6 matches found
Award-winning Qualys Vulnerability and Compliance Solution now available on IBM zSystems & LinuxONE
Todays modern IBM mainframe is central to hybrid cloud environments, valued by two-thirds of the Fortune 100 as a highly secured platform for running mission-critical workloads. Not surprisingly, according to a recent IBM commissioned study by Celent, it is estimated that 70% of global bank cards...
Critical VMware Carbon Black Bug Allows Auth Bypass
VMware has fixed an uber-severe bug in its Carbon Black App Control AppC management server: A server whose job is to lock down critical systems and servers so they don’t get changed willy-nilly. AppC also ensures that organizations stay in continuous compliance with regulatory mandates. This is a...
Symantec Encryption Management Server < 3.2.0 MP6 - Remote Command Injection Exploit
Symantec Encryption Management Server versions prior to 3.2.0 MP6 suffers from a remote command injection vulnerability. Title: Symantec Encryption Management Server - Remote Command Injection Vendor: Symantec Affected Product: Symantec Encryption Gateway Affected Versions: 3.2.0 MP6 Product...
Symantec Encryption Management Server < 3.2.0 MP6 - Remote Command Injection
Vantage Point Security Advisory 2014-007 ======================================== Title: Symantec Encryption Management Server - Remote Command Injection ID: VP-2014-007 Vendor: Symantec Affected Product: Symantec Encryption Gateway Affected Versions: 3.2.0 MP6 Product Website:...
A CISO's Guide To Application Security – Part 4: Weighing AppSec Technology Options
This post is the fourth in a 5-part series on Application Security, or “AppSec”. The series will define the components of a sound AppSec program, delineate the growing threats to software, weigh the costs of a data breach, and outline the CISO’s responsibility in managing software security risk...
Do You Know What Your Database Users Are Doing?
In our last column, we focused on privilege escalation attacks, and the impact that this category of SQL injection attacks can have on the database – particularly where specific database vulnerabilities exist, and can be exploited through the manipulation of privileges. Let’s look more deeply at...