Lucene search
K

1310 matches found

Carbon Black Blog
Carbon Black Blog
added 2018/02/27 7:30 p.m.38 views

Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform

Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...

6.6AI score
Exploits0
Akamai Blog
Akamai Blog
added 2018/02/26 3:2 p.m.47 views

Will Subscribers Pay for Security?

Carriers see security as a vital component of their five-year strategies and expect to increase spending on security in 2018 according to the Telecoms.com Annual Industry Survey 2017. Is security a good business opportunity for Carriers? Turns out investment in security has a good payback based o...

6.6AI score
Exploits0
Lenovo
Lenovo
added 2018/02/22 11:13 a.m.257 views

Enterprise Networking Operating System (ENOS) Authentication Bypass in Lenovo and IBM RackSwitch and BladeCenter Products - US

Lenovo Security Advisory: LEN-16095 Potential Impact: An attacker could gain access to the switch management interface, permitting settings changes that could result in exposing traffic passing through the switch, subtle malfunctions in the attached infrastructure, and partial or complete denial ...

6.2CVSS6.8AI score0.00269EPSS
Exploits0
Lenovo
Lenovo
added 2018/02/22 11:13 a.m.1 views

Enterprise Networking Operating System (ENOS) Authentication Bypass in Lenovo and IBM RackSwitch and BladeCenter Products - Lenovo Support US

No description provided...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/02/19 10:24 p.m.47 views

On the Security of Walls

Interesting history of the security of walls: Dún Aonghasa presents early evidence of the same principles of redundant security measures at work in 13th century castles, 17th century star-shaped artillery fortifications, and even "defense in depth" security architecture promoted today by the...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2018/02/14 7:29 p.m.5 views

spring-ldap: Authentication with userSearch and STARTTLS allows authentication with arbitrary password

A vulnerability was found in spring-ldap that allows an attacker to authenticate with an arbitrary password. When spring-ldap connected to some LDAP servers, when no additional attributes are bound, when using LDAP BindAuthenticator with...

8.1CVSS7.4AI score0.02606EPSS
Exploits0References4
Akamai Blog
Akamai Blog
added 2018/02/13 4:37 p.m.14 views

Micheal McCollough Recognized as 2018 CRN® Channel Chief

This week, Micheal McCollough, Vice President, Global Channels, of Akamai was recognized and named as 2018 Channel Chief by CRN®, a brand of The Channel Company. The executives on this annual list represent top leaders in the IT channel who excel at driving growth and revenue in their organizatio...

6.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2018/02/07 5:0 p.m.17 views

Developing an effective cyber strategy

The word strategy has its origins in the Roman Empire and was used to describe the leading of troops in battle. From a military perspective, strategy is a top-level plan designed to achieve one or more high-order goals. A clear strategy is especially important in times of uncertainty as it provid...

7.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2018/02/07 5:0 p.m.14 views

Developing an effective cyber strategy

The word strategy has its origins in the Roman Empire and was used to describe the leading of troops in battle. From a military perspective, strategy is a top-level plan designed to achieve one or more high-order goals. A clear strategy is especially important in times of uncertainty as it provid...

7.5AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/02/06 7:30 p.m.21 views

Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform

Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...

7AI score
Exploits0
Lenovo
Lenovo
added 2018/02/04 12:0 a.m.15 views

USB provisioning may be allowed when Intel AMT is disabled - Lenovo Support US

No description provided...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/02/01 7:56 p.m.42 views

Excerpts from Risk & Response: Defending Financial Institutions with Cb Response

Carbon Black recently published a guide on combating the most advanced threats that financial institutions are facing today using the marketing-leading endpoint detection and response solution, Cb Response. For more information on securing large-scale financial enterprises, including how to...

6.6AI score
Exploits0
NVD
NVD
added 2018/01/26 7:29 p.m.19 views

CVE-2017-18076

In strategy.rb in OmniAuth before 1.3.2, the authenticitytoken value is improperly protected because POST in addition to GET parameters are stored in the session and become available in the environment of the callback phase...

7.5CVSS7.4AI score0.02143EPSS
Exploits0References4
OSV
OSV
added 2018/01/26 7:29 p.m.22 views

CVE-2017-18076

In strategy.rb in OmniAuth before 1.3.2, the authenticitytoken value is improperly protected because POST in addition to GET parameters are stored in the session and become available in the environment of the callback phase...

7.5CVSS7.7AI score
Exploits0References4
Hacker One
Hacker One
added 2018/01/24 7:2 p.m.35 views

Node.js third-party modules: [serve] Directory listing and File access even when they have been set to be ignored.

Module: - Name: serve - Version: latest 6.4.9 - Link: https://www.npmjs.com/package/serve Description: The serve modules allows directory browsing and to serve static files through the browser. The config option ignore can be used to tell the module which file or directory are forbidden and shoul...

5CVSS5AI score0.01316EPSS
Exploits1
Lenovo
Lenovo
added 2018/01/15 12:0 a.m.17 views

Local Privilege Escalation in Realtek Audio Driver - Lenovo Support US

No description provided...

7.8AI score
Exploits0
Lenovo
Lenovo
added 2018/01/15 12:0 a.m.152 views

Local Privilege Escalation in Realtek Audio Driver - us

Lenovo Security Advisory: LEN-15759 Potential Impact: Local Privilege Escalation Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-3767 Summary Description: A local privilege escalation vulnerability was identified in the Realtek audio driver. An attacker with local privilege...

7.2CVSS7.7AI score0.00431EPSS
Exploits0
Schneier on Security
Schneier on Security
added 2018/01/10 1:27 p.m.31 views

Cybersecurity and the 2017 US National Security Strategy

Commentaries on the 2017 US national security strategy by Michael Sulmeyer and Ben Buchanan...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/01/09 4:30 p.m.43 views

Cloud Migration Fundamentals

The advantages offered by a cloud-based environment make it an easy decision for most companies to make. Still, there are numerous critical choices to be made that can transform the complexities of the migration process into a relatively smooth transition—especially regarding application and data...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/12/28 4:0 p.m.59 views

Excerpts from Preparing for NGAV at Scale: Challenges and Approaches

Carbon Black recently published a guide to help enterprises gauge their readiness in their initial search for next-generation antivirus, or NGAV; this is the first excerpt from that guide, which you can find here. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, help...

6.9AI score
Exploits0
Rows per page
Query Builder