252 matches found
Design/Logic Flaw
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete WAD is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and...
CVE-2014-3559
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete WAD is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and...
PT-2014-5395 · Red Hat · Red Hat Enterprise Virtualization
Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Virtualization version 3.4 Description: The issue concerns the oVirt storage backend, which fails to wipe memory snapshots when a virtual machine VM is deleted, even if wipe-after-delete WAD is configured for the VM's disk...
ovirt-engine-backend: memory snapshots not wiped when deleting a VM with wipe-after-delete (WAD) enabled for its disks
It was found that the oVirt storage back end did not wipe memory snapshots when VMs were deleted, even if wipe-after-delete WAD was enabled for the VM's disks. A remote attacker with credentials to create a new VM could use this flaw to potentially access the contents of memory snapshots in an...
Moderate: Red Hat Security Advisory: rhevm security update
Updated rhevm packages that fix one security issue are now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from the CVE link in the...
iPhone Fingerprint scanner hack allows attacker to hijack Apple ID using Flight Mode
A German security firm SRL claims a vulnerability in Touch ID Fingerprint Scanner and iCloud allows a hacker to access a locked device and potentially gain control over an owner's Apple ID. SRL points out that Airplane mode can be enabled on a stolen phone from the lockscreen, which turns off...
iPhone Fingerprint scanner hack allows attacker to hijack Apple ID using Flight Mode
A German security firm SRL claims a vulnerability in Touch ID Fingerprint Scanner and iCloud allows a hacker to access a locked device and potentially gain control over an owner’s Apple ID. SRL points out that Airplane mode can be enabled on a stolen phone from the lockscreen, which turns off...
Android Device Manager allows user to Lock, Wipe and Locate device remotely
If you lose your device, Google lets you secure it instantly from afar through Android Device Manager, that let you locate and remotely wipe your phones and tablets. The latest update to Android Device Manager enables remote password locking, overrides the built-in Pattern, PIN code, Face unlock ...
BYOD Gives Vulnerable Devices Corporate Network Access
Policies allowing employees to bring their own devices to work BYOD have the unintended consequence of increasing the total number of vulnerable devices connecting to corporate networks and accessing corporate data, a report released today by Rapid 7 said. While the general consensus says that BY...
BlackBerry Warns of Z10, PlayBook Security Vulnerabilities
BlackBerry’s security incident response team has issued two advisories warning Z10 smartphone and PlayBook tablet users to upgrade to the latest version of the operating system and software on both platforms. The patches address a remote code-execution vulnerability in the Adobe Flash Player...
Information disclosure
Red Hat Enterprise Virtualization Manager RHEV-M before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via unspecified vectors...
GPS based tracking service provided by Samsung vulnerable to thieves
Samsung which is currently believed to the highest Smartphones Seller in the World is now providing a Remote tracking solution in all its smartphones to Track the lost phone with the name "Samsung Dive". The Service is based on the Architecture which primarily acquires precise location of the sma...
rhev-m: MoveDisk ignores the disk's wipe-after-delete property
Red Hat Enterprise Virtualization Manager RHEV-M before 3.1, when moving disks between storage domains, does not properly wipe-after-delete, which prevents disks from being securely deleted and might allow local users to obtain sensitive information via unspecified vectors...
Samsung Fixes Remote Wipe Flaw in Galaxy S III Smartphones
Smartphone developer Samsung has reportedly fixed a flaw in one of its newest phones, the Galaxy S III, that allows attackers to remotely wipe the phone’s contents. The patch addresses a flaw presented at the Ekoparty Security Conference in Argentina late last week that showed how easy it was to...
Gizmodo gets hacked via Apple tech support
Is your iCloud account secured by a good password? Please Don't rely on the cloud. Here's a terrifying tale of modern hacking. Mat Honan, a reporter at tech site Gizmodo, was playing with his daughter when his phone went dead. Thinking it was a software glitch, he rebooted, and went to log in to...
Symantec Experiment: Half Of Those Who Find Smartphones Don't Return Them
Good Samaritans are few and far between when it comes to lost cell phones, according to the conclusions of a social experiment conducted by security firm Symantec. Smart phones are unlikely to be returned by those who find them, but very likely to be perused for sensitive data including photos,...
Snail mail the data
Another way to avoid having your digital privacy intruded upon is to backup all the data onto an external hard drive, USB drive or SD card making sure the content of your backup is encrypted, of course. You can then ship the data to your destination. With your data copied off the device, you can...
Protecting Your BlackBerry Smartphone with Security Wipe
Protecting Your BlackBerry Smartphone with Security Wipe The BlackBerry device is a wonderful thing. We load our BlackBerries with various softwares and applications to increase our productivity and customize them with interesting themes and ringtones. We watch movies and play games and track day...
Protecting Your BlackBerry Smartphone with Security Wipe
Protecting Your BlackBerry Smartphone with Security Wipe The BlackBerry device is a wonderful thing. We load our BlackBerries with various softwares and applications to increase our productivity and customize them with interesting themes and ringtones. We watch movies and play games and track day...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the web console in Zenprise Device Manager 6.x through 6.1.8 allows remote attackers to hijack the authentication of administrators for requests that wipe mobile devices...