Day: October 14, 2013

D-Link plans firmware update to disable backdoor

D-plan is for d-firmware to land by end of October……

Snapchat hands ‘self-destruct’ selfies to cops – are yours among them?

And they’ll do it again, too, if they’ve got a warrant……

Merchants call the shots on future of payments technology

Merchants are increasingly influencing the design and capabilities of payments technology, CommBank and Amex say…….

Reselling mutant cloud parts from IBM? There’s now an app for that

Barrage of server announcements incoming!……

Java Spec Compatibility Weakened Android’s TLS Encryption

sfcrazy writes “It has been discovered that Google downgraded the SSL encryption of Android after version 2.3.4 and defaulted to RC4 and MD5 ciphers. It may appear that NSA is at play here as both are broken and can be easily compromised. But after digging the code Georg Lukas concluded that the blame goes to…

Speed up the shutdown process in OS X

A quick adjustment of the timeout values for key processes can greatly speed up otherwise laggy shutdowns in OS X…….

Can Forward halt Unisys’ decade of decline?

One of the great engineering driven technology companies is digging into its legacy to find a way forward…….

HP Data Protector Cell Request Service Buffer Overflow

This Metasploit module exploits a stack-based buffer overflow in the Hewlett-Packard Data Protector product. The vulnerability, due to the insecure usage of _swprintf, exists at the Cell Request Service (crs.exe) when parsing packets with opcode 211. This Metasploit module has been tested successfully on HP Data Protector 6.20 and 7.00 on Windows XP SP3…….

Zabbix 2.0.8 SQL Injection / Remote Code Execution

This Metasploit module exploits an unauthenticated SQL injection vulnerability affecting Zabbix versions 2.0.8 and lower. The SQL injection issue can be abused in order to retrieve an active session ID. If an administrator level user is identified, remote code execution can be gained by uploading and executing remote scripts via the ‘scripts_exec.php’ file…….

MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free

This Metasploit module exploits a vulnerability found in Microsoft Internet Explorer. It was originally found being exploited in the wild targeting Japanese and Korean IE8 users on Windows XP, around the same time frame as CVE-2013-3893, except this was kept out of the public eye by multiple research companies and the vendor until the October…