64 matches found
About the security content of Apple TV Software 7.3
About the security content of Apple TV Software 7.3 This document describes the security content of Apple TV Software 7.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
About the security content of tvOS 12.2
About the security content of tvOS 12.2 This document describes the security content of tvOS 12.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
About the security content of iCloud for Windows 7.9
About the security content of iCloud for Windows 7.9 This document describes the security content of iCloud for Windows 7.9. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
About the security content of tvOS 12
About the security content of tvOS 12 This document describes the security content of tvOS 12. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...
Assessing Linux Security Configurations with SCAP Workbench
Recently I had a chance to work with OpenSCAP. It's a set of free and open-source tools for Linux Configuration Assessment and a collection security content in SCAP Security Content Automation Protocol format. In this post I will write about SCAP Workbench. It is a GUI application that can check...
Malicious PowerShell Detection via Machine Learning
Introduction Cyber security vendors and researchers have reported for years how PowerShell is being used by cyber threat actors to install backdoors, execute malicious code, and otherwise achieve their objectives within enterprises. Security is a cat-and-mouse game between adversaries, researcher...
About the security content of Safari 11.1
About the security content of Safari 11.1 This document describes the security content of Safari 11.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
About the security content of iOS 11.1.1
About the security content of iOS 11.1.1 This document describes the security content of iOS 11.1.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
New National Vulnerability Database visualizations and feeds
Recently, the National Institute of Standards and Technology NIST introduced a new version of National Vulnerability Database NVD website.  I will not say that I liked this redesign: IMHO, old website with US flag was much prettier and useful: But the very fact that the site is developing, I...
About the security content of Safari 11
About the security content of Safari 11 This document describes the security content of Safari 11. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
About the security content of Xcode 9
About the security content of Xcode 9 This document describes the security content of Xcode 9. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...
Downloading entire Vulners.com database in 5 minutes
Today I once again would like to talk about Vulners.com and why, in my opinion, it is the best vulnerability database that exist nowadays and a real game-changer. The main thing is transparency. Using Vulners you not only can search for security content see "Vulners – Google for hacker", but...
Paragon Initiative Enterprises: Cross-site-Scripting
step: 1: goto https://bridge.cspr.ng/my/account of your account 2. in "Custom Profile field option" check the box and enter xss payload in "display name" field payload: "palert'xss'" 3. update the information 4. open the account in INTERNET EXPLORER 11 and xss will executed note: here server is n...
About the security content of iCloud for Windows 6.1
About the security content of iCloud for Windows 6.1 This document describes the security content of iCloud for Windows 6.1. For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...
About the security content of tvOS 9.2.1
About the security content of tvOS 9.2.1 This document describes the security content of tvOS 9.2.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To...
Through the NVD vulnerability database to see recent vulnerability trends-vulnerability warning-the black bar safety net
2 0 1 6 years has been in the past less than half it's time over the past few years, the vulnerability analysis. The present article will be on the NVD vulnerability database over the last 5 years vulnerability analysis, look at the vulnerability of the development trend is like. Why the choice o...
FireEye MPS JAR analyzer command execution
Added: 12/28/2015 BID: 78809 Background The FireEye Malware Protection System MPS detects and eliminates malware found on file shares, web downloads, and e-mail. Problem A vulnerability in the Java Archive analysis tool could allow command execution when the tool analyzes a specially crafted JAR...
FireEye MPS JAR analyzer command execution
Added: 12/28/2015 BID: 78809 Background The FireEye Malware Protection System MPS detects and eliminates malware found on file shares, web downloads, and e-mail. Problem A vulnerability in the Java Archive analysis tool could allow command execution when the tool analyzes a specially crafted JAR...
FireEye MPS JAR analyzer command execution
Added: 12/28/2015 BID: 78809 Background The FireEye Malware Protection System MPS detects and eliminates malware found on file shares, web downloads, and e-mail. Problem A vulnerability in the Java Archive analysis tool could allow command execution when the tool analyzes a specially crafted JAR...
FireEye MPS JAR analyzer command execution
Added: 12/28/2015 BID: 78809 Background The FireEye Malware Protection System MPS detects and eliminates malware found on file shares, web downloads, and e-mail. Problem A vulnerability in the Java Archive analysis tool could allow command execution when the tool analyzes a specially crafted JAR...