Unsanctioned Apps Invite Fox into Cybersecurity Hen House

Conventional wisdom has shown there’s a short line between a company’s highest point of risk – its employees and a compromise. Unsanctioned, or shadow applications, are apps that haven’t been cleared by a company’s information security team. These apps, on employee machines, have long been a...

PYSEC-2018-88

The mpatchapply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka OVE-20180430-0004...

Read: Our Top Picks for 2018’s Biggest Cybersecurity Stories… So Far

Our threat research team's been burning the candle at both ends this year, what with the sheer number of nasties out there at any given time. But with so many to choose from, how did we populate a list with just seven cybersecurity threats, and why? For one, it'll take the rest of the year to...

Security Bulletin: Vulnerability in Apache Commons FileUpload DiskFileItem File Manipulation affects IBM Platform Symphony, IBM Spectrum Symphony (CVE-2016-1000031)

Summary A security vulnerability relating to remote code execution CVE-2016-1000031 has been reported against Apache Commons FileUpload DiskFileItem File Manipulation, which IBM Platform Symphony uses as a framework for its WEBGUI service. The Commons FileUpload version that is vulnerable to thes...

Security Bulletin: SSLv3 POODLE Attack (CVE-2014-3566)

Summary SSLv3 POODLE Attack CVE-2014-3566 impacts IBM Service Deliver Manager. Vulnerability Details Review the following security bulletins for vulnerability details and information about fixes: Security Bulletin: Vulnerability in SSLv3 affects IBM WebSphere Application Server CVE-2014-3566...

Security Bulletin: Vulnerability in Flexera InstallAnywhere affects Watson Explorer and Watson Content Analytics (CVE-2016-4560)

Summary Some components of this product include a version of Flexera InstallAnywhere that could allow a remote attacker to execute arbitrary code on the system. This vulnerability can be avoided by following the instructions included in this bulletin. Vulnerability Details CVEID: CVE-2016-4560...

Security Bulletin: Apache HttpComponents vulnerable to spoofing attacks are affecting Case Manager Client (CVE-2012-6153, CVE-2014-3577)

Summary Apache HttpComponents that are vulnerable to spoofing attacks are affecting Case Manager Client. Vulnerability Details Apache HttpComponents that are being utilized by the Forms widget in Case Manager Client when you are working with IBM Forms are vulnerable to spoofing attacks. CVEID:...

Security Bulletin: Vulnerabilities in OpenSSL affect Algo Credit Limits (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities along with SSL 3 Fallback protection TLSFALLBACKSCSV were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Algo Credit Limits. Algo Credit Limits has addressed the applicable CVEs and included the SSL 3.0 Fallback protection TLSFALLBACKSCSV...

Qualys Security Conference Virtual 2018. New Agents, Patch Management and Free Services

Today I attended a very interesting online event - Qualys Security Conference Virtual 2018. It consisted of 11 webinars, began at 18:00 and will end at 03:45 Moscow time. Not the most convenient timing for Russia, but it was worth it. Last time I was at offline QSC event in 2016, so for me it was...

New 'Lazy FP State Restore' Vulnerability Found in All Modern Intel CPUs

Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor's speculative execution technology—like Specter and Meltdown—and could potentially be exploited to access sensitive information, including encryption related data. Dubbed Lazy FP State Restore,...

Microsoft Reveals Which Bugs It Won’t Patch

Microsoft has put out initial clarification around which bugs it will rapidly patch, and which ones must wait for a new product release – and which ones it won’t address at all. In a draft document posted online on Tuesday, the software giant laid out the criteria that the Microsoft Security...

Bypass Glitch Allows Malware to Masquerade as Legit Apple Files

Masquerading as an official Apple system file sounds like a wonderful way for malware to worm its way onto Macs – and a recently discovered code-signing bypass flaw allows bad code to do just that. The way some developers have implemented Apple’s official code-signing API can be exploited by...

CVE-2017-1405

CVE-2017-1405 affects IBM Security Identity Manager Virtual Appliance 7.0 (and 7.0.1) due to inadequate verification of origin/integrity when processing patches, image backups and other updates. This could allow tampered updates to be accepted, compromising integrity of the appliance. IBM’s bulle...

Zip Slip Vulnerability

Challenge Veeam is aware of the Zip Slip Vulnerability, which affects jobs with the guest file system indexing option enabled. Zip Slip is an arbitrary file overwrite vulnerability in multiple ZIP decompression algorithm implementations that affects thousands of software products across many...

GDPR Is Here: Manage Vulnerabilities and Prioritize Threat Remediation

To provide the level of data protection required by the EU’s General Data Protection Regulation GDPR, your organization must continuously detect vulnerabilities, and prioritize their remediation. Why? An InfoSec team that’s chronically overwhelmed by its IT environment’s vulnerabilities and unabl...

EUVD-2018-2725

There is an XML External Entity XXE Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3...

Researchers Say More Spectre-Related CPU Flaws On Horizon

After another speculative execution side channel-related flaw has been disclosed in processors, security experts say that more may be on the horizon. Researchers on Monday disclosed Variant 4, a new speculative execution side channel category flaw that allows attackers to read privileged data...

A look into Drupalgeddon’s client-side attacks

Drupal is one of the most popular Content Management Systems CMS, along with WordPress and Joomla. In late March 2018, Drupal was affected by a major remote code execution vulnerability CVE-2018-7600 followed by yet another CVE-2018-7602 almost a month later, both aptly nicknamed Drupalgeddon 2 a...

ProjectPier 0.8.8 SQL Injection / Authentication Bypass / RFI Vulnerabilities

ProjectPier versions 0.8.8 and below suffer from remote file inclusion, authentication bypass, remote shell upload, and remote SQL injection vulnerabilities. "ProjectPier is a Free, Open-Source, PHP application for managing tasks, projects and teams through an intuitive web interface."...

Chili’s Doesn’t Leave Data Breach on the Back Burner

Southwestern/Texas-themed restaurant chain Chili’s has become the latest victim of a data breach involving the heist of point-of-sale information from payment cards — and the alacrity with which it has admitted the incident is notable. Hackers had unauthorized access to payment-card data between...