Hello list!
There are Content Spoofing and Cross-Site Scripting vulnerabilities in
plugin DZS Video Gallery for WordPress. After I announced multiple
vulnerabilities in DZS Video Gallery at 08.05.2014 and informed developers,
they ignored it, so the second advisory is going directly to full discl
> I'd be interested to see analyses of short term affects of breaches.
A friend of mine pointed me to this paper:
http://www.heinz.cmu.edu/~rtelang/tse_published.pdf
I have issues with the methodology - most notably, the study covers
only 150 bugs out of thousands qualifying ones; half of them f
I think you meant those publicly traded retail companies already under duress,
it isn't clear if a significant data breach has a material impact on their
market cap, revenue, and other financial measures.
John Menerick
http://www.securesql.info
> On May 28, 2014, at 5:12 AM, Roberto Martelloni
Not only that, but let's extrapolate from some recentish events.
Healthcare.gov was touted as being full of security issues. However,
everyone knows that in order to prove this, you needed to break the law to
begin with. Politicians knew this, which was why the hearings were so
entertaining.
If w
On Wed, May 28, 2014 at 8:12 AM, Roberto Martelloni
wrote:
> Among other according to
> www.sfgate.com/business/article/Investors-undeterred-by-data-breaches-5505309.php
> seems
> that also after data breaches like the Targets one there aren'tlong term
> impact on stock markets.
Selling short is p
> Among other according to
> www.sfgate.com/business/article/Investors-undeterred-by-data-breaches-5505309.php
> seems that also after data breaches like the Targets one there aren'tlong
> term impact on stock markets.
Well and the business plan here is not to cause breaches, right?;-)
/mz
_
Among other according to
www.sfgate.com/business/article/Investors-undeterred-by-data-breaches-5505309.php
seems
that also after data breaches like the Targets one there aren'tlong term
impact on stock markets.
On 27 May 2014 20:07, Michal Zalewski wrote:
> > vulnerabilities to the public. For
On Tue, May 27, 2014 at 3:04 PM, Brandon Perry
wrote:
> Not even sure when the last vulnerability that caused any fluctuation in
> the stock markets was.
+!. I'm not sure it ever hurt Sony, and they've had over 40 documented
problems [0, 1, 2, et al]. Some of them were very serious from a data
sec
On 5/27/2014 9:49 PM, Philip Cheong wrote:
What say you? Is this brilliant? Or stupid? Awesome? But never going to
work?
Check his interview
http://youtu.be/BcoilJkd0Ok?t=13m
___
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/l
Advisory: SQL Injection in webEdition CMS File Browser
RedTeam Pentesting discovered an SQL injection vulnerability in the file
browser component of webEdition CMS during a penetration test.
Unauthenticated attackers can get read-only access on the SQL database
used by webEdition and read for exam
Advisory: Remote Command Execution in webEdition CMS Installer Script
RedTeam Pentesting discovered a remote command execution vulnerability
in the installer script of the webEdition CMS during a penetration test.
If the installer script is not manually removed after installation,
attackers cannot
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20140528-0 >
===
title: Root Backdoor & Unauthenticated access to voice recordings
product: NICE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=== LSE Leading Security Experts GmbH - Security Advisory LSE-2014-05-21 ===
Check_MK - Arbitrary File Disclosure Vulnerability
- --
Affected Versions
=
Linux versions of Check_MK equal
13 matches
Mail list logo