User-ID API Access

The Palo Alto Networks User-ID agent for Windows implements an API to retrieve the agent’s configuration. This TLS-secured API call returns encrypted credentials to the domain account configured on the User-ID agent, which has read-only rights for Security Event Logs on Domain Controllers. Anyone...

Threat Outbreak Alert RuleID22851: Email Messages Distributing Malicious Software on May 15, 2016

Medium Alert ID: 46193 First Published: 2016 May 16 14:22 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID22851 may contain the following files: Name | Size...

CloudBees Jenkins CI and Jenkins LTS Information Disclosure Vulnerability (CNVD-2016-03159)

CloudBees Jenkins CI formerly known as Hudson Labs is a Java-based continuous integration tool from CloudBees, Inc. It is mainly used to monitor ongoing software releases/testing projects and a number of timed tasks.LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI is a...

How to Use Apple's iMessage on Android Phone

If you wish to send iMessages from your Android smartphone to a friend who owns an iPhone, it's possible now, at least for those who own MacBooks and iMacs. A developer has come up with a smart solution to bring Apple's iPhone messaging platform to Android phones. Though the solution is not...

CVE-2016-2107

It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by...

Is it possible to optimize SSH or SFTP connections?

QUESTION: Is it possible to optimize SSH or SFTP connections? ANSWER: SSH and SFTP are encrypted traffic: SSH one-time encrypted data stream and SFTP goes over the SSH port CloudBridge can only optimize with flow-control-only but won't be able to compress it...

HP Data Protector 7.0x < 7.03 build 108 / 8.1x < 8.15 / 9.0x < 9.06 Multiple Vulnerabilities (HPSBGN03580) (Bar Mitzvah)

The version of HP Data Protector installed on the remote host is 7.0x prior to 7.03 build 108, 8.1x prior to 8.15, or 9.0x prior to 9.06. It is, therefore, affected by the following vulnerabilities : - A security feature bypass vulnerability exists, known as Bar Mitzvah, due to improper combinati...

CVE-2016-2203

The management console on Symantec Messaging Gateway SMG Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges...

CVE-2016-2203

The management console on Symantec Messaging Gateway SMG Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges...

Code injection

The management console on Symantec Messaging Gateway SMG Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges...

CVE-2016-2203

The management console on Symantec Messaging Gateway SMG Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges...

New Downloader for Locky

Through DTI Intelligence analysis, We have been observing Locky malware rise to fame recently. Locky is ransomware that is aggressively distributed via downloaders attached in spam emails, and it may have surpassed the Dridex banking trojan in popularity. In previous campaigns, the ransomware was...

More than 1 million People now access Facebook Over Tor Network

In Brief Facebook has hit another Milestone: More than 1 MILLION people, or you can say privacy conscious, are accessing Facebook over TOR. Facebook proudly announced today that, this month, for the first time, the people connected to the anonymous version of Facebook that's accessible only throu...

NTT Photopt App Man-in-the-Middle Attack Vulnerability

NTT Photopt App is a suite of applications for managing photos from the NTT Nippon Telegraph and Telephone Corporation group in Japan. A security vulnerability exists in NTT Photopt App version 1.0.0 and 1.1.0, which can be exploited by attackers to conduct man-in-the-middle attacks and listen to...

Encrypted Smartphone Network Seized by Dutch Police for Criminal Investigation

On Tuesday, the Dutch Police arrested a 36-year-old man, Danny Manupassa, on suspicion of money laundering and involvement in selling encrypted smartphones to criminals. Manupassa owns a company called Ennetcom, which provides customized Blackberry Phones with the secure PGP-encrypted network...

Researcher releases Free Ransomware Detection Tool for Mac OS X Users

In Brief: Introducing RansomWhere, a free generic ransomware detection tool for Mac OS X users that can identify ransomware-like behavior by continually monitoring the file-system for the creation of encrypted files by suspicious processes. This ransomware detection tool helps to block the...

Advanced Forensics File Format: AFF4

The Advanced Forensics File format 4 was originally designed and published in “Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow” M.I. Cohen, Simson Garfinkel and Bradley Schatz, digital investigation 6 2009...

The LDAP client and server don't enforce integrity protection

Description Samba uses various LDAP client libraries, a builtin one and/or the system ldap libraries typically openldap. As active directory domain controller Samba also provides an LDAP server. Samba takes care of doing SASL GSS-SPNEGO authentication with Kerberos or NTLMSSP for LDAP connections...

[SECURITY] Fedora 23 Update: fuse-encfs-1.8.1-1.fc23

EncFS implements an encrypted filesystem in userspace using FUSE. FUSE provides a Linux kernel module which allows virtual filesystems to be writt en in userspace. EncFS encrypts all data and filenames in the filesystem and passes access through to the underlying filesystem. Similar to CFS except...

[SECURITY] Fedora 22 Update: fuse-encfs-1.8.1-1.fc22

EncFS implements an encrypted filesystem in userspace using FUSE. FUSE provides a Linux kernel module which allows virtual filesystems to be writt en in userspace. EncFS encrypts all data and filenames in the filesystem and passes access through to the underlying filesystem. Similar to CFS except...