Google’s lessons in security: bring together security engineering and incident response

Last week during Google Next conference, we have heard an interesting talk where a google security PM, Andy Chang, explained what Google has learned from preventing, detecting and responding to cyber attacks over the years. Not surprisingly, Google is paying a lot of attention to securing the...

shop.layer-grosshandel.de XSS vulnerability

Vulnerable URL: https://shop.layer-grosshandel.de/eshop.php?action=articlelistgroupid=order==0available=type=searchcategory=volltext=%22%3E%3Csvg%2Fonload%3Dalert%2FOPENBUGBOUNTY%2F%3Esuggestion= Details: Description| Value ---|--- Patched:| Yes, at 27.04.2017 Latest check for patch:| 27.04.2017...

After publishing layer to PVS, the VM keeps rebooting with windows error

After publishinglayer to PVS, VM keeps rebooting with windows error below - SYSTEMTHREADEXCEPTIONNOTHANDLED CVhdMp.sys...

DDoS of Past, Present and Future

The pervasiveness of technology has meant automation of tasks, allowing better productivity, with more time to do more. However, the dark side of technology would be that enterprises and individuals alike are vulnerable to cybercrimes, compromise of identities, loss of data and subject to malicio...

RHEL 6 : Red Hat Gluster Storage 3.2.0 (RHSA-2017:0484)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:0484 advisory. Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies dat...

MGASA-2017-0081 Updated firefox packages fix security vulnerability

Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402,...

Moderate: Red Hat Security Advisory: Red Hat Gluster Storage 3.2.0 security, bug fix, and enhancement update

An update is now available for Red Hat Gluster Storage 3.2 on Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Cisco IOS XE Software L2TP Message Denial of Service Vulnerability

Cisco IOS XE Software is an operating system developed by Cisco in the United States for its network devices. Cisco IOS XE Software's fails to adequately filter L2TP packets. A remote attacker could exploit this vulnerability to submit a special request for a denial of service attack...

Cisco IOS Software Layer 2 Tunneling Protocol Denial of Service Vulnerability (cisco-sa-20170322-l2tp)

A vulnerability in the Layer 2 Tunneling Protocol L2TP parsing function of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and a...

CVE-2017-3857

A vulnerability in the Layer 2 Tunneling Protocol L2TP parsing function of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and Cisco IOS XE 3.1 through 3.18 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation...

Input validation

A vulnerability in the Layer 2 Tunneling Protocol L2TP parsing function of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and Cisco IOS XE 3.1 through 3.18 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation...

USN-3240-1: NVIDIA graphics drivers vulnerability

It was discovered that the NVIDIA graphics drivers contained a flaw in the kernel mode layer. A local attacker could use this issue to cause a denial of service...

USN-3173-2 nvidia-graphics-drivers-375 vulnerability

USN-3173-1 fixed a vulnerability in nvidia-graphics-drivers-304 and nvidia-graphics-drivers-340. This update provides the corresponding update for nvidia-graphics-drivers-375. Original advisory details: It was discovered that the NVIDIA graphics drivers contained a flaw in the kernel mode layer. ...

CVE-2017-3881

A vulnerability in the Cisco Cluster Management Protocol CMP processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes...

Still Getting Served: A Look at Recent Malvertising Campaigns Involving Exploit Kits

Malvertising occurs when an online advertising network knowingly or unknowingly serves up malicious advertisements on a website. Malvertisements are a type of “drive-by” threat that tend to result in users being infected with malware for simply visiting a website. The victims of this threat are...

Problems activating PVS Target Devices configured for KMS licensing

Your PVS Target Devices are configured for KMS licensing, and after activating the first PVS Target device, activation of other PVS Target Devices devices fail. When you look more closely at the Target Devices you find that the devices all share the same CMID. This means that when building the...

Visual Studio crashing desktop after last OS update

When you install Visual Studio 2010 or 2012, Visual Studio also installs the .NET 4 components it needs in the Application layer. If you update the .NET 4 components in the Visual Studio layer and do not also update them in the Operating System layer, there is a mismatch in the .NET files, which...

Managing Printer Deployment Using Layers in the Unidesk Environment

While many brokering and persona management solutions provide mechanisms to manage printer deployment, you might find it easier to use Unidesk layers. Unidesk layers provide a flexible mechanism for managing printer deployments for different groups of users. When you use Unidesk layers to deploy...

Google Chrome 57 Browser Update Patches 'High' Severity Flaws

Google released an updated version of its Chrome browser on Thursday to fix nine high-severity vulnerabilities that if exploited could allow adversaries to take control of targeted systems. As part of the update, Google thanked nearly two dozen bug hunters with bug bounty payments totaling $38,00...

CVE-2017-5872

The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to cause a denial of service network connectivity disruption via a client hello with a...