VIDEO: Unfiltered Endpoint Data – Building Better Detection

BUILDING BETTER DETECTION In our previous post, Carbon Black’s Founder and CTO Mike Viscuso talked about how we can tilt the advantage back to the defenders with a “surveillance camera” for endpoints. By collecting endpoint activity and continuously storing it in a centralized location — without...

Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (APSB18-02) - Windows

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat Reader DC (Continuous Track) Multiple Vulnerabilities (APSB18-02) - Windows

Adobe Acrobat Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat Reader DC (Continuous Track) Multiple Vulnerabilities (APSB18-02) - Mac OS X

Adobe Acrobat Reader DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (APSB18-02) - Mac OS X

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Acrobat Reader DC (Continuous Track) Detection (Mac OS X SSH Login)

Detects the installed version of Adobe Acrobat Reader DC Continuous Track. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Adobe Acrobat Reader DC (Continuous Track) Detection (Windows SMB Login)

Detects the installed version of Adobe Acrobat Reader DC Continuous Track. The script logs in via smb, searches for SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Adobe Acrobat DC (Continuous Track) Detection (Mac OS X SSH Login)

Detects the installed version of Adobe Acrobat DC Continuous Track. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Adobe Acrobat DC (Continuous Track) Detection (Windows SMB Login)

Detects the installed version of Adobe Acrobat DC Continuous Track. The script logs in via smb, searches for SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Image conversion module out-of-bounds memory read vulnerability in multiple Adobe products

Acrobat DC Continuous Track and so on are the United States of America Auduby Adobe products. Acrobat DC Continuous Track is a desktop version of the PDF solution of the continuous update version. Reader DC Continuous Track is a PDF reading tool of the continuous update version. image conversion...

BLEAH - A BLE Scanner For "Smart" Devices Hacking

A BLE scanner for "smart" devices hacking based on the bluepy library, dead easy to use because retarded devices should be dead easy to hack. Explanatory post and screenshots can be found here. How to Install Install bluepy from source: git clone https://github.com/IanHarvey/bluepy.git cd bluepy...

Snapchat: Publicly accessible Continuous Integration Tool

@apfeifer27 found an internal Continuous-Integration instance, which disclosed internal source code and credentials for some of our instances...

Continuous Security and Compliance Monitoring for Global IT Assets

In today’s information security world, all assets everywhere must be detected, visible, protected and compliant -- all the time. It’s no longer enough to rely on “point in time” security and compliance assessments, such as scheduled weekly or monthly scans on handpicked critical servers. “You mus...

CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2018-03332)

CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . A...

CloudBees Jenkins Maven Plugin Man-in-the-Middle Attack Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , the tool is mainly used to monitor the order of repetitive work . Maven Plugin is one of the Maven framework plug-in . A security vulnerability...

Artifex MuJS Denial Of Service

The continuous call between the two functions "jsCcexp" function and "cbinary" allows attackers to cause a denial of service application crash via a crafted js file Exploit Title: DoS caused by the interactive call between two functions Date: 2018-01-16 Exploit Author: Andrea Sindoni -...

Security Strategies for DevOps, APIs, Containers and Microservices

More and more IT professionals see DevSecOps, a practice which integrates security measures earlier in the development process to improve production code quality, as a mainstay for future application development. Much of this stems from the growing trend towards speeding up application developmen...

Continuous Security & Compliance Demo Series

This series shows you how to effectively navigate security risks, new regulations and new technologies in support of a secure and compliant digital transformation. Qualys product managers walk you through the new features of Qualys Cloud Platform and Apps and show you how to get maximum leverage...

“Ready Player One” – Are you Ready to Protect Your Endpoints from the Bad Guys?

At times it can feel like a game as you watch the cyber-breach scorecards. Yahoo 3 billion users, Equifax 143 million consumers, Uber 57 million users, Imgur 1.7 million users are just a sample of the companies that have released new information on large breaches in the last few months...

Boost productivity of your DevOps teams and deliver superior digital experiences with Akamai Cloud Delivery Platform - Part 3

In the first and second part of this blog series, we discussed the challenges associated with cloud adoption and how you can leverage Akamai Cloud Delivery Platform, the world's largest and most trusted cloud delivery platform, to achieve the scalability, availability, reliability, security and...