by Agence France-Presse in Bujumbura from World news | The Guardian on (#G6AH)
Gen Adolphe Nshimirimana, seen as regime’s No 2, assassinated week after President Nkurunziza declared election winnerA top Burundian general and close aide to the president, Pierre Nkurunziza, has been killed in a rocket attack on his car in the capital, Bujumbura, officials and witnesses said.
|
Story
Some PDFs from Blackhat 2015Similar News
by LXer from LinuxQuestions.org on (#G5ER)
Published at LXer: Hello, open gaming fans! In this week's edition, we take a look at Razer and OUYA, security vulnerabilities on Steam, and more.Open gaming roundup for July 25 - August...
|
by Trevor Timm from on (#G275)
Freedom of the Press Foundation this week filed a Freedom of Information Act (FOIA) lawsuit against the Justice Department over their unpublished rules for using National Security Letters and so-called informal “exigent letters†to conduct surveillance of journalists. Read the rest
|
by Yael Grauer from Feed: All Latest on (#G405)
Each weekend, WIRED rounds up the security vulnerabilities and privacy updates that deserve your attention. The post Security News This Week: United Airlines Can’t Catch a Break appeared first on WIRED.
|
CentOS has updated java-1.6.0-openjdk (C5; C7: multiple vulnerabilities).Debian has updated openafs(multiple vulnerabilities) and xmltooling (denial of service).Fedora has updated libuser(F22: multiple vulnerabilities), openssh (F22: authentication limits bypass; F22: improper output filtering), and xrdp (F22: denial of service).Mageia has updated groovy(M4, M5: code execution).openSUSE has updated bind (11.4:multiple vulnerabilities) and openldap2 (13.1, 13.2: multiple vulnerabilities).Oracle has updated java-1.6.0-openjdk (O6; O7: ).Red Hat has updated java-1.6.0-openjdk (multiple vulnerabilities).Scientific Linux has updated openafs (multiple vulnerabilities).SUSE has updated bind(SLES 10: denial of service), java-1_7_0-openjdk (SLE 11;SLE 12: multiple vulnerabilities), java-1_7_1-ibm (SLE 11; SLE 12: multiple vulnerabilities),and kernel (SLE 12: multiple vulnerabilities).Ubuntu has updated hplip(12.04, 14.04, 15.04: man-in-the-middle attack), kernel (14.04: multiple vulnerabilities), linux-lts-trusty (12.04: multiple vulnerabilities), and sqlite3 (12.04, 14.04, 15.04: multiple vulnerabilities).
by rjcjr from on (#G11K)
My search for an easy way to generate strong passwords and passphrases led me to the "Diceware" method Cory wrote about on Boing Boing. This was no game. I needed serious dice. Read the rest
|
by John Biggs from Crunch Hype on (#G0SZ)
A bug discovered by security researchers Eric Taylor and Blake Welsh can change a standard customer feedback system called Aptean SupportSoft into a method for hackers to grab passwords, credit card information, and usernames. Taylor and Welsh have also been able to inject code into chat sessions that makes small windows appear when a customer service chat session is initiated. The exploit… Read More
|
Debian-LTS has updated squid3(security bypass).Fedora has updated drupal7-path_breadcrumbs (F22; F21: cross-sitescripting), ecryptfs-utils (F22; F21: password disclosure from 2014), hplip (F21: key verification botch), httpd (F21: multiple vulnerabilities),ipython (F22; F21: cross-site request forgery), libunwind (F21: code execution), libwmf (F21: two denial of service flaws), nx-libs (F22: unspecified vulnerabilities), wpa_supplicant (F21: code execution), and xrdp (F21: denial of service).openSUSE has updated lxc (13.2; 13.1:two vulnerabilities).Oracle has updated autofs (OL6:privilege escalation from 2014), bind (OL6; OL6:denial of service), curl (OL6: multiplevulnerabilities, some from 2014), freeradius (OL6: code execution from 2014), gnutls (OL6: two vulnerabilities), grep (OL6: code execution), hivex (OL6: code execution from 2014), ipa (OL6: cross-site scripting from 2010 and2012), kernel (OL6: multiplevulnerabilities, some from 2014), kernel 3.8.13 (OL7; OL6:three vulnerabilities, one from 2014), libreoffice (OL6: code execution), libuser (OL6: privilege escalation), libxml2 (OL6: two vulnerabilities, one from2014), mailman (OL6: two vulnerabilities,one from 2002), net-snmp (OL6: denial ofservice from 2014), ntp (OL6: threevulnerabilities), pki-core (OL6: cross-sitescripting), python (OL6: twovulnerabilities from 2013 and 2014), sudo(OL6: information disclosure from 2014), wireshark (OL6: multiple vulnerabilities, somefrom 2014), and wpa_supplicant (OL6: denialof service).SUSE has updated bind (SLE11SP1:denial of service).Ubuntu has updated ghostscript(15.04, 14.04, 12.04: code execution), openjdk-7 (15.04, 14.04: multiplevulnerabilities), pcre3 (15.04, 14.04,12.04: multiple vulnerabilities, one from 2014), and tidy (15.04, 14.04, 12.04: two vulnerabilities).
from Hacker News on (#FWT0)
Comments
from on (#FV9B)
Russia vetoes Security Council proposal on MH17 tribunal, despite late lobbying of Putin
|
Arch Linux has updated bind(denial of service), pacman(man-in-the-middle attack), and qemu(multiple vulnerabilities).CentOS has updated bind (C7; C5: denialof service) and bind97 (C5: denial of service).Debian has updated bind9 (denial of service).Debian-LTS has updated apache2 (denial of service) and bind9 (denial of service).Fedora has updated elfutils (F21:unspecified vulnerabilities), haproxy (F22; F21:information leak), hplip (F22:man-in-the-middle attack), libidn (F22; F21:information disclosure), php (F21: multiplevulnerabilities), roundcubemail (F22; F21:multiple vulnerabilities), subversion (F21:multiple vulnerabilities), and wpa_supplicant (F22: denial of service).Mageia has updated ansible(MG4,5: two vulnerabilities), freeradius(MG4,5: insufficient certificate verification), openssh (MG4,5: authentication limits bypass),python-django (MG4,5: multiplevulnerabilities), and springframework (MG5:denial of service).Oracle has updated bind (OL7; OL5:denial of service) and bind97 (OL5: denial of service).Red Hat has updated bind (RHEL6,7; RHEL5: denial of service), bind97 (RHEL5: denial of service), and qemu-kvm-rhev (RHOSP5,6: two vulnerabilities).Scientific Linux has updated bind(SL5: denial of service) and bind97 (SL5: denial of service).Slackware has updated bind (denial of service).SUSE has updated bind (SLE12; SLE11SP3,4: denial of service).Ubuntu has updated bind9 (15.04,14.04, 12.04: denial of service) and qemu(15.04, 14.04: multiple vulnerabilities).
from on (#FSJF)
Canadian government and law enforcement officials are scrambling to figure out how Anonymous got their hands on what the hacker collective calls cabinet-level secrets.
|
from on (#FRER)
Today’s review is of BackBox 4.3, the latest edition, which is based on Ubuntu 14.04 and ships with its own suite of security-focused applications. This puts it in the same niche as CAINE, Deft and Kali.
by LXer from LinuxQuestions.org on (#FRGG)
Published at LXer: Today’s review is of BackBox 4.3, the latest edition, which is based on Ubuntu 14.04 and ships with its own suite of security-focused applications. This puts it in the same niche...
|
CentOS has updated clutter (C7:screen lock bypass) and qemu-kvm (C7: two vulnerabilities).Debian-LTS has updated icu(code execution).Mageia has updated chromium-browser (MG4,5: multiplevulnerabilities), expat (MG4,5: denial ofservice), icu (MG5; MG4: denial of service/code execution), stunnel (MG5: authentication bypass), thunderbird (MG4,5: multiple vulnerabilities),wesnoth (MG5; MG4: information leak), and wordpress (MG4: two vulnerabilities).Oracle has updated clutter (OL7:screen lock bypass) and qemu-kvm (OL7: two vulnerabilities).Red Hat has updated clutter(RHEL7: screen lock bypass).Scientific Linux has updated clutter (SL7: screen lock bypass) and qemu-kvm (SL7: two vulnerabilities).SUSE has updated xen (SLE12; SLE11SP4: two vulnerabilities).Ubuntu has updated apache2(15.04, 14.04, 12.04: two vulnerabilities), kernel (15.04; 14.04:multiple vulnerabilities), linux-lts-trusty(12.04: multiple vulnerabilities), linux-lts-utopic (14.04: multiplevulnerabilities), and linux-lts-vivid(14.04: multiple vulnerabilities).
by Frederic Lardinois from Crunch Hype on (#FP93)
Starting today, developers who use Google’s Compute Engine infrastructure as a service platform will be able to bring their own security keys to the service. Google argues that using these customer-supplied encryption keys, which are now in public beta, give its users more control over their data security.By default, Google encrypts all of the data on its service with an AES-256 bit… Read More
|
from on (#FJEB)
Cybersecurity experts aren't like you or I, and now we have the evidence to prove it. Researchers at Google interviewed more than 200 experts to find out what security practices they actually carry out online, and then spoke to almost 300 non-experts to find out how they differ.
|
from heise online News on (#FNHK)
Die Gefahren und andererseits die Möglichkeiten zum Schutz und der Prävention vor Cyberangriffen sind das zentrale Thema der 2. Konferenz zur Cyber Security Challenge Germany Mitte September in Berlin.
|
by LXer from LinuxQuestions.org on (#FN2F)
Published at LXer: Cybersecurity experts aren't like you or I, and now we have the evidence to prove it. Researchers at Google interviewed more than 200 experts to find out what security practices...
|
by Blue from Blue's News on (#FJQN)
Valve has closed up a Steam security hole that allowed for the hijacking of user accounts with minimal effort, which caused temporary account loss for some prominent streamers and DOTA 2 pros,...
by Dustin Childs from Crunch Hype on (#FM4V)
When it comes to data security, we hear a lot about how cyber attackers are becoming more sophisticated or that cloud technology is full of risks. While these statements are true to some extent, both can be convenient excuses hiding a harsher truth. Today, neglect is actually one of the biggest threats to corporate data. Read More
|
Debian has updated expat (code execution), lxc (two vulnerabilities), and openjdk-7 (multiple vulnerabilities).Debian-LTS has updated expat(code execution), ghostscript (buffer overflow), and lighttpd (man-in-the-middle attack).Mageia has updated apache (MG4,5:two vulnerabilities), java-1.8.0-openjdk(MG5: multiple vulnerabilities), libuser(MG4,5: two vulnerabilities), and mariadb(MG4,5: multiple vulnerabilities).openSUSE has updated cacti (13.2,13.1: SQL injection), Chromium (13.2, 13.1:multiple vulnerabilities), java-1_7_0-openjdk (13.2, 13.1: multiplevulnerabilities), and java-1_8_0-openjdk(13.2: multiple vulnerabilities).Red Hat has updated chromium-browser (RHEL6: multiplevulnerabilities) and qemu-kvm (RHEL7: two vulnerabilities).
by Jason Burke in Delhi from World news | The Guardian on (#FJ8F)
Indian home minister vows ‘befitting reply’ and Pakistan condemns incident near border that left at least 10 dead, including three gunmenSecurity forces are on high alert in cities across India after gunmen attacked a police station, killing at least seven people in the north-western state of Punjab.Authorities said four police officers and three civilians had been confirmed dead in the siege, and eight more injured. All three of the attackers died. Continue reading...
|
by Sean Gallagher from Ars Technica - All content on (#FK8M)
Move is part of government effort to expand monitoring of communications.
|
by Kyle Orland from Ars Technica - All content on (#FK43)
Attacker could steal account with nothing but a username.
|
from The Tech Report on (#FJP5)
Some Steam accounts were stolen during the period from July 21 to July 25 due to a security flaw in the service's password reset procedure, Kotaku reports. The hole, which Valve learned of on July 25, allowed an attacker to reset a Steam account's password without a security code using only the account's name. Valve claims it has since closed the security hole.This YouTube video shows how the attack worked. This user then ...Read more...
by Guardian Staff from World news | The Guardian on (#FJ2K)
Indian security forces exchange fire with gunmen in the town of Gurdaspur in Punjab, northern India, near the border with Pakistan, after they fired shots at a bus station and took control of a police station. At least five people have been killed in the siege, and several more injured. Police try to disperse panicking crowds, who came out onto the street after hearing the gunfire Continue reading...
|
by Peter Beaumont in Jerusalem from World news | The Guardian on (#FHXR)
Mohammad Abu Latifa, 20, becomes third Palestinian in a week to be killed by IDF after he was shot and fell from a roofA Palestinian man has died during an attempted arrest by Israeli security forces, in the third such fatal incident in less than a week.
|