The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015

Hackers Gained Root Access to the Servers of WordPress

Hackers Gained Root Access to the Servers of WordPress

Unknown hackers gained root access to the servers of WordPress.com blogging platform. The successful attack made it possible to obtain sensitive information. "Automattic had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed," Matt Mullenweg, the founder of Automattic, the company that owns WordPress wrote in his companies blog.

He also claims that his employees are still determining exactly what data have been stolen. So far there has been found no evidence that passwords of the 18 million publishers of WordPress were exposed, “and even if they had they'd be difficult to crack.” But anyway, Matt Mullenweg, strongly recommends that publishers change their passwords.

There is no information about how the hackers were able to gain low-level access to multiple servers, but it is said that comprehensive steps to prevent such an incident in the future have been taken. Source code stored on Automattic's servers includes API keys and Twitter and Facebook passwords that can used to gain access to sensitive information.

(c) Naked Security


Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015