2013-10-18 - [slackware-security] hplip (SSA:2013-291-01)

2013-10-18 - [slackware-security] libtiff (SSA:2013-290-01)

2013-10-14 - [slackware-security] xorg-server (SSA:2013-287-05)

2013-10-14 - [slackware-security] libgpg-error (SSA:2013-287-04)

2013-10-14 - [slackware-security] gnutls (SSA:2013-287-03)

Downloader.Busadom!g1

Infostealer.Posteal

Downloader.Busadom

Trojan.Ladocosm

SONAR.SuspDocRun

SONAR.SuspHelpRun

W32.Tempedreve.D!inf

SONAR.PUA!AlnadInsta

SONAR.Infostealer!g5

SONAR.Infostealer!g4

ZeuS Trojan uses new Upatre loader to replicate

Along with Pony Loader, Upatre loader uses Cutwail botnet to replicate.

Dell: Cutwail botnet spreads Trojan for Android-devices

Malicious program is downloaded to the systems posing as an update for Adobe Flash Player.

Grum botnet brought back to life

Researchers found five new C&C servers connected to botnet.

Carna botnet consists of 420 million IP-addresses

Hacker created botnet in order to demonstrate the map of devices that use IPv4 protocol.

Researchers: Kelihos returns with more sufficient functions

The new version of the botnet comes with better resistance to sinkholing techniques.

Symantec and Microsoft Eliminated Russian Bamital Botnet

Using the botnet cybercriminals managed to control hundreds of thousand PCs around the world.

Grum completely shut down

An international team of infosec professionals shut down all the botnet’s C&Cs.

Dutch authorities take control over two servers of the Grum botnet

The botnet spread almost 18% of the world’s spam on the Internet and is the third largest after the Cutwail and Lethic.

Dr. Web: Win32.Rmnet.16 attacks users in UK, Australia and US

Russian antivirus company Dr. Web discovered a botnet created by new variant of Win32.Rmnet.12 malware.

New Mac threat discovered

The Sabpab Trojan horse allows hackers to upload and download any file.

Apple tries to unplug an AV’s server

Apple claims that an AV’s server is used as a Falshback C&C.

Virus Flashback affected 550,000 PCs

Malware was able to infect 550,000 computers based on Mac OS X.

Microsoft shuts down 2 botnet C&C

Software giant takes legal actions to disrupt ZueS botnets.

Anonymous hacktivists were infected with ZeuS Trojan

Anonymous participants lost their personal data in the course of conducting DDoS-attacks.

Zeusbot has leveraged P2P communication

Since the last update each bot in the network is a minimal Web-server, capable of handling HTTP requests and performing C&C functionalities.

German Police Used Trojan to Tap Skype Calls and IM Chats (Update)

German researchers captured and analyzed a new Trojan horse which they claim might be used by police to tap Skype calls and IM messages.

SpyEye banking trojan: now with SMS hijacking capability

The SpyEye banking trojan has acquired the ability to reroute one-time passwords sent to victims' cellphones, a measure that bypasses protections more and more financial institutions are adopting.

ZeuS Source Code Leaked to the Internet

Source code of latest version of the ZeuS crimeware kit has been leaked on the Internet.

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

Multiple Vulnerabilities in Linux kernel

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.