Security Alerts & News
by Tymoteusz A. Góral

History
#2012 Java and Python FTP attacks can punch holes through firewalls
The Java and Python runtimes fail to properly validate FTP URLs, which can potentially allow attackers to punch holes through firewalls to access local networks.

On Saturday, security researcher Alexander Klink disclosed an interesting attack where exploiting an XXE (XML External Entity) vulnerability in a Java application can be used to send emails.

XXE vulnerabilities can be exploited by tricking applications to parse specially crafted XML files that would force the XML parser to disclose sensitive information such as files, directory listings, or even information about processes running on the server.
Read more
#2018 OpenSSL update fixes high-severity DoS vulnerability
#2017 Firefox users fingerprinted via cached intermediate HTTPS certificates
#2016 The attack of the alerts and the zombie script
#2015 Hacks all the time. Engineers recently found Yahoo systems remained compromised
#2014 CryptoMix: Avast adds a new free decryption tool to its collection
#2013 Microsoft Security Bulletin MS17-005 - Critical
#2012 Java and Python FTP attacks can punch holes through firewalls
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12