverages a Arbitrary File Upload vulnerability to create a malicious file containing shell commands before using a […]

Read More
26Jul 2016

0

1

0
AR Helmet Startup Skully Has Crashed and Burned
The News by w00t

An anonymous reader writes from a report via TechCrunch: Sources inside the AR helmet company Skully say the startup is no more. TechCrunch reports: “Operations have ceased within the company, & we’re told the website will be turned off at some point today. [Skully’s CEO & co-founder Marcus Weller] has moreover been asked to sign […]

Read More
26Jul 2016

0

2

0
Norway Is Building The World’s First ‘Floating’ Underwater Tunnels
The News by w00t

An anonymous reader writes from a report via The Next Web: Norway plans to build “submerged floating bridges” to allow drivers to cross its bodies of water. The Next Web reports: “The ‘submerged floating bridges’ would consist of large tubes suspended by pontoon-like support structures 100 feet below water. Each will be wide enough for […]

Read More
26Jul 2016

0

1

0
Facebook Open Sources 360 Surround Camera With Ikea-Style Instructions
The News by w00t

Reader joshtops writes: Facebook needs you to fill its News Feed, Oculus Rift, & Gear VR with 360 content. So today it put all the hardware & software designs of its Surround 360 camera on Github after announcing the plan in April. Thanks to cheeky instruction manual inspired by Ikea’s manuals, you can learn how […]

Read More
26Jul 2016

0

2

0
Harrison Ford Could Have Died In Star Wars Set Incident, Court Hears
The News by w00t

An anonymous reader writes: While filming Star Wars: The Force Awakens, Harrison Ford almost died when he was crushed by a hydraulic door on the set of the Millennium Falcon. He was reportedly knocked to the ground & crushed beneath the heavy door when he walked on to the set not believing it to be […]

Read More
26Jul 2016

0

2

0
Popular Wireless Keyboards From HP, Toshiba and Others Don’t Use Encryption, Can Be Easily Snooped On
The News by w00t

Reader msm1267 writes: Wireless keyboards made by eight different companies suffer from a vulnerability that can allow attackers to eavesdrop on keystrokes from up to 250 feet away, researchers warned Tuesday. If exploited, the vulnerability, dubbed KeySniffer, could let an attacker glean passwords, credit card numbers, security questions & answers — essentially anything typed on […]

Read More
26Jul 2016

0

2

0
Chinese Giant LeEco Buys Vizio For $2 Billion, Gets Instant Foothold In US Market
The News by w00t

Chinese electronics conglomerate LeEco is purchasing American TV manufacturer Vizio for $2 billion, the company announced at a press conference in China on Tuesday. The announcement effectively gives LeEco, formerly known as LeTV, an instant foothold in the U.S. television market. For a refresh, for those who haven’t heard much approximately LeEco, it’s one of […]

Read More
26Jul 2016

0

1

0
Motorola Confirms That It Will Not Commit To Monthly Security Patches
The News by w00t

If you are planning to purchase the Moto Z or a Moto G4 smartphone, be prepared to not see security updates rolling out to your phone every month — & in a timely fashion. After Ars Technica called out Motorola’s security policy as “unacceptable” & “insecure,” in a recent review, the company tried to handle […]

Read More
26Jul 2016

0

3
Debian Security Advisory 3629-1

Debian Linux Security Advisory 3629-1 – Several vulnerabilities were discovered in the Network Time Protocol daemon & utility programs. View Source

Read More
26Jul 2016

0

1

0
Obama Creates a Color-Coded Cyber Threat ‘Schema’ After the DNC Hack
The News by w00t

The White House on Tuesday issued new instructions on how government agencies should respond to major cyber security attacks, in an attempt to combat perceptions that the Obama administration has been sluggish in addressing threats from sophisticated hacking adversaries, Reuters reports. The announcement comes amid reports that hackers working for Russia may have engineered the […]

Read More
26Jul 2016

0

3
Bamboo Deserialization Issue

This advisory discloses a critical severity security vulnerability which was introduced in version 2.3.1 of Bamboo. Versions of Bamboo starting with 2.3.1 before 5.11.4.1 (the fixed version for 5.11.x) & from 5.12.0 before 5.12.3.1 (the fixed version for 5.12.x) are affected by this vulnerability. View Source

Read More
26Jul 2016

0

2

0
‘DNC Hacker’ Unmasked: He Really Works for Russia, Researchers Say
The News by w00t

The hacker who claimed to compromise the DNC swore he was Romanian, yet new investigation shows he worked directly for Russia President Vladimir Putin’s government in Moscow. The Daily Beast reports: The hacker who claims to have stolen emails from the Democratic National Committee & provided them to WikiLeaks is actually an agent of the […]

Read More
26Jul 2016

0

3
Red Hat Security Advisory 2016-1487-01

Red Hat Security Advisory 2016-1487-01 – Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, & other information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to […]

Read More
26Jul 2016

0

3

0
BlackBerry Says Its New Android Smartphone DTEK 50 Is the ‘World’s Most Secure’
The News by w00t

BlackBerry, which once assumed the tentpole position in the mobile market, announced on Tuesday the BlackBerry DTEK 50, its second smartphone powered by Google’s Android operating system. The Canadean company is marketing the DTEK as the ‘world’s most secure’ phone. It is priced at $300, & will go on sale in select markets on August […]

Read More
26Jul 2016

0

2
Red Hat Security Advisory 2016-1486-01

Red Hat Security Advisory 2016-1486-01 – Samba is an open-source implementation of the Server Message Block protocol & the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, & various information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use […]

Read More
26Jul 2016

0

3
Red Hat Security Advisory 2016-1485-01

Red Hat Security Advisory 2016-1485-01 – Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 52.0.2743.82. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited […]

Read More
26Jul 2016

0

2

0
Notorious Group OurMine Hacks TechCrunch
The News by w00t

Prominent technology blog TechCrunch — which is often cited on Slashdot — has become the latest victim of the OurMine hacking group. The notorious group gained access to Seattle-based writer Devin Coldewey’s account, & posted the following message earlier today: “Hello Guys, don’t worry we are just testing techcrunch security, we didn’t alter any passwords, […]

Read More
26Jul 2016

0

2

0
Pop Star Tells Fans To Send Their Twitter Passwords, But It Might Be Illegal
The News by w00t

Cyrus Farivar, reporting for Ars Technica: As a new way to connect with his fans, Jack Johnson — one half of the pop-rap duo Jack & Jack, not to be confused with the laid back Hawaiian singer-songwriter of the same name — has spent the last month soliciting social media passwords. Using the hashtag #HackedByJohnson, […]

Read More
26Jul 2016

0

2

0
Steam On Windows 10 Will Get ‘Progressively Worse’: Gears of War Developer
The News by w00t

Microsoft’s Universal Windows Platform, or UWP, approach isn’t sitting well with many game developers. Four months after criticising UWP ecosystem for being a walled-garden, curtailing “users’ freedom to install full-featured PC software, & subverting the rights of developers & publishers to maintain a direct relationship with their customers,” Tim Sweeney, co-founder of Epic Games, the […]

Read More
26Jul 2016

0

2

0
54C Recorded In Kuwait Likely Hottest On Record In Asia
The News by w00t

An anonymous reader writes from an Associated Press report: The UN weather agency said it suspects that the 54C temperature recorded in Kuwait has set a record for the eastern hemisphere. The World Meteorological Organisation (WMO) said Tuesday it is setting up a committee to look into whether the temperature recorded last Thursday in Mitrabah, […]

Read More
26Jul 2016

0

2

0
Slashdot Asks: What’s Next For Netflix?
The News by w00t

What does the future hold for Netflix? The company first earned a name for itself over a decade ago renting DVDs via mails in an era when Blockbuster used to laugh at the mere idea of DVDs-by-mail. It then moved to offering online streaming service way before most of the companies. As VC & former […]

Read More
26Jul 2016

0

1

0
AMD Unveils Radeon Pro WX and Pro SSG Professional Graphics Cards
The News by w00t

MojoKid writes: AMD took the wraps off its latest pro graphics solutions at SIGGRAPH today, & announced three new professional graphics cards in the new Polaris-based Radeon Pro WX Series. The Radeon Pro WX 4100 is the entry-level model with a half-height design for use in small form-factor workstations. The Radeon Pro WX 5100 is […]

Read More
26Jul 2016

0

3
Red Hat Security Advisory 2016-1484-01

Red Hat Security Advisory 2016-1484-01 – Red Hat Satellite is a system management tool for Linux-based infrastructures. It allows for provisioning, monitoring, & the remote management of multiple Linux deployments with a single, centralized tool. Security Fix: A stored cross-site scripting flaw was found in the way spacewalk-java displayed monitoring probes. An attacker can embed […]

Read More
26Jul 2016

0

3
Red Hat Security Advisory 2016-1494-01

Red Hat Security Advisory 2016-1494-01 – Samba is an open-source implementation of the Server Message Block protocol & the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, & various information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use […]

Read More
26Jul 2016

0

3
Dropbox 6.4.14 DLL Hijacking

Dropbox version 6.4.14 has an installer that suffers from a dll hijacking vulnerability. View Source

Read More