SECURITY WARNINGS & Notices - Please post them here

[Asyn]

Oracle Critical Patch Update Advisory - April 2013
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html

[Asyn]

The Bearer of BadNews
https://blog.lookout.com/blog/2013/04/19/the-bearer-of-badnews-malware-google-play/

[Pondus]

Flawed Malwarebytes security update wipes out thousands of computers
http://www.theinquirer.net/inquirer/news/2262248/flawed-malwarebytes-security-update-wipes-out-thousands-of-computers

[!Donovan]

Malware On Mobile Grew 163% In 2012, Infecting Around 32.8M Android Devices, Report Says
http://techcrunch.com/2013/04/15/malware-on-mobile-grew-163-in-2012-infecting-around-32-8m-android-devices-report-says/

[polonus]

Just after the monster patch cycle another gaping java hole detected by Gowdiak:
http://archives.neohapsis.com/archives/fulldisclosure/2013-04/0282.html
http://www.security-explorations.com/en/SE-2012-01-status.html  (nr. 61 there)

polonus

[REDACTED]

Trojan coders continue to attack on Russia and CIS countries

http://translate.google.ru/translate?sl=ru&tl=en&js=n&prev=_t&hl=ru&ie=UTF-8&eotf=1&u=http%3A%2F%2Fnews.drweb.com%2Fshow%2F%3Fi%3D3475%26lng%3Dru%26c%3D5&act=url

19.4.2013 - 130419-0
In the base of that number are added many modifications of this exploit.

RTF:CVE-2012-0158-AR [Expl]
Here is caught this record many modifications exploit that distributes Trojan.Encoder.

Thank you so much for your promptness in processing samples Milos
(as Trojans and exploits).

[polonus]

Hi Dimitrij,

Hope the algoritm is soon being made available so protection can be provided as algoritms when known have a certain predictability,

Damian

[Asyn]

Groundhog day for routers
http://www.h-online.com/security/news/item/Groundhog-day-for-routers-1847381.html

[polonus]

How a small twitter message could influence the Dow-Jones:  See: http://en.wikipedia.org/wiki/High-frequency_trading
and http://qz.com/77464/how-the-syrian-electronic-army-hacked-the-ap-and-who-are-these-guys-anyway/  (link article author = Mike Baker)
and combine the info in both articles to know what happens inside racks in pitch-dark concrete bunkers that do high frequency trading...
and suddenly a flash crash like this one...

polonus

[Pondus]

according to Symantec report Opera and IE have the lowest number of vulnerabillities

see charts.  http://www.dinside.no/915410/faerreste-saarbarheter-i-opera

[bob3160]

55% of net users use the same password for most, if not all, websites. When will they learn?
This is something I always stress and sometimes wonder if any one actually listens. 

[SpeedyPC]

55% of net users use the same password for most, if not all, websites. When will they learn?
This is something I always stress and sometimes wonder if any one actually listens. 

I guess a lot of users have never heard of Lastpass add-on tool to their web browser no wonder they're using the same password for most websites what a shame

[Asyn]

WordPress cache plugins enabled remote PHP execution
http://www.h-online.com/security/news/item/WordPress-cache-plugins-enabled-remote-PHP-execution-1848961.html

[!Donovan]

according to Symantec report Opera and IE have the lowest number of vulnerabillities

see charts.  http://www.dinside.no/915410/faerreste-saarbarheter-i-opera

Not that many people use Opera on a regular basis. We should look for vulnerabilities in more common browsers, n'est-ce pas?

[Pondus]

according to Symantec report Opera and IE have the lowest number of vulnerabillities

see charts.  http://www.dinside.no/915410/faerreste-saarbarheter-i-opera

Not that many people use Opera on a regular basis. We should look for vulnerabilities in more common browsers, n'est-ce pas?

Well there are a few that use IE