Numerous people noticed that the website was defaced yesterday. While groups like LulzSec and Anonymous have been receiving most of the publicity recently, there are still other people out there looking to attack sites and today a group calling themselves TurkGuvenligi (translated to Turkish Trust League) is responsible for the defacement. The group appears to be Turkish, based on the flag on their Twitter feed. In addition, Google Translate indicates that their tweets are in Turkish.

Botnet shutdown by Panda Security

Panda Security and Defence Intelligence Coordinate Massive Botnet Shutdown with International Law Enforcement. Collaborative cybercrime investigation results in three arrests, more pending -- Personal and financial data compromised from massive cyber attack impacting nearly 13 million unique IP addresses, 50 percent of Fortune 1000 companies -- Preliminary damages estimated to be in the millions of dollars.

OpenLDAP vulnerability - Ubuntu

It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

GD library vulnerabilities

Tomas Hoger discovered that the GD library did not properly handle the number of colors in certain malformed GD images. If a user or automated system were tricked into processing a specially crafted GD image, an attacker could cause a denial of service or possibly execute arbitrary code. (CVE-2009-3546).

Vulnerabilities in Firefox and Xulrunner - Ubuntu

Alin Rad Pop discovered a heap-based buffer overflow in Firefox when it converted strings to floating point numbers. If a user were tricked intoviewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking theprogram. (CVE-2009-1563) .

New xterm packages fix remote code execution

Paul Szabo discovered that xterm, a terminal emulator for the X Window System, places arbitrary characters into the input buffer when displaying certain crafted escape sequences (CVE-2008-2383).

Items 1 - 6 of 6 displayed.

Back to Home page