NSA bought itself an RSA SecureID backdoor

No one is safe.

As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.

Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a “back door” in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products.

You can read more about it at Reuters website.

Zero Day Vulnerability in OpenX Source 2.8.11 and Revive Adserver 3.0.1

The current versions of the popular ad server software OpenX Source (2.8.11) and Revive Adserver (3.0.1) are vulnerable a sql injection attack which allows attackers to gain backend access. The vulnerability is actively being exploited.

Read more about it here.

Onion Terminal – A web browser based UNIX terminal

Ever had the need to access the shell of your server, but found yourself locked out by a corporate firewall that is blocking SSH traffic?

Give a try to Onion Terminal.

Sometimes, DNS tunneling is not a (stable) option, and VPN may also be blocked. Usually HTTP traffic goes out like a breeze.

Needs to be compiled from source, then give the proper executable permissions:

chmod +x oterm-i386

Run it:

./oterm-i386
Profit!