Security Alerts & News
by Tymoteusz A. Góral

History
#402 Botched Java patch leaves millions vulnerable to 30-month-old attack
The bypass code, which was released Thursday by Polish security firm Security Explorations, contains only minor changes to the original proof-of-concept, according to an e-mail posted to the Full Disclosure security list. Security Explorations released the original exploit in October 2013 following the release of a patch from Oracle. Thursday's bypass changes only four characters from the 2013 code and uses a custom server to work. The bypass means that millions of Java users have remained vulne
#401 TPLink blocks open source router firmware to comply with new FCC rule
Networking hardware vendor TP-Link says it will prevent the loading of open source firmware on routers it sells in the United States in order to comply with new Federal Communications Commission requirements.
#400 FCC's new privacy rules target broadband providers - but not web giants like Google, Facebook
US Federal Communications Commission (FCC) boss Tom Wheeler on Thursday outlined a proposal that would require broadband providers such as Verizon and Comcast to obtain consent before collecting consumer data.
#399 DDoS attacks: Getting bigger and more dangerous all the time
According to statistic published in the VeriSign Distributed Denial of Service Trends Report, DDoS activity is the highest it's ever been, with the final quarter of 2015 seeing an 85 percent rise in instances - almost double the number of attacks - when compared with the same same period in 2014. The figures for Q4 2015 also represent a 15 percent rise on the previous quarter.
#398 Hackers target Anti-DDoS firm Staminus
Staminus Communications Inc., a California-based Internet hosting provider that specializes in protecting customers from massive “distributed denial of service” (DDoS) attacks aimed at knocking sites offline, has itself apparently been massively hacked. Staminus’s entire network was down for more than 20 hours until Thursday evening, leaving customers to vent their rage on the company’s Facebook and Twitter pages. In the midst of the outage, someone posted online download links for what appear t
#397 Adobe issues emergency patch for actively exploited code-execution bug
Adobe has issued an emergency update for its Flash media player that patches almost two dozen critical vulnerabilities, including one that's being maliciously exploited in the wild.
#396 Cisco Cable Modem with digital voice (DPC2203) remote code execution vulnerability
A vulnerability in the web server used in the Cisco Cable Modem with Digital Voice Model DPC2203 could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution.
#395 Tor users can be tracked by mouse movements
The way you move your mouse is unique, like fingerprints, and can be used by dark forces to track you on supposedly anonymous and secure networks like Tor, according to a Barcelona researcher.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12