Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 476
Fortinet
- Fortinet Receives 6th Consecutive “Recommend” Rating in NSS Labs 2019 NGFW Group Test 17 juillet 2019
Fortinet’s NGFW has earned its sixth consecutive “Recommended” rating from NSS Labs. Learn more about these testing results. - How Partners Can Grow Their Business and Skillsets with NSE 8 Certification 16 juillet 2019
Many companies are turning to service providers to help fill cybersecurity positions. Learn how NSE 8 helps grow partner business by developing the skills necessary to help their customers stay a step ahead of resourceful cyber criminals. - A Deep Dive Into IcedID Malware: Part II – Analysis of the Core IcedID Payload (Parent Process) 16 juillet 2019
Learn more about the core IcedID payload, a banking trojan which performs web injection on browsers and acts as proxy to inspect and manipulate traffic. This is part two of a three part series. - The Hidden Challenge of the Cloud Security Skills Gap 15 juillet 2019
Learn more about the hidden challenges that the cloud security skills gap presents to organizations. - Attack Patterns Uncover Defensive Strategies 12 juillet 2019
Learn more about what Fortinet’s recent Threat Landscape Report uncovered about attack patterns and what it means for the threat landscape. - How Partners Can Lessen Cyber Risk for SMB Customers Offering Digital Experiences 11 juillet 2019
Learn more about how partners can offer SMB customers the tools and expertise they need for digitalization. - Top 3 Reasons Email Security Should Be Top of Mind for Everyone 10 juillet 2019
Learn more about why organizations should keep email security top of mind as they migrate to cloud environments. - LooCipher: Can Encrypted Files Be Recovered From Hell? 10 juillet 2019
Learn more about the LooCipher ransomware file encryption mechanism and take a look at the possibility of decrypting affected files without paying the ransom. - Overcoming Security Challenges Impacting Multi-Cloud Environments 9 juillet 2019
Learn more about seven common cloud security strategies to help address the challenges of inconsistent cloud platforms. - A Deep Dive Into IcedID Malware: Part I – Unpacking, Hooking and Process Injection 9 juillet 2019
Learn more about IcedID, a banking trojan which performs web injection on browsers and acts as proxy to inspect and manipulate traffic. This is part one of a three part series.
Aruba
Erreur: Il y a un erreur avec ce flux.
Cisco
- Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1776) 18 juillet 2019
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as th … - Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1783) 18 juillet 2019
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerabil … - Cisco NX-OS Software Command Injection Vulnerability (CVE-2019-1784) 18 juillet 2019
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI command on the affected device. An attacker could exploit this vulnerability by including malicious input as … - Cisco Secure Boot Hardware Tampering Vulnerability 18 juillet 2019
A vulnerability in the logic that handles access control to one of the hardware components in Cisco’s proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the ar … - Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability 17 juillet 2019
A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. The vulnerability is due to a lack of complete error handling condition for client authentication requests sent to a targeted interface configured for FT. An attack … - Cisco Industrial Network Director Web Services Management Agent Unauthorized Information Disclosure Vulnerability 17 juillet 2019
A vulnerability in the Web Services Management Agent (WSMA) feature of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data using an invalid X.509 certificate. The vulnerability is due to insufficient X.509 certificate validation when establishing a WSMA connection. An attacker could exploit this vulnerability by … - Cisco Small Business SPA500 Series IP Phones Local Command Execution Vulnerability 17 juillet 2019
A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to improper input validation in the device configuration interface. An attacker could exploit this vulnerability by accessing the configuration interface, which may require a password, and then accessing the device’s physi … - Cisco Small Business Series Switches Open Redirect Vulnerability 17 juillet 2019
A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user’s HTTP request and modifying it into a reque … - Cisco Identity Services Engine Cross-Site Scripting Vulnerability 17 juillet 2019
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker co … - Cisco Identity Services Engine Blind SQL Injection Vulnerability 17 juillet 2019
A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements …
Google Online Security Blog