9528 matches found
[SECURITY] Fedora 19 Update: zabbix-2.0.8-3.fc19
Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechan ism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...
[SECURITY] Fedora 18 Update: zabbix-2.0.8-3.fc18
Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechan ism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...
[SECURITY] Fedora 19 Update: zabbix-2.0.8-3.fc19
Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechan ism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...
[SECURITY] Fedora 20 Update: zabbix-2.0.8-3.fc20
Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechan ism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...
Google to Pay Rewards For Patches to Open Source Projects
Google, one of the first companies to offer a significant bug bounty program, is extending its rewards to researchers and developers who contribute patches to a variety of open source projects and have an effect on the security of the project. The new rewards will range from $500 to $3,133.70, an...
4th Cybersecurity Framework Workshop: Good News and Bad News
I had a chance to visit a number of industrial events this year and can see the evolution of cybersecurity in the industrial field. One of these was the 4th National Institute of Standards and Technology’s NIST Cybersecurity Framework Workshop CFW. Kaspersky was in attendance at the previous...
Iranian Hackers infiltrated US Navy computers
The Wall Street Journal reported that Iranian hackers have successfully penetrated unclassified US Navy computers, the allegations were made by US officials that consider the attacks a serious intrusion within the Government network. "The U.S. Officials said the attacks were carried out by hacker...
[SECURITY] Fedora 19 Update: zabbix-2.0.6-3.fc19
Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechan ism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...
Cisco IOS Update Patches Eight Vulnerabilities
Telecommunications company Cisco this week is warning customers and those running their software of eight separate vulnerabilities it has patched in its internetwork operating system IOS infrastructure product. Cisco’s Product Security Incident Response Team PSIRT released the advisories yesterda...
OpenStack: Keystone Token revocation failure using Keystone memcache/KVS backends
The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...
DEBIAN-CVE-2013-4294
The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...
PYSEC-2013-42
The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...
Debian Security Advisory DSA 2443-1 (linux-2.6 - privilege escalation/denial of service)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4307Nageswara R Sastry reported an issue in the ext4 filesystem. Local users...
UK Cryptographers Call For Publication of Deliberately Weakened Protocols, Products
A group of cryptographers in the UK has published a letter that calls on authorities in that country and the United States to conduct an investigation to determine which security products, protocols and standards have been deliberately weakened by the countries’ intelligence services. The letter,...
Solaris 10 (sparc) : 150400-59 (deprecated)
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. The supported version that is affected is 10. Easily exploitable vulnerability allows unauthenticated attacker with network access via ICMP to compromise Solaris. Successful attacks of this...
Important: Red Hat Security Advisory: Fuse Message Broker 5.5.1 security update
An update for the Apache ActiveMQ component of Fuse Message Broker 5.5.1 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base...
Protecting Critical Infrastructure: Input Data
Kaspersky Lab is always working to develop new technologies for protecting critical computer systems from cybercriminals. In July, I had the opportunity to represent Kaspersky at a symposium sponsored by the National Institute of Standards and Technology NIST, focused on the national Cybersecurit...
Prevent Veeam from locking tape drives
Challenge Veeam periodically rescans the tape drives. This locks the drives and prevents other tape software from writing to them. Cause The refresh rate on the automatic rescan is too frequent if using third party tape backup software. Solution The registry keys below prevent Veeam Backup &...
Poison Ivy RAT Spotted in Three New China Attacks
The Poison Ivy remote access Trojan may be old, but it’s not losing favor with nation states that continue to make it the center piece of targeted attacks. Three groups of hackers, reportedly all with ties to China and possibly related in terms of their funding and training, are currently managin...
Scanning the Internet in 45 Minutes
The Internet is a big thing. Or, more accurately, a big collection of things. Figuring out exactly how many things, and what vulnerabilities those things contain has always been a challenge for researchers, but a new tool released by a group from the University of Michigan that is capable of...