119 matches found
Why Our Customers Love VMware Carbon Black
As the cybersecurity world advances, organizations are starting to change their approach to security. More and more teams are moving to the cloud to maximize their endpoint protection and simplify their security stack. Using VMWare Carbon Black's Cloud platform, our customers are able to...
CB Customer Spotlight: Q&A with BraunAbility’s Arlie Hartman
BraunAbility is a mobility vehicle company committed to improving access and transportation for the world’s wheelchair community. Driven by a strong corporate culture of doing right by their customers and communities, providing advanced security has become an essential pillar of their mission...
Thinking about the balance between compliance and security
Today, many organizations still struggle to adhere to General Data Protection Regulation GDPR mandates even though this landmark regulation took effect nearly two years ago. A key learning for some: being compliant does not always mean you are secure. Shifting privacy regulations, combined with...
DEBIAN-CVE-2018-16230
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpattrprint MPREACHNLRI...
Life at Akamai: Making Connections
By the numbers, Akamai's scale, reach and ability to help brands connect users to immersive and immediate online experiences while protecting their businesses from threats, is quite impressive. While I'm proud that Akamai connects with billions of devices daily and...
Drive Greater Efficiencies in Reaching a Distributed Audience with One-to-Many Delivery
The Challenge: Achieve Consistent Contribution while Maximizing Audience Reach Audiences are becoming increasingly distributed not only from a geographical perspective, but also in the channels viewers use when consuming live content. Content providers need a solution to efficiently and easily...
Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform
Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...
DEBIAN-CVE-2017-12998
The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isisprintextdipreach...
Chinese Ad Firm Infected 85 Million Android Users to Get More Clicks
An Android-based malware campaign has been found to control as many as 85 million Android devices globally and is making its gang an estimated $300,000 per month in fraudulent ad revenue. A Chinese advertising company called Yingmob is responsible for distributing the malware on a massive scale a...
3: s2i builds implicitly perform docker builds
A flaw was found in OpenShift Enterprise when multi-tenant SDN is enabled and a build is run within a namespace that would normally be isolated from pods in other namespaces. If an s2i build is run in such an environment the container being built can access network resources on pods that should n...
Fantastic News <= 2.1.4 - Multiple Remote File Include Vulnerabilities
No description provided by source. +------------------------------------------------------------------------------------------- + Fantastic News == 2.1.4 CONFIGscriptpath Multiple Remote File Include Vulnerabilities...
Australia's Telstra Wiretapping undersea cables from past 12 years for FBI
According to a secret agreement it signed in 2001 with the FBI and US Department of Justice - Telstra, Australia's largest phone company is storing huge volumes of electronic communications it carried between Asia and the US for potential surveillance by US intelligence agencies. The contract was...
Australia’s Telstra Wiretapping undersea cables from past 12 years for FBI
According to a secret agreement it signed in 2001 with the FBI and US Department of Justice - Telstra, Australia’s largest phone company is storing huge volumes of electronic communications it carried between Asia and the US for potential surveillance by US intelligence agencies. The contract was...
Google Releases Chrome 20 With Fixes for 20 Security Vulnerabilities
Google has released version 20 of its Chrome browser, and has fixed a nice, symmetrical 20 flaws in the browser, including 13 high-risk bugs. Google also paid out $8,000 in rewards to researchers who reported bugs. A large number of the bugs fixed in Chrome 20 are use-after-free vulnerabilities i...
Tracker: SpyEye Not Yet Zeus-Like In Stature
The SpyEye Tracker, a new site that hopes to trace the activity of the budding SpyEye Trojan, went live this week and shows the emerging SpyEye botnet to be global in reach, but still much smaller than the Zeus botnet with which it has merged. SpyEye Tracker has already identified 68 malicious...
Quagga bgpd DoS
bgpd/bgpattr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MPREACHNLRI and MPUNREACHNLRI attributes, which allows remote attackers to cause a denial of service daemon crash or exit via crafted UPDATE messages that trigger an assertion...
CVE-2005-2329
MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S 3.5.0, when using SSH public key authentication, does not properly restrict access to ports, which allows remote authenticated users to access the consoles of other users...
CVE-2005-2329
MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S 3.5.0, when using SSH public key authentication, does not properly restrict access to ports, which allows remote authenticated users to access the consoles of other users...
MRV In-Reach console server: Port Access Control Bypass Vulnerability
Hi, this is another bug I encountered during my research on console servers. Summary: Port Access Control Bypass Vulnerability on MRVs In-Reach console servers. Details: MRV's In-Reach console servers come with feature that enables access to their ports by ssh public keys. As opposed to e.g...