Fortinet
- 26 octobre 2021Rickard Sellstedt, an NSE 8 Network and Security Engineer
Today’s evolving cyber threat landscape calls for more resources and more people with diverse skills to stay ahead of cyber adversaries and keep attacks at bay. Learn about the journey to achieving NSE Level 8 certification with a network and security engineer. … - 25 octobre 2021Global Cyber Threat Intelligence Partnerships: An Opportunity to Work Together
FortiGuard Labs mission is to provide Fortinet customers with the industry’s best threat intelligence to protect them from malicious activity and sophisticated cyberattacks. Learn how Fortinet is creating partnerships to combat cyber threat intelligence. … - 25 octobre 2021Secure SD-WAN Improves Network Protection in Fuel Distribution System
A petroleum distribution business developed innovative ideas for increasing customer loyalty, but it needed to upgrade its technology infrastructure to bring those concepts to life. Learn how Secure SD-WAN improves network protection in a fuel distribution system. … - 22 octobre 2021Addressing the Need for a New Security Platform
A security platform approach is necessary to weave all critical security functionality into a unified solution protecting the entire network. Learn more. … - 21 octobre 2021Recent Attack Uses Vulnerability on Confluence Server
FortiGuard Labs analyzes attack payloads leveraging the Atlassian Confluence Server vulnerability, deep dives into the attack and provides IOCs to help determine if a network was affected by CVE-2021-26084. Read more. … - 21 octobre 2021Connected Technology & Expanding Surface Threats in the Pharmaceutical Industry
Increasingly connected Operational Technology (OT) within pharmaceutical organizations presents challenges, both in the extended attack surface and the diversity of elements it encompasses. Learn more. … - 19 octobre 2021Fight Fire with Fire: Proactive Cybersecurity Strategies for Today’s Leaders
With today’s expanding attack surface and growing cyber skills gap, cybersecurity leaders need actionable best practices from seasoned peers more than ever. Learn more about the book: « Fight Fire with Fire: Proactive Cybersecurity Strategies for Today’s Leaders. » … - 18 octobre 2021Jeff Robbins, an NSE 8, Talks How to Cultivate the New Generation of Cyber Professionals
Fortinet is working to cultivate and train a new generation of cyber professionals to help close the cybersecurity skills gap. Read an interview with a professional who is NSE 8 Level certified and how it has helped both business and career. … - 18 octobre 2021The Impact of Complexity on Organizations Over Time—and How SMBs Can Prevent It
Fortinet surveyed IT decision makers from organizations of sizes from 150 – 1500 employees to uncover general issues all SMBs face when securing their networks and critical trends that develop as organizations grow. Learn more. … - 15 octobre 2021Establishing the Critical Value of Secure SD-WAN
Many organizations have been forced to move away from performance-inhibited WANs and instead adopt software-defined WAN (SD-WAN) architectures. Learn how two establish the critical value of Secure SD-WAN. …
Aruba
- 12 octobre 2021ClearPass Policy Manager Multiple Vulnerabilities
Aruba has released updates to ClearPass Policy Manager that address multiple security vulnerabilities.
The post ClearPass Policy Manager Multiple Vulnerabilities first appeared on Aruba. - 5 octobre 2021Aruba Instant (IAP) Multiple Vulnerabilities
Aruba has released patches for Aruba Instant that address multiple security vulnerabilities.
The post Aruba Instant (IAP) Multiple Vulnerabilities first appeared on Aruba. - 31 août 2021ArubaOS Multiple Vulnerabilities
Aruba has released patches for ArubaOS that address multiple security vulnerabilities.
The post ArubaOS Multiple Vulnerabilities first appeared on Aruba. - 17 août 2021AirWave Management Platform Multiple Vulnerabilities
Aruba has released updates to the AirWave Management Platform that address multiple security vulnerabilities.
The post AirWave Management Platform Multiple Vulnerabilities first appeared on Aruba. - 3 août 2021Sudo Privilege Escalation Vulnerability in Analytics and Location Engine (ALE)
Aruba has released updates to Analytics and Location Engine (ALE) that address a security vulnerability in the sudo utility.The post Sudo Privilege Escalation Vulnerability in Analytics and Location Engine (ALE) first appeared on Aruba. … - 13 juillet 2021AOS-CX Devices Multiple Vulnerabilities
Aruba has released updates for wired switch products running AOS-CX that address multiple security vulnerabilities.
The post AOS-CX Devices Multiple Vulnerabilities first appeared on Aruba. - 29 juin 2021ClearPass Policy Manager Multiple Vulnerabilities
Aruba has released updates to ClearPass Policy Manager that address multiple security vulnerabilities.
The post ClearPass Policy Manager Multiple Vulnerabilities first appeared on Aruba. - 11 mai 2021802.11 Frame Aggregation and Fragmentation Vulnerabilities
Twelve new vulnerabilities related to different components in the implementation of the 802.11 standard have been published. Successful exploitation of each one of these vulnerabilities can result in sensitive data disclosure and possibly traffic manipulation.The post 802.11 Frame Aggregation and Fragmentation Vulnerabilities first appeared on Aruba. … - 20 avril 2021AirWave Management Platform Multiple Vulnerabilities
Aruba has released updates to the AirWave Management Platform that address multiple security vulnerabilities.
The post AirWave Management Platform Multiple Vulnerabilities first appeared on Aruba. - 20 avril 2021ClearPass Policy Manager Multiple Vulnerabilities
Aruba has released updates to ClearPass Policy Manager that address multiple security vulnerabilities.
The post ClearPass Policy Manager Multiple Vulnerabilities first appeared on Aruba.
Cisco
- 22 octobre 2021Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that addre … - 22 octobre 2021Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability
A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establi … - 20 octobre 2021Cisco Integrated Management Controller GUI Denial of Service Vulnerability
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart. The vulnerability is due to insufficient input validation on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP … - 20 octobre 2021Cisco Webex Software Application Authorization Bypass Vulnerability
A vulnerability in the application integration feature of Cisco Webex Software could allow an unauthenticated, remote attacker to authorize an external application to integrate with and access a user’s account without that user’s express consent. This vulnerability is due to improper validation of cross-site request forgery (CSRF) tokens. An attacker could exploit this vulnerability by convin … - 20 octobre 2021Cisco TelePresence Management Suite Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malic … - 20 octobre 2021Cisco IOS XE SD-WAN Software Command Injection Vulnerability
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could al … - 20 octobre 2021Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerab … - 20 octobre 2021Cisco Meeting Server Call Bridge Denial of Service Vulnerability
A vulnerability in an API of the Call Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper handling of large series of message requests. An attacker could exploit this vulnerability by sending a series of messages to the vulnerable API. A successful exploit could allow the att … - 20 octobre 2021Cisco Tetration Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Tetration could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack on an affected system. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into … - 20 octobre 2021Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are …
Google Online Security Blog