Tagged: careers

0

GNU glibc Vulnerability

Original release date: February 17, 2016 GNU glibc contains a buffer overflow vulnerability in the DNS resolver. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Vulnerability Note VU#457759 and the glibc Project Notification for additional details and to refer to their respective Linux or Unix-based OS vendor for an appropriate patch

Oracle Releases Security Updates for Java 0

Oracle Releases Security Updates for Java

Original release date: February 08, 2016 Oracle has released security updates to address a vulnerability in Java SE versions 6, 7, and 8 for Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system

Comodo Chromodo Browsers Vulnerable to Cross-Domain Attacks 0

Comodo Chromodo Browsers Vulnerable to Cross-Domain Attacks

Original release date: February 04, 2016 Some Comodo Chromodo browser versions (45.8.12.392, 45.8.12.391, and possibly earlier) are vulnerable to cross-domain attacks. When a user of a vulnerable Chromodo browser visits a specially crafted web page, an attacker may obtain access to web content from another domain.

Apache Commons Collections Under Attack 0

Apache Commons Collections Under Attack

Two months ago, a Java zero day vulnerability (CVE-2015-4852) that targeted Apache commons collections library was disclosed. This vulnerability is caused by an error when Java applications, which use Apache commons collections library, deserialize o…

SB16-032: Vulnerability Summary for the Week of January 25, 2016 0

SB16-032: Vulnerability Summary for the Week of January 25, 2016

Original release date: February 01, 2016 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT)

Metamorphic Code In Ransomware 0

Metamorphic Code In Ransomware

Ransomware is a category of malware that scrambles your files or lock your computer while asking for ransom.  We have encountered different versions of ransomware, and seen their effects.  We also have seen a different kind of ransomware th…

IRS Releases Tenth Security Tip 0

IRS Releases Tenth Security Tip

Original release date: January 25, 2016 The Internal Revenue Service (IRS) has released the tenth in a series of tips intended to help the public protect personal and financial data online and at home. This tip describes steps tax preparers can take to protect sensitive information. Recommendations include conducting a full scan of all computer drives and files, making sure that tax preparers’ security software updates automatically, and using robust security software that helps block malware and viruses

Apple Releases Security Update for tvOS 0

Apple Releases Security Update for tvOS

Original release date: January 25, 2016 Apple has released a security update for tvOS to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.