Vulnerabilities & Patche
Siemens SCADA vulnerabilities, the complete story, patch available next month 
New Zero-Day Critical Vulnerability in Windows 7 64 bit 
Firefox 9 released, fixing several vulnerabilities  
Memory Corruption Vulnerability in Kaspersky 2011/2012 Products 
FreeBSD patches 5 vulnerabilities, including critical remotely exploited telnet vulnerability, actively exploited in the wild  
HP LaserJet Firmware Update Now Available 
Multiple WatchGuard Log and Report Manager Vulnerabilities 
Multiple XSS vulnerabilities in PhpMyadmin  
Cyber Crime & Incidents
Stratfor, a global intelligence company, hacked by Anonymous, 200GB Of Emails, 90K credit cards stolen, and client list released 
Anonymous takes down Egyptian Websites 
Oracle Solaris 11 Kernel Source-Code Leaked 
Romanian hacker managed to steel $3 million from 800K credit cards by hacking POS systems in small retailers including Subway restaurants 
Russian Hackers Crash Site Promoting Putin's Election Web Cameras 
China Software Developer Network (CSDN) 6 Million user data Leaked 
Amnesty International‘s UK website hacked, serving malware 
Philippines Ecosystems Research and Development Bureau hacked, database dump posted online 
TRION Worlds, gaming company, hacked, personal information stolen 
OpGodaddy started, Godaddy lost more than 21K domains in few days as a reaction of supporting US SOPA (Stop Online Piracy Act), a complete list of supporters released for boycott and hack  
Using Facebook as a proxy 
Time-Based Blind NoSQL Injection 
Android Trojan Spreads Message of Revolution 
Fortinet 2012 Threat Predections 
No-permission Android App Gives Remote Shell 
Abusing PHP setting to inject malicious code into websites 
Dump Windows password hashes    
post-XSS world 
Bitcoin miner used with SEO Poisoning Campaign  
A look at Scan4You. net: a VirusTotal for criminals 
he Online Currency Wars are coming 
Password Security Scanner, scans the passwords stored by popular Windows applications (Outlook, IE, Firefox, etc..) and displays security information about all these passwords 
Data Breach Risk Calculator 
MySQLPasswordAuditor, Free MySQL Audit/Password Recovery & Cracking Tool 
Xplico, Network Forensics Tool, extract application data from network traffic 
TestSecure, Open Source Secure SMS Application for Android  
pfSense, open source customized FreeBSD tailored for use as a firewall and router 
Ghost-phisher, GUI suite for phishing and penetration attacks 
List of AJAX Crawling Tools 
Honeymail, email forwarding service that tracks violation of email privacy from 3rd parties 
Protecting Industrial Control Systems, recommendations for Europe and Member States, ENISA 
Cyber Security Aspects in The Maritime Sector, ENISA 
CERT Operational Gaps and Overlaps, ENISA 
Security Suites, Dynamic Protection comparison Report 
Economics of Security, ENISA 
DDOS Basics 
Industrial Automation Security in Fieldbus and Field Device Level 
Computing On Encrypted Databases Without Ever Decrypting Them 
Hardware Involved Software Attacks 
TOR instead of IP 
Books and Magazines
ClubHack Magazine, December issue 
DRI Thrive Magazine 
How To
How To Completely Wipe / Erase Hard Disk Drive 
Visualizing Twitter data using twitter API 
Hunting malware with volatility v2.0 
How To Avoid The Most Common And Dangerous Passwords, Infographic 
Forensics, String Searching and File Carving using srch_strings_wrap 
Q-CERT Weekly Newsletter Service is prepared by Cyber Security Intelligence Team, and it is in BETA version, all concerns , recommendations and complaints are welcomed.The views and opinions expressed in media article are those of the authors and media organizations alone.

Sent to <<Email Address>> — why did I get this?
unsubscribe from this list | update subscription preferences
Q-CERT · Ministry of Transport and Communications, State of Qatar · Q-CERT · Doha · Qatar