The H-Online: Mozilla has released Firefox 10.0.1, Firefox ESR 10.0.1, Thunderbird 10.0.1, Thunderbird ESR 10.0.1 and SeaMonkey 2.7.1 to fix a single critical security hole in the browsers and mail clients which appeared in version 10. The security advisory says that versions previous to Firefox 10, Thunderbird 10 and SeaMonkey 2.7 are unaffected by the…
The H-Online: The Debian developers have pointed out, in an announcement on the debian-announce mailing list, that – three years after it was released –Debian GNU/Linux 5.0 (Lenny) has reached its “End of Life”. Debian GNU/Linux 5.0 was originally released in February 2009 and on 6 February 2012, the developers stopped providing security updates for…
SophosLabs: Can hackers really cause as much bloodshed as 353 Imperial Japanese Navy fighters, bombers and torpedo planes launched from six aircraft carriers? Can hackers really kill 2,402 U.S. citizens, leave 1,282 wounded, lose 65 of their own attackers in the process, and plunge the United States into a World War? Heaven only knows. Maybe…
SophosLabs: Symantec has confirmed that a file made available on the internet for anyone to download, does contain the source code for an old version of its pcAnywhere product. For a short while last month, before releasing a patch, Symantec advised customers to disable their pcAnywhere installations because of concern that hackers could exploit vulnerabilities….
Sunbelt: With the U.S. currently in tax season, online criminals have, once again, sought to take advantage of this. Robert Stetson, one of Sunbelt’s malware researchers, spotted a phishing email posing as Intuit Inc., a company that “develops financial and tax preparation software”. They developed Quicken and TurboTax. Below is a screenshot of the said…
H-Online: Researchers at Ruhr-Universität Bochum in Germany have announced that they have cracked the A5-GMR-1 and A5-GMR-2 encryption algorithms used in satellite phones. Satellite phones are mainly used in areas with insufficient mobile network coverage and in the maritime sector. The researchers obtained the proprietary, and previously undocumented, algorithms by reverse engineering phone firmware updates….
v3.co.uk: The uniform infrastructure and predictable behaviors are making corporate retail and restaurant chains the choice targets for cybercriminals. A report from security firm Trustwave found that attackers favor companies with chains of outlets, such as those commonly found in the food and retail industries, when launching targeted attacks. The attackers like the uniform IT…
The H-Online: Adobe has released a public beta of a sandboxed version of its Flash plugin for Firefox in an effort to improve its security. The new “Protected Mode” for Flash, which has been in development for at least a year according to Adobe engineer Peleus Uhley, runs with restricted privileges and, to further limit…
The H-Online: RealNetworks has released an update to RealPlayer to close a number of holes in its media player application. Version 15.02.71 of RealPlayer addresses a total of seven remote code execution vulnerabilities, rated as highly critical by Secunia, which could be exploited by an attacker to compromise a victim’s system. These include errors when…
The H-Online: Versions 1.7.5 and 2.5.1 of the open source Joomla! content management system (CMS) have been released to address two information disclosure vulnerabilities. These include one medium severity problem in Joomla! 1.7.x that could allow an unauthorized user to gain access to the error log stored on a victim’s server, and, in both versions,…