1310 matches found
Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform
Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...
Will Subscribers Pay for Security?
Carriers see security as a vital component of their five-year strategies and expect to increase spending on security in 2018 according to the Telecoms.com Annual Industry Survey 2017. Is security a good business opportunity for Carriers? Turns out investment in security has a good payback based o...
Enterprise Networking Operating System (ENOS) Authentication Bypass in Lenovo and IBM RackSwitch and BladeCenter Products - US
Lenovo Security Advisory: LEN-16095 Potential Impact: An attacker could gain access to the switch management interface, permitting settings changes that could result in exposing traffic passing through the switch, subtle malfunctions in the attached infrastructure, and partial or complete denial ...
Enterprise Networking Operating System (ENOS) Authentication Bypass in Lenovo and IBM RackSwitch and BladeCenter Products - Lenovo Support US
No description provided...
On the Security of Walls
Interesting history of the security of walls: Dún Aonghasa presents early evidence of the same principles of redundant security measures at work in 13th century castles, 17th century star-shaped artillery fortifications, and even "defense in depth" security architecture promoted today by the...
spring-ldap: Authentication with userSearch and STARTTLS allows authentication with arbitrary password
A vulnerability was found in spring-ldap that allows an attacker to authenticate with an arbitrary password. When spring-ldap connected to some LDAP servers, when no additional attributes are bound, when using LDAP BindAuthenticator with...
Micheal McCollough Recognized as 2018 CRN® Channel Chief
This week, Micheal McCollough, Vice President, Global Channels, of Akamai was recognized and named as 2018 Channel Chief by CRN®, a brand of The Channel Company. The executives on this annual list represent top leaders in the IT channel who excel at driving growth and revenue in their organizatio...
Developing an effective cyber strategy
The word strategy has its origins in the Roman Empire and was used to describe the leading of troops in battle. From a military perspective, strategy is a top-level plan designed to achieve one or more high-order goals. A clear strategy is especially important in times of uncertainty as it provid...
Developing an effective cyber strategy
The word strategy has its origins in the Roman Empire and was used to describe the leading of troops in battle. From a military perspective, strategy is a top-level plan designed to achieve one or more high-order goals. A clear strategy is especially important in times of uncertainty as it provid...
Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform
Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...
USB provisioning may be allowed when Intel AMT is disabled - Lenovo Support US
No description provided...
Excerpts from Risk & Response: Defending Financial Institutions with Cb Response
Carbon Black recently published a guide on combating the most advanced threats that financial institutions are facing today using the marketing-leading endpoint detection and response solution, Cb Response. For more information on securing large-scale financial enterprises, including how to...
CVE-2017-18076
In strategy.rb in OmniAuth before 1.3.2, the authenticitytoken value is improperly protected because POST in addition to GET parameters are stored in the session and become available in the environment of the callback phase...
CVE-2017-18076
In strategy.rb in OmniAuth before 1.3.2, the authenticitytoken value is improperly protected because POST in addition to GET parameters are stored in the session and become available in the environment of the callback phase...
Node.js third-party modules: [serve] Directory listing and File access even when they have been set to be ignored.
Module: - Name: serve - Version: latest 6.4.9 - Link: https://www.npmjs.com/package/serve Description: The serve modules allows directory browsing and to serve static files through the browser. The config option ignore can be used to tell the module which file or directory are forbidden and shoul...
Local Privilege Escalation in Realtek Audio Driver - Lenovo Support US
No description provided...
Local Privilege Escalation in Realtek Audio Driver - us
Lenovo Security Advisory: LEN-15759 Potential Impact: Local Privilege Escalation Severity: High Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-3767 Summary Description: A local privilege escalation vulnerability was identified in the Realtek audio driver. An attacker with local privilege...
Cybersecurity and the 2017 US National Security Strategy
Commentaries on the 2017 US national security strategy by Michael Sulmeyer and Ben Buchanan...
Cloud Migration Fundamentals
The advantages offered by a cloud-based environment make it an easy decision for most companies to make. Still, there are numerous critical choices to be made that can transform the complexities of the migration process into a relatively smooth transition—especially regarding application and data...
Excerpts from Preparing for NGAV at Scale: Challenges and Approaches
Carbon Black recently published a guide to help enterprises gauge their readiness in their initial search for next-generation antivirus, or NGAV; this is the first excerpt from that guide, which you can find here. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, help...