Cisco has released updates to address vulnerabilities affecting the following products: a) Unified Customer Voice Portal Operations Console – a vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset functionality could allow an authenticated, remote attacker to gain elevated privileges. The vulnerability is due to a lack of proper input validation. b) Cisco …
By studying the five lessons in this McAfee e-guide, you’ll gain an understanding of social networking websites. The more you know, the better you’ll be able to educate your children and the safer they’ll be. The “McAfee: A Parental Guide To Social Networking Sites” Guide can be downloaded via the TTCSIRT Website at https://ttcsirt.gov.tt/documents/childsocialsafety.pdf
Snapchat account getting hacked isn’t uncommon. There are various websites that claim to offer services to hack Snapchat accounts. Additionally, there are many phishing websites that claim to offer awesome features if you login with your Snapchat account details and then they hack your account. Plus, Snapchat now lets you send payments to other people …
A collection of Bluetooth implementation vulnerabilities known as “BlueBorne” has been released. These vulnerabilities collectively affect Windows, iOS, and Linux-kernel-based operating systems including Android and Tizen and may in worst case allow an unauthenticated attacker to perform commands on the device. The following vulnerabilities have been identified in various Bluetooth implementations: 1) CWE-120: Buffer Copy …
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for code execution. A full list of all vulnerabilities can be found at https://portal.msrc.microsoft.com/en-us/security-guidance Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged on user. Depending on the …
The Cisco 2017 Cybersecurity Report presents additional findings from Cisco’s latest Security Capabilities Benchmark Study. Industry experts from Cisco offer recommendations on how these businesses can improve their security posture, including using services to bridge knowledge and talent gaps, reducing complexity in their IT environment, and embracing automation. This report can be downloaded via the …
While ransomware and financial fraud groups continue to pose the biggest threat to end users, other threats are beginning to emerge. It was only a matter of time before attacks on IoT devices began to gain momentum, and 2016 saw the first major incident with the emergence of Mirai, a botnet composed of IoT devices …
A vulnerability has been discovered in Apache Struts which could allow for remote code execution. This vulnerability exists because the REST Plugin is using a XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads. Successful exploitation of this vulnerability could allow …
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could result in arbitrary code execution. These vulnerabilities can be exploited if a user visits, or is redirected to, a specially crafted web page. Details of the vulnerabilities are as follows: a) Use after free in PDFium – (CVE-2017-5111) b) Heap buffer …
Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow an attacker to execute arbitrary code: a)Fixed bug #74947 (Segfault in scanner on INF number). b) Fixed bug #74954 (null deref and segfault in zend_generator_resume()). c) Fixed bug #74725 (html_errors=1 breaks unhandled exceptions). d) Fixed bug #74125 (Fixed finding CURL on …