JavaMail does not check if the email subject contains a Carriage Return (CR) or a Line Feed (LF) character on POST multipart requests. This issue allows the injection of arbitrary SMTP headers in the generated email. This flaw can be used for sending SPAM or other social engineering attacks (e.g. abusing a trusted server to send HTML emails with malicious content). Versions 1.4.5 and 1.5.1 were found vulnerable.
Law enforcement agencies seize more than 1,000 computers, smartphones, and hard drives in a massive operation that goes after malware said to have "sophisticated" capabilities and "breathtaking" invasiveness.
Malware Analysis with Hook Analyser, a freeware application which allows an investigator/analyst to perform static & run-time dynamic analysis of suspicious applications, also gather (analyse & co-related) threat intelligence related information (or data) from various open sources on the Internet.
The National Security Agency’s reliance on facial recognition technology has grown as it has used new software to exploit images in emails, text messages, social media, videoconferences and other communications.
A modified version of the Metasploit module has been released that neither accesses sensitive data nor impacts service performance, and it is aimed at helping organizations conduct safe testing for Heartbleed vulnerabilities.
privacyIDEA is a multi-factor authentication solution. It can manage any type of authentication device. All common OTP (one time password) devices are supported, including Google Authenticator, eToken Pass, OTP cards, and Yubikey. New devices can be added easily. Users can be retrieved from flat files, LDAP, or Active Directory. It can also handle authorization and writes all events to a digitally signed audit log, giving you basic AAA functionalities.