400 matches found
Akamaizing Your Dev & QA Environments
Over the last few months, I've been talking to many development and test teams who deliver their sites and applications through the Akamai Intelligent Platform. One common challenge they face is how to test their Akamai delivery configurations on the Internet against their private development and...
CVE-2017-6160
In F5 BIG-IP AAM and PEM software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.4.1 to 11.5.4, a remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel TMM to restart and temporarily fail to process traffic. This issue is exposed on virtual servers...
Local Application Access With PREFER Keywords
Application will launch within ICA channel even if it's installed locally on VDA itself...
Choosing the right application access solution for a hybrid IT world
This Guest blog was written by Martha Gomez Vazquez, a Senior Research Analyst for IDC's Infrastructure Services research practice focusing on Security Services and Hardware & Software Support and Deployment. The widespread success of security breaches over the past few years has proven beyond a...
RHEL 7 : tomcat (RHSA-2017:1809)
An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
tomcat: security manager bypass via IntrospectHelper utility function
It was discovered that a malicious web application could bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications...
Enterprise Security: EAA Exceeds Compliance Standards
I sat down again with John Payne, Akamai's Chief Architect of Infrastructure and Security, as well as Keith Hillis, Director IT Risk & Security. We spoke about enterprise security compliance, and how Enterprise Application Access EAA exceeds Akamai's requirements and simplifies the process for...
Issues with public store microsoft dynamic application with per app VPN
,Able to launch the application successfully however after entering the url in the application it gives the error "Your server is not available or doesn’t support this application"...
Reducing Infrastructure Cost with new Enterprise Application Access Architecture
In an earlier blog, "Remote Access no longer needs to be Complex and Cumbersome", I wrote about the new game-changing remote access solution available from Akamai called Enterprise Application Access EAA. My thesis was that in our cloud-first, mobile-dominated world, providing access to...
CVE-2017-0639
An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other...
CVE-2017-0650
An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...
CVE-2017-0627
An information disclosure vulnerability in the kernel UVC driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...
Google Android kernel UVC driver information disclosure vulnerability
Androidon Nexus5X, etc. are the United States Google Google and the Open Handheld Alliance OHA jointly developed a set of running in the Nexus5X smartphone and Linux-based open source operating system. kernel UVC Driver one of the kernel USB Video Capture Driver. An information disclosure...
Strengthening Network Access Security with Multi-Factor Authentication
As technology continues to develop, more and more applications become not just convenient, but necessary. It was less than a decade ago that it was inconceivable we would 'need' to carry a consumer device to access the internet in our pockets. Today, it is essential. The same is true with the...
Akamai IT Challenge - 100 apps on EAA in 100 days
About a month or so ago I shared a quick video interview with Joe DeFelice. Joe is a Sr. Director Enterprise Security & Infrastructure Engineering here at Akamai. In the video Joe outlines a few of the major initiatives he and the team are working on, including moving towards eliminating the VPN...
Secure (and Simple) SharePoint Remote Access
SharePoint, Microsoft's 16-year-old flagship file storage and collaboration product, is used by over 200 million worldwide users. Likened to a Swiss Army knife, SharePoint performs so many functions that it has become an integral part of most enterprise IT fabrics. Of course, it is not perfect - ...
UBUNTU-CVE-2017-5648
While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was...
Gynoii Privilege Acquisition Vulnerability
Gynoii is a video monitoring device for babies. A privilege acquisition vulnerability exists in Gynoii. An attacker could use this vulnerability to gain access to a local application...
Remote Access no longer needs to be Complex and Cumbersome
From an IT management perspective, remote access management can be complex. Deployment, administration, testing and compliance is often multifaceted and time consuming, and security is an on-going concern. Granted, I have talked with IT professionals who tell me VPNs - being the primary remote...
Users unable to see the pinned taskbar icons with UPM profile
Users unable to open an application from the pinned taskbar icons...