Industrial Cobots Might Be The Next Big IoT Security Mess

Researchers at IOActive have found nearly 50 vulnerabilities in industrial collaborative robots, machines that work side-by-side with people in manufacturing and other settings, that can be abused to possibly cause physical harm to workers, or even configured to spy on their surroundings. The...

Heap Overflow Vulnerability in 360 Antivirus

360 Antivirus is a free cloud-based security antivirus program. 360 Antivirus suffers from a heap overflow vulnerability that can be exploited by an attacker to cause the scanning engine to terminate, resulting in a denial of service, or execute a remote code attack...

Carbon Blacking your sensitive data it’s what the agents normally do

But usually without such consequences. In this situation with Carbon Black, I am most interested in the actual reasons of all this media noise. From what point business as usual becomes a scandal. Ok, when you see Carbon Black customer's private files in public access at Virus Total it's a 100%...

A Leader for Four Consecutive Years in the Gartner Magic Quadrant for WAFs

Gartner has published their 2017 Magic Quadrant for Web Application Firewalls WAF and Imperva has again been named a WAF leader—now for four consecutive years. Attacks remain same, but infrastructure is changing According to 2017 Verizon Data Breach Investigations Report, web app attacks remain t...

Q&A: Conducting Cloud-Based Vendor Risk Audits With Qualys SAQ

Third-party security assessments drastically reduce your organization’s risk of suffering a data breach. When carried out properly, these assessments identify poor InfoSec and privacy practices among your vendors, partners, contractors, and other third parties with access to your IT systems and...

What is the hype around Firewall as a Service?

Admit it. Who would not want their firewall maintenance grunt work to go away? For more than 20 years, companies either managed their edge firewall appliances or had service providers rack-and-stack appliances in their data centers and did it for them. This was called a managed firewall — an...

Microsoft Adding Artificial-Intelligence Based Advanced Antivirus to Windows 10

Microsoft is making every effort to make its Windows operating system more secure and advanced than ever before by beefing up its security practices and hardening it against hackers and cyber attacks in its next release. With the launch of its Windows 10 Creator Update also known as RedStone 3,...

What’s new in Windows Defender ATP Fall Creators Update

When we introduced Windows Defender Advanced Threat Protection Windows Defender ATP, our initial focus was to reduce the time it takes companies to detect, investigate, and respond to advanced attacks. The Windows Fall Creators Update represents a new chapter in our product evolution as we offer ...

Akamai Launches New Solution to Help Enterprise Security Teams Address the Impact of Malware, Ransomware, and DNS-based Data Exfiltration

Today, we are proud to introduce Akamai Enterprise Threat Protector ETP. ETP is designed to provide customers quick-to-deploy and easy-to-manage cloud-based protection against the impact of complex, targeted threats such malware, ransomware, phishing, and DNS‑based data exfiltration. One...

Announcing Malwarebytes Endpoint Protection, a next-generation antivirus replacement for businesses

Six months ago, we announced Malwarebytes 3.0, a next-generation antivirus replacement for home users. Today, I am happy to announce Malwarebytes Endpoint Protection, its equivalent for businesses. Malwarebytes Endpoint Protection includes an easy to deploy, scalable cloud platform that allows yo...

Reducing Infrastructure Cost with new Enterprise Application Access Architecture

In an earlier blog, "Remote Access no longer needs to be Complex and Cumbersome", I wrote about the new game-changing remote access solution available from Akamai called Enterprise Application Access EAA. My thesis was that in our cloud-first, mobile-dominated world, providing access to...

IBM Cognos Business Intelligence Server Predictive Solutions Foundation Information Disclosure Vulnerability

IBM Cognos Business Intelligence Server is a suite of business intelligence and performance management solutions from IBM in the United States. The solution reports, analyzes, monitors, and evaluates business data.Predictive Solutions Foundation formerly known as PMQ is one of the cloud-based ass...

Microsoft ASP.NET Core Spoofing Vulnerability

Microsoft ASP.NET Core is a cross-platform open source framework from Microsoft. The framework is used to build cloud-based applications such as Web One applications, IoT applications, and mobile backends. A spoofing vulnerability exists in Microsoft ASP.NET Core, which stems from the program...

Microsoft Brings Ubuntu, Suse, and Fedora Linux to Windows Store

Microsoft has been expressing its love for Linux and Open Source for almost three years now, and this love is embracing as time passes. Just last year, Microsoft made headlines by building support for the Bash shell and Ubuntu Linux binaries into Windows 10, allowing users to run limited instance...

Hands-On Review: Converged Networking and Security with Cato Networks

Nobody likes to do router and firewall management. It often requires a lot of hard labor just keeping the infrastructure up and running. If you ever had to set up IPsec tunnels between different firewall brands, change a firewall rule and hope nothing breaks, upgrade to the latest software or...

Sabre Corp. Investigating Breach of Reservation System

Travel services company Sabre Corp., acknowledged this week that it’s in the middle of investigating a data breach in its Hospitality Solutions reservation system that may have spilled personally identifiable information and payment card data belonging to its customers. The Texas-based company...

CVE-2017-3889

A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. This vulnerability affects the Cisco Registered Envelope cloud-based service. More Information: CSCvc6012...

Open redirect

A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. This vulnerability affects the Cisco Registered Envelope cloud-based service. More Information: CSCvc6012...

CVE-2017-3889

The CVE-2017-3889 entry describes an Open Redirect in the Cisco Registered Envelope Service web interface (cloud-based). The vulnerability stems from improper input validation in the HTTP request parameters, allowing an unauthenticated, remote attacker to redirect users to a malicious URL. Affect...

CVE-2017-3889

A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. This vulnerability affects the Cisco Registered Envelope cloud-based service. More Information: CSCvc6012...