Fortinet
- 14 avril 2021The Need for Adaptive Cloud Security to Protect All Environments
An adaptive cloud security strategy follows applications and data. Learn how as organizations increase their cloud maturity and expand their networks, there is a need for solutions that can grow and adapt with business requirements. … - 13 avril 2021An Integrated Active Defense Strategy – Deception
Learn how deception can be part of an integrated active defense strategy to level the field against cyber adversaries. … - 12 avril 2021Deep Analysis: New FormBook Variant Delivered in Phishing Campaign – Part I
FortiGuard Labs captured a phishing campaign that was sending a Microsoft PowerPoint document as an email attachment to spread the new variant of the FormBook malware. Learn more. … - 12 avril 2021For Retailers, Cybersecurity and Digital Transformation Must Go Hand in Hand
Explore considerations around retail cybersecurity and learn how retailers can prioritize security efforts alongside digital transformation. … - 9 avril 2021Major Insurer Secures LAN and WAN Edges with Fortinet Secure SD-WAN and SD-Branch
Learn how Fortinet Secure SD-WAN and SD-Branch enabled security and high performance for this insurance company. … - 9 avril 2021The Key Fundamentals for an Effective Security Design
As organizations continue to accelerate their digital innovation initiatives, new network edges are also introduced to their security infrastructure. Learn about the 5 fundamentals for an effective security design. … - 8 avril 2021The Convergence of Networks and Security For Evolving Infrastructures
The convergence of networks and security today require that solutions become holistic, where networking and cybersecurity work together as a unified system. Learn more. … - 7 avril 2021Radio Access Network (RAN) Security for 4G and 5G Explained
Learn how LTE and 5G Radio Access Network (RAN) technologies will address new market segments and enable industry transformation and innovation, with 5G serving as the foundations for delivering various capabilities. … - 6 avril 2021Adaptive Cloud Security for OT and Industrial Control Systems
Like many infrastructure expansions, the benefits of leveraging OT as part of an adaptive cloud security migration strategy outweigh the risks, but organizations must implement a robust security strategy to mitigate potential risks. Learn more. … - 5 avril 2021Fortinet Adaptive Cloud Security Extends Cloud-native Security and Visibility to Protect Containers
Fortinet announced a new cloud native container and Kubernetes security solution, FortiCWP Container Guardian. Learn more. …
Aruba
- 9 mars 2021SAD DNS side channel attack
A vulnerability made public under the name SAD DNS affects Domain Name System resolvers due to a vulnerability in the Linux kernel when handling ICMP packets. This vulnerability is present in some Aruba products which are listed below. For more information please see https://www.saddns.net/.The post SAD DNS side channel attack first appeared on Aruba. … - 9 mars 2021Aruba Instant (IAP) Multiple Vulnerabilities
Aruba has released patches for Aruba Instant that address multiple security vulnerabilities.
The post Aruba Instant (IAP) Multiple Vulnerabilities first appeared on Aruba.
- 23 février 2021Multiple Vulnerabilities in dnsmasq
Seven new vulnerabilities were reported in the open-source component dnsmasq. This collection of vulnerabilities has been made public under the name DNSpooq.The post Multiple Vulnerabilities in dnsmasq first appeared on Aruba. … - 23 février 2021AirWave Management Platform Multiple Vulnerabilities
Aruba has released updates to the AirWave Management Platform that address multiple security vulnerabilities.The post AirWave Management Platform Multiple Vulnerabilities first appeared on Aruba. … - 16 février 2021ClearPass Policy Manager Multiple Vulnerabilities
Aruba has released updates to ClearPass Policy Manager that address multiple security vulnerabilities.
The post ClearPass Policy Manager Multiple Vulnerabilities first appeared on Aruba.
- 5 février 2021HPE and Aruba L2/L3 Switches, Remote Memory Corruption
A potential security vulnerability has been identified in certain HPE and Aruba L2/L3 switches. The vulnerability could be remotely exploited to cause memory corruption.The post HPE and Aruba L2/L3 Switches, Remote Memory Corruption first appeared on Aruba. … - 5 février 2021HPE and Aruba L2/L3 Switches, Local Denial of Service (DoS)
A security vulnerability has been identified in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch’s management interface has been identified. The data processing error could be exploited to cause a crash or reboot in the switch management interface and/or possibly the switch itse … - 12 janvier 2021AirWave Glass Multiple Vulnerabilities
Aruba has released updates to Airwave Glass that address multiple security vulnerabilities.
The post AirWave Glass Multiple Vulnerabilities first appeared on Aruba.
- 8 décembre 2020ArubaOS Multiple Vulnerabilities
Aruba has released patches for ArubaOS that address multiple security vulnerabilities.
The post ArubaOS Multiple Vulnerabilities first appeared on Aruba.
- 20 octobre 2020AirWave Glass Multiple Vulnerabilities
Aruba has released updates to Airwave Glass that address multiple security vulnerabilities.
The post AirWave Glass Multiple Vulnerabilities first appeared on Aruba.
Cisco
- 15 avril 2021Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021
On March 25, 2021, the OpenSSL Project released a security advisory, OpenSSL Security Advisory [25 March 2021], that disclosed two vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to use a valid non-certificate authority (CA) certificate to act as a CA and sign a certificate for an arbitrary organization, user or device, or to cause a denial of service (DoS) condition … - 14 avril 2021Cisco AnyConnect Secure Mobility Client Denial of Service Vulnerability
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the device. The vulnerability is due to insufficient validation of user-supplied input. An … - 14 avril 2021Cisco IOS and IOS XE Software Privilege Escalation Vulnerability
A vulnerability in the dragonite debugger of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by bypassing the consent token mechan … - 12 avril 2021Cisco Content Security Management Appliance Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is being included in HTTP requests that are exchanged between the user and the device. An attacke … - 7 avril 2021Cisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking Vulnerability
A vulnerability in the dynamic link library (DLL) loading mechanism in Cisco Advanced Malware Protection (AMP) for Endpoints Windows Connector, ClamAV for Windows, and Immunet could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected Windows system. To exploit this vulnerability, the attacker would need valid credentials on the system. The vulnerability is … - 7 avril 2021Cisco IOS XR Software Command Injection Vulnerability
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges on the underlying Linux operating system (OS) of an affected device. This vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticat … - 7 avril 2021Cisco Webex Meetings for Android Avatar Modification Vulnerability
A vulnerability in Cisco Webex Meetings for Android could allow an authenticated, remote attacker to modify the avatar of another user. This vulnerability is due to improper authorization checks. An attacker could exploit this vulnerability by sending a crafted request to the Cisco Webex Meetings client of a targeted user of a meeting in which they are both participants. A successful exp … - 7 avril 2021Cisco Webex Meetings HTML Injection Vulnerability
A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user’s browser. The vulnerability is due to improper checks on parameter values in affected pages. An attacker could exploit this vulnerability by persuading a user to follow a crafted link that is designed to pass HTML code into an affected par … - 7 avril 2021Cisco SD-WAN vManage Software Vulnerabilities
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. … - 7 avril 2021Cisco Umbrella Link and CSV Formula Injection Vulnerabilities
Multiple vulnerabilities in the Admin audit log export feature and Scheduled Reports feature of Cisco Umbrella could allow an authenticated, remote attacker to perform formula and link injection attacks on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. …
Google Online Security Blog