Apple released security update today for iOS 8 and Apple TV 7. iOS 8.1 (APPLE-SA-2014-10-20-1 iOS 8.1) is now available for iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later, to addresses the following: Bluetooth CVE-2014-4448 House Arrest CVE-2014-4448 iCloud Data Access CVE-2014-4449 Keyboards CVE-2014-4450 Secure Transport CVE-2014-3566 Apple TV 7.0.1 (APPLE-SA-2014-10-20-2 Apple TV 7.0.1) is now available for Apple TV 3rd generation and later, to address the following: Bluetooth CVE-2014-4428 Secure Transport CVE-2014-3566  https://support.apple.com/kb/HT1222 ———– Guy Bruneau IPSS Inc.
Cisco Security Advisory: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability, (Thu, Oct 16th)
Advisory ID: cisco-sa-20141015-poodle Revision 1.0 For Public Release 2014 October 15 17:30 UTC (GMT) +——————————————————————— Summary +====== On October 14, 2014, a vulnerability was publicly announced in the Secure Sockets Layer version 3 (SSLv3) protocol when using a block cipher in Cipher Block Chaining (CBC) mode. SSLv3 is a cryptographic protocol designed to provide communication security, which has been superseded by Transport Layer Security (TLS) protocols. By exploiting this vulnerability, an attacker could decrypt a subset of the encrypted communication
Vulnerability Note VU#960193 AVG Safeguard and Secure Search ActiveX controls provides insecure methods Original Release date: 07 Jul 2014 | Last revised: 07 Jul 2014 Overview The AVG Secure Search toolbar, also known as AVG Safeguard includes an ActiveX control that provides a number of unsafe methods, which may allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user. Description AVG Secure Search is a toolbar add-on for web browsers that “… provides an additional security layer while searching and surfing to protect you from infected websites.” One of the components provided by AVG Secure Search is an ActiveX control called ScriptHelperApi , which is provided by ScriptHelper.exe
This video shows step-by-step configuration of site-to-site IPsec VPN (using FortiGate running FortiOS v5.0) where one host uses a dynamic IP address on a PPPoE connection with FortiOS Dynamic…
#OWASP Application #security Verification Standard 2013 — 9 retweets 1 favorites
In this video, you will learn how to block HTTP and HTTPS access to a website of your choice and to all subdomains of that site.