122 matches found
Citrix Gateway Information Disclosure Vulnerability
Citrix Gateway is a customer-managed solution that can be deployed locally or on any public cloud, such as AWS, Azure or Google Cloud Platform. An information disclosure vulnerability exists in Citrix Gateway. An attacker could exploit the vulnerability to expose information via the cache...
Harnessing the power of identity management (IDaaS) in the cloud
Sometimes, consumers have it easy. Take, for example, when they accidentally lock themselves out of their personal email. Their solution? Reset the password. With one click, they're able to change their old, complicated password with a new, more memorable one. Self-service password reset is aweso...
Best practices for adding layered security to Azure security with Check Point’s CloudGuard IaaS
The cloud is changing the way we build and deploy applications. Most enterprises will benefit from the cloud’s many advantages through hybrid, multi, or standalone cloud architectures. A recent report showed that 42 percent of companies have a multi-cloud deployment strategy. The advantages of th...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.1.18 security update
An update for golang-github-openshift-oauth-proxy-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.1.16 security and bug fix update
An update for openshift-enterprise-console-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
From On-Prem to Cloud: The Complete AWS Security Checklist
This complete AWS cloud auditing security checklist outlines what it takes to protect sensitive data center security & intellectual property when securing an organization’s cloud deployment...
Important: Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix and enhancement update
Red Hat OpenShift Container Platform release 3.11.117 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clou...
Top 10 Benefits that Make Upgrading to the PSC a Priority
If you are running either of Carbon Black’s on-premise products CB Response & CB Protection, you are already seeing the benefits of a strong endpoint security solution. With something this effective already in place, why would you need to consider moving to a cloud platform? The answer is twofold...
Forrester Finds Carbon Black’s Predictive Security Cloud to have 261% ROI
Your endpoints are one of the most targeted assets in your organization—in 2017 alone, more than 50% of organizations experienced a data breach of some kind.1 At Carbon Black, we understand this risk, and are committed to providing the best possible endpoint protection. In order to demonstrate...
RHEL 7 : atomic-openshift-utils (RHSA-2016:2778)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:2778 advisory. Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud...
Read: How To Build Resilient Cloud Configuration Shields
Configurable systems have a high level of flexibility and are better adapted to most customer needs, but their management isn’t a trivial task in complex cloud deployments. The configuration management concept isn't new and originated in the United States Department of Defense in the 1950s as a...
Malicious cryptomining and the blacklist conundrum
When Coinhive first came out in September of 2017, it was fairly easy to identify websites using browser miners by looking for a few lines referencing the Coinhive API within the HTML source code. Because this was a new phenomenon, even bad actors didn't have to hide their intentions, and...
2018 Cyberthreat Defense Report: Where IT Security Is Going
What keeps you awake at night? We asked IT security professionals the same question and found that these issues are top of mind: malware and spear phishing, securing mobile devices, employee security awareness and new technologies that detect threats capable of bypassing traditional signature-bas...
CVE-2017-14706
DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web...
SIEM Security Tools: Four Expensive Misconceptions
Why modern SIEM security solutions can save you from data and cost headaches. If you want to reliably detect attacks across your organization, you need to see all of the activity thats happening on your network. More importantly, that activity needs to be filtered and prioritized by risk -- acros...
IBM Kenexa LCMS Premier on Cloud SQL Injection Vulnerability (CNVD-2017-02716)
IBM Kenexa LCMS Premier on Cloud is an adjustable Learning Content Management System LCMS for developing, maintaining, and delivering effective employee training from IBM USA. IBM Kenexa LCMS Premier on Cloud suffers from a SQL injection vulnerability that could allow a remote attacker to view,...
1-click IPSEC VPN in the Cloud: algo
1-click IPSEC VPN in the Cloud Algo short for “Al Gore”, the V ice P resident of N etworks everywhere for inventing the Internet is a set of Ansible scripts that simplifies the setup of an IPSEC VPN. It contains the most secure defaults available, works with common cloud providers, and does not...
Microsoft Expands Bug Bounty Program, Preps Windows Server 2016 for Final Release
Microsoft is accelerating the fumigation of bugs on its soon-to-be released Windows Server 2016 operating system. Last week, Microsoft announced a new bug bounty program running from April 29, through July 29, 2016 – with up to $15,000 in rewards for each qualifying bug. Microsoft’s expansion of...
CVE-2016-2084
F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5....
Moderate: Red Hat Bug Fix Advisory: Red Hat Update Infrastructure 2.1.1 bug fix update
Updated Red Hat Update Infrastructure 2.1.1 packages that fix several bugs are now available. Red Hat Update Infrastructure RHUI is a collection of technologies that offers cloud providers the ability to easily deploy Red Hat solutions into their environments. The rh-rhui-tools package has a seri...