Security Bulletin: IBM MQ termination of a client application causes denial of service (CVE-2017-1235)

Summary Termination during an MQGET call of a client application running on a channel with SHARECNV=1, could cause a SIGSEGV and termination of the channel agent process. Vulnerability Details CVEID: CVE-2017-1235 DESCRIPTION: IBM MQ could allow an authenticated user to cause a premature...

Security Bulletin: Incorrect saved channel status enquiry could cause denial of service for IBM MQ (CVE-2017-1236)

Summary IBM MQ could allow an authenticated user to potentially cause a denial of service by issuing an incorrect saved channel status inquiry. Vulnerability Details CVEID: CVE-2017-1236 DESCRIPTION: IBM MQ could allow an authenticated user to potentially cause a denial of service by saving an...

Security Bulletin: A vulnerability in Java runtime from IBM affects IBM WebSphere MQ and IBM MQ Appliance (CVE-2016-5597)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7 and 8 used by IBM WebSphere MQ and the IBM MQ Appliance. These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details If you run your own Java code using the Java...

Security Bulletin: Vulnerabilities in Mozilla Network Security Services (NSS) affect IBM MQ Appliance (CVE-2016-2834, CVE-2016-5285, CVE-2016-8635)

Summary Security vulnerabilities in Mozilla Network Security Services NSS affect IBM MQ Appliance. IBM MQ Appliance has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2834 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, could allow a remote...

Gain Visibility and Continuous Security Across All Your Public Clouds

As organizations increase their use of public cloud platforms, they encounter cloud-specific security and compliance threats, which can be challenging to address without the right tools and processes. Organizations’ cloud security difficulties lie in two main areas: Lack of visibility into their...

Continuous Monitoring in the Cloud

I recently spoke at the Cloud Security Alliances Federal Summit on the topic "Continuous Monitoring / Continuous Diagnostics and Mitigation CDM Concepts in the Cloud." As government has moved and will continue to move to the cloud, it is becoming increasingly important to ensure continuous...

Want better apps? You need a (agile security) hero!

If weve learned anything from the rise of Marvel Cinematic Universe, its that good things tend to happen when heroes intervene. For securing new applications, this metaphor is a useful one because security isnt always top-of-mind for scrum teams, nor is it always conducive to meeting aggressive...

CVE-2018-10798

CVE-2018-10798 affects Brave

What’s New in Wallarm

New features in Wallarm Cloud Dashboard At Wallarm, we subscribe to the continuous delivery methodology. Some of you may have already seen these features as we have been releasing them over the past weeks. For those of you who haven’t, this post will point out all the new shiny improvements for...

The Eighth Question Today’s CEOs Should Ask (& Know the Answer To)

In a previous blog, we discussed Commander’s Intent for CEOs and introduced 10 questions CEOs should be asking their teams. In this blog series, I am going to take a deeper dive into each question and break them down one at a time. We will discuss why CEOs should care about each question and the...

Adobe Acrobat DC (Continuous Track) Security Updates (APSB17-11) - Windows

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Reader DC (Continuous Track) Security Updates (APSB17-11) - Mac OS X

Adobe Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Reader DC (Continuous Track) Security Updates (APSB17-11) - Windows

Adobe Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat DC (Continuous Track) Security Updates (APSB17-24) - Windows

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat Reader DC (Continuous Track) Security Updates (APSB17-24) - Windows

Adobe Acrobat Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat Reader DC (Continuous Track) Security Updates (APSB17-24) - Mac OS X

Adobe Acrobat Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat DC (Continuous Track) Security Updates (APSB17-24) - Mac OS X

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (APSB17-36) - Mac OS X

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (APSB17-36) - Windows

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Tenable University: Nessus Certificate of Proficiency

Yesterday I finished "Nessus Certificate of Proficiency" learning plan at Tenable University and passed the final test. Here I would like to share my impressions. First of all, few words about my motivation. I use Nessus literally every day at work. So, it was fun to check my knowledge. I already...