210 matches found
VIDEO: Why We Need to Stop Calling Cybercriminals ‘Hackers’
Editor's Note: This article also appears on Cyberscoop. Carbon Black's National Security Strategist Eric O'Neill talks about what needs to change in the cybersecurity community if things are going to get better in 2018. The post VIDEO: Why We Need to Stop Calling Cybercriminals 'Hackers' appeared...
November 13, 2017 – Morning Cyber Coffee Headlines – “Eric O’ Neill” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! November 13, 2017 - Headlines Carbon Black in the News: Why we need to stop...
#CbChats: Eric O’ Neill Chats About Hacking as Espionage, His Time at the FBI & Ryan Phillippe
Today on CbChats, Carbon Black National Security Strategist Eric O' Neill talks about his time at the FBI, his relationship with "Breach" star Ryan Phillippe and how hacking is just the latest iteration of espionage. https://www.carbonblack.com/wp-content/uploads/2017/11/EONCbchats.mp3 About Eric...
FreeBSD : GitLab -- multiple vulnerabilities (418c172b-b96f-11e7-b627-d43d7e971a1b)
GitLab reports : Cross-Site Scripting XSS vulnerability in the Markdown sanitization filter Yasin Soliman via HackerOne reported a Cross-Site Scripting XSS vulnerability in the GitLab markdown sanitization filter. The sanitization filter was not properly stripping invalid characters from URL...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3609)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3609 advisory. - fs/exec.c: account for argv/envp pointers Kees Cook Orabug: 26638900 CVE-2017-1000365 CVE-2017-1000365 - dentry name snapshots Al Viro Orabug:...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3605)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3605 advisory. - dentry name snapshots Al Viro Orabug: 26630936 CVE-2017-7533 - KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings David...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-94.5.9 - dentry name snapshots Al Viro Orabug: 26630936 CVE-2017-7533 4.1.12-94.5.8 - scsi: libiscsi: use kvzalloc for iscsipoolinit Kyle Fortin Orabug: 26621191 - mm: introduce kvmzalloc helpers Kyle Fortin Orabug: 26621191 - KEYS: Disallow keyrings beginning with '.' to be...
RedHat Update for X.org X11 libraries RHSA-2017:1865-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Getting started in sales: Q&A with Eric Erston
Today we're excited to introduce a key leader in Rapid7s sales organization: Eric Erston is Rapid7's senior vice president of sales for the Americas region. He has extensive experience in a variety of sales roles, including leading go-to-market functions for mergers and acquisitions. Prior to...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...
Kodi 17.0 Local File Inclusion Exploit
Usage Info msf use auxiliary/scanner/http/koditraversal msf auxiliarykoditraversal show actions ...actions... msf auxiliarykoditraversal set ACTION msf auxiliarykoditraversal show options ...show and set options... msf auxiliarykoditraversal run This module requires Metasploit:...
RHEL 7 : firefox (RHSA-2017:0461)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2017:0461 advisory. Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.0 ESR. Security Fixes: Multiple flaws were found i...
Critical: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
X.org Privilege Escalation / Use-After-Free / Weak Entropy Vulnerabilities
Exploit for windows platform in category local exploits Multiple Vulnerabilities in X.org ================================= Overview -------- Vendor: X.org/Freedesktop.org Vendor URL: https://www.x.org/wiki/ Credit: X41 D-Sec GmbH, Eric Sesterhenn Advisory-URL:...
Kodi 17.0 Local File Inclusion Vulnerability
This module exploits a directory traversal flaw found in Kodi before 17.1. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kodi 17.0 Local File Inclusion Vulnerability', 'Description' = %q This...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3509)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3509 advisory. - net: avoid signed overflows for SOSND|RCVBUFFORCE Eric Dumazet Orabug: 25203623 CVE-2016-9793 - tcp: fix use after free in tcpxmitretransmitqueue...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3596)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3596 advisory. - KEYS: potential uninitialized variable Dan Carpenter Orabug: 24402831 CVE-2016-4470 - vfs: add vfsselectinode helper Miklos Szeredi Orabug:...
Important: Red Hat Security Advisory: CFME 5.6.1 security, bug fix, and enhancement update
An update for cfme is now available for Red Hat CloudForms 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Davolink DV-2051 - Multiple Vulnerabilities
=================================================================== Title: Unauthenticated admin password change Product: Davolink modem Tested model: DV-2051 Vulnerability Type: Missing Function Level Access Control CWE-306 Risk Level: High Solution Status: No fix available Discovered and...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the Debian GNU/Linux operating system’s Eric package may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...