116 matches found
Citrix Virtual Apps and Desktop - Support for Monitors Including 4K Resolution and Multi-Monitors
Information Citrix Virtual Apps and Desktops 7 f.k.a. XenApp and XenDesktop supports a variety of display configurations across different endpoint devices. The purpose of this knowledge base article is to review product capabilities and support requirements with regards to display resolutions,...
Brava! Enterprise / Server 16.4 Information Disclosure
Vulnerable Application: Brava! Enterprise and Brava! Server Components Affected Versions: Brava! Enterprise and Brava! Server Components have this as the default configuration, from Brava! 7.5 to the latest Brava! 16.4 on Windows. Not Affected Versions: Linux installs do not automatically create...
ON PREM vs. CLOUD.
Security and Other considerations. Part 1 By Johan Nordstrom The only constant in this world is change, and these days it’s coming quicker and faster than ever before, as is evident in the explosive market for cloud services. A recent research and analysis from Cisco showed that the global intern...
First things first: Envisioning your security deployment
This blog post is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 Security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog...
Securing Cloud-Native Applications
A conversation with Randy Bias Last week we were able to sit down with Randy Bias — a cloud pioneer and a technology visionary who currently oversees Juniper Networks cloud strategy. We have asked Randy to share his thoughts on the security of private and public clouds and specifically cloud-nati...
CALDERA - Automated Adversary Emulation System
CALDERA is an automated adversary emulation system that performs post-compromise adversarial behavior within enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge ATT&CK...
Explained: the cloud
Even if you are reading this post because you have no idea what the cloud is, you might be using it more often than you realize. Twitter, LinkedIn, Dropbox, Google Drive, and Microsoft Office 365 are some of the most well-known cloud apps. Let’s start with a definition of the cloud to get a grip ...
Citrix App layering: Recipe for USB Drivers With VMWARE Horizon View 5.X
Overview The purpose is to explain a process for getting USB Hardware related device drivers working in a Unidesk Layer in conjunction with software application that may require peripheral device support. Tested Devices This document utilize these kinds of devices in our testing: Dell USB Laser...
Using standalone Veeam Agent for Microsoft Windows with a Microsoft Failover Cluster
Purpose This article documents limitations and considerations for Veeam Agent for Microsoft Windows when installed in a Microsoft Failover Cluster. Solution Microsoft Failover Clusters are fully supported by Veeam Agent for Microsoft Windows when managed by Veeam Backup & Replication. Veeam Agent...
XSS'OR - Hack with JavaScript
XSS'OR is a free online tool for hacking with JavaScript. It contains three major modules: 1. Encode/Decode The Encode/Decode module, including: front-end encryption and decryption; code compression, decompression, beautification, the implementation of testing; character set conversion, hash...
LastPass: global properties can be modified across isolated worlds, allowing remote code execution
A major part of the LastPass password manager is content scripts, additional privileged javascript that is injected into pages and can change or monitor content. LastPass use content scripts to search webpages for forms, add additional UI elements, and so on. The reason that it's safe to have...
PVS 7.13: XenServer PVS-Accelerator Cache Storage Considerations
Note: This feature is only available in XenServer 7.1 and PVS 7.13 or later. PVS-Accelerator provides two cache modes: Memory only , in the Control Domain Dom0 Memory. When selecting Memory only, the feature will use up to the specified cache size in the Dom0 memory. This option is only available...
Veeam ONE Database Calculator for Virtual Infrastructure and Veeam Backup & Replication Monitoring
New Interactive Calculator An updated interactive calculator is now available to replace the legacy Excel file included with this article. Veeam ONE Calculator Solution Summary This Veeam ONE database sizing calculator will help estimate the database size required to retain one year of historical...
Bejtlich Books Explained
A reader asked me to explain the differences between two of my books. I decided to write a public response. If you visit the TaoSecurity Books page, you will see two different types of books. The first type involves books which list me as author or co-author. The second involves books to which I...
The Ethics and Morality Behind APT Reports
DENVER—Investigations into state-sponsored APT campaigns are much more than black-and-white research into malware, exploits and zero-days. Behind the scenes, these can be geopolitical powder kegs that require moral examinations into the ethics of publishing public reports that could expose tools...
Happy 13th Birthday TaoSecurity Blog
Today, 8 January 2016, is the 13th birthday of TaoSecurity Blog! This is also my 3,000th blog post. I wrote my first post on 8 January 2003 while working as an incident response consultant for Foundstone. Kevin Mandia was my boss. Today I am starting my third year as Chief Security Strategist at...
Vuvuzela - Private Messaging System That Hides Metadata
Vuvuzela is a messaging system that protects the privacy of message contents and message metadata. Users communicating through Vuvuzela do not reveal who they are talking to, even in the presence of powerful nation-state adversaries. Our SOSP 2015 paper explains the system, its threat model,...
Advanced Memory and Storage Considerations for Provisioning Services
As Citrix Provisioning Services has begun to play a greater role in XenApp and XenDesktop implementations, many discussions have been had on proper sizing of Provisioning Services from a network, CPU and storage perspective. However, most recommendations have left out guidelines for proper sizing...
FTC, Experts Push Startups to Think About Security From the Beginning
About a decade ago, many large software makers learned some very difficult lessons about software security and building security into their products from the start. Some are still learning. The FTC and a variety of security experts are hoping that today’s crop of start-ups will not have to go...
SAP encryption algorithm vulnerability can lead to remote code execution or denial of service-vulnerability warning-the black bar safety net
Now, there is a widely used Protocol appeared unexpected vulnerability, SAP encryption algorithm of the data compression software can lead to remote code execution vulnerability and denial of service vulnerabilities. These problems arise because the SAP encryption algorithm of coding uses a popul...