The GHOST Vulnerability (Jan 27, 2015 9:32:44 AM)
The GHOST Vulnerability (Jan 27, 2015 9:32:44 AM) avatar

So basically, a bug/vulnerability was discovered in Glibc (specifically in gethostbyname [__nss_hostname_digits_dots()]); most stable and long-term-support distributions left exposed (and still are): Debian 7 (wheezy) Red Hat Enterprise Linux 6 & 7 CentOS 6 & 7 Ubuntu 12.04 The Ghost Vulnerability The GHOST vulnerability is a serious weakness in the … Continue reading

BASH remote code execution…
BASH remote code execution… avatar

http://seclists.org/oss-sec/2014/q3/649 CVE-2014-6271: remote code execution through bash From: Florian Weimer Date: Wed, 24 Sep 2014 16:05:51 +0200 Stephane Chazelas discovered a vulnerability in bash, related to how environment variables are processed: trailing code in function definitions was executed, independent of the variable name. In many common configurations, this vulnerability is … Continue reading

5 Million Gmail stolen username and passwords leaked…
5 Million Gmail stolen username and passwords leaked… avatar

If you have a gmail account, you should change your password and consider activating two-factor authentication.. Read More here: http://beta.slashdot.org/story/207047 You can check to see if you on the list here: https://isleaked.com/en Hint: I’ve viewed the list… $ fgrep -i ckorac google_5000000.txt ckorac@gmail.com $ fgrep -i powernap google_5000000.txt joshua.thepowernap.taylor@gmail.com

Public Service Announcement … for Noob
Public Service Announcement … for Noob avatar

Megamos Crypto systems were hacked… relatively easily… Security through obscurity… blah blah…   Megamos Crypto—a system used by several luxury car brands to verify the identity of keys used to start the ignition.   I know this is relatively old news… but not everyone keeps up with this shtuff. German … Continue reading