MS13-082 - Critical: Vulnerabilities in .NET Framework Could Allow Remote Code Execution - Version: 1.2

via Microsoft Security Bulletins http://bit.ly/23yug4U

OSVDB: FIN

As of today, a decision has been made to shut down the Open Sourced Vulnerability Database (OSVDB), and will not return. We are not looking for anyone to offer assistance at this point, and it will not be resurrected in its previous form.This was not an easy decision, and several of us struggled for well […]

via OSVDB http://bit.ly/1VO3VgA

WordPress sets up default HTTPS encryption for custom domains

WordPress has turned on HTTPS encryption for every custom domain hosted on WordPress.com. The publishing platform started working with the certificate authority Let's Encrypt to launch a beta rollout of HTTPS earlier this year.

via Latest articles from SC Magazine http://bit.ly/25Vm1lz

Worldpay merchant portal allowed merchants to view customer card data

Worldpay's electronic payment gateway setup pages offer poor security seals on credit card details, according to a security researcher.

via Latest articles from SC Magazine http://bit.ly/1Q3njPC

Malicious Chrome Extension Can Hijack Your Browser

via Hackers Online Club (HOC) http://bit.ly/25Vm1lo

INURLBR – Advanced Search Engine Tool

via Darknet – The Darkside http://bit.ly/1Q3nmer

Le hacking ça peut payer… légalement

Le hacking : « accès et maintien frauduleux dans un système de traitement automatisé de données » va changer. Le 21 janvier 2016, l’Assemblée nationale a adopté, en première lecture, un amendement contenu dans le projet de loi pour une République numérique visant à compléter l’article 323-1 du Code pénal, par un nouvel …

via Lexing Alain Bensoussan http://bit.ly/1MgY81e

OWASP Releases Software Assurance Maturity Model (SAMM) Version 1.1 for Improving Software Security - PR Newswire (press release)

PR Newswire (press release)

OWASP Releases Software Assurance Maturity Model (SAMM) Version 1.1 for Improving Software Security PR Newswire (press release) BEL AIR, Md., March 16, 2016 /PRNewswire/ -- The OWASP Foundation today announced the next release of OWASP SAMM v1.1. The Software Assurance Maturity Model (SAMM) is an open OWASP framework to help organizations formulate and implement ...

via #owasp - Google News http://bit.ly/22eJ4TD

Raising The Stakes For Application Security - Dark Reading

Raising The Stakes For Application Security Dark Reading For example, protection against the OWASP Top 10 is a requirement for PCI DSS compliance. Once security people have “checked this box,” many think it's time to move on to the next problem. This is dangerous thinking, as the bad guys, our online ...

via #owasp - Google News http://bit.ly/1MgY69I

Hardening Wordpress - ISBuzz News

ISBuzz News

Hardening Wordpress ISBuzz News That the CMS WordPress is a common choice in blog platforms everybody knows, but what we see is that this use most of the time is implemented with no security countermeasures (according to the OWASP Top Ten 2013 – The Ten Most Critical Web ...

via #owasp - Google News http://bit.ly/1q8DRk3

OWASP ZAP Receives Global Community Vote As Leading Security Tool - PR Newswire (press release)

OWASP ZAP Receives Global Community Vote As Leading Security Tool PR Newswire (press release) BEL AIR, Md., April 4, 2016 /PRNewswire-USNewswire/ -- OWASP ZAP (Open Web Application Security Project Zed Attack Proxy) has been voted the most preferred open source testing tool for the second time in three years by users and readers of leading ... and more »

via #owasp - Google News http://bit.ly/1MUsdDP

Major Programming Languages Fail to Detect Revoked TLS Certificate - Security Intelligence (blog)

Security Intelligence (blog)

Major Programming Languages Fail to Detect Revoked TLS Certificate Security Intelligence (blog) Sucuri researchers decided to use these new languages and see what would still break by testing TLS. According to the blog, “all programming language implementations fail to check if a certificate is revoked,” which is a recognized OWASP vulnerability.

via #owasp - Google News http://bit.ly/1q8DSo5