Tagged: archives

Apache Commons Collections Under Attack 0

Apache Commons Collections Under Attack

Two months ago, a Java zero day vulnerability (CVE-2015-4852) that targeted Apache commons collections library was disclosed. This vulnerability is caused by an error when Java applications, which use Apache commons collections library, deserialize o…

Thumbnail 0

OpenSSL DSA Vulnerability – Daily Security Byte EP. 209

Last week, the OpenSSL team fixed a vulnerability that could allow attackers to get the key used to encrypt your HTTPS or SSL connections. Watch today’s video to learn a bit more about this vulnerability, the update, and how WatchGuard products are affected. (Episode Runtime: 3:17 ) Direct YouTube Link:  https://www.youtube.com/watch?v=I8yBGcTGtqM EPISODE REFERENCES: OpenSSL fixes a serious vulnerability related to DSA  –  Ars Technica Details on OpenSSL key recovery attack  –  Blogspot OpenSSL security advisory for update  –  OpenSSL WatchGuard’s knowledge base article on our exposure [ Requires login ] –  WatchGuard —  Corey Nachreiner, CISSP  ( @SecAdept )

"Fractalizing" Security 0

"Fractalizing" Security

Most people are familiar with fractals, if not by name but by appearance. Wikipedia defines a fractal as “…a natural phenomenon or a mathematical set that exhibits a repeating pattern that displays at every scale.” Perhaps the…