Month: January 2018

QuickHealSecurity

Meltdown and Spectre: Quick Heal compatibility update

Credit to Author: Rajib Singha| Date: Tue, 09 Jan 2018 12:15:27 +0000

This is an important advisory for our readers about the recently discovered CPU exploits called Meltdown and Spectre. Product Compatibility: Microsoft had requested security ISVs (Independent Software Vendors) to perform testing with the January 3 update in order to ensure their products are compatible with the Microsoft update. Based on the…

Read More
QuickHealSecurity

What do we need to know about the CPU exploits Meltdown and Spectre?

Credit to Author: Quick Heal Security Labs| Date: Thu, 04 Jan 2018 13:02:09 +0000

What exactly is a vulnerability? A security vulnerability (also known as a security hole) is a security flaw detected in a product that may leave it open to hackers and malware. Using such vulnerabilities, attackers can exploit the affected system/product for their profit in various ways. What is an exploit? Exploits…

Read More
IndependentSecuriteam

SSD Advisory – Sophos XG from Unauthenticated Persistent XSS to Unauthorized Root Access

Credit to Author: SSD / Maor Schwartz| Date: Mon, 08 Jan 2018 06:21:27 +0000

Vulnerability Summary The following advisory describes an unauthenticated persistent XSS that leads to unauthorized root access found in Sophos XG version 17. Sophos XG Firewall “provides unprecedented visibility into your network, users, and applications directly from the all-new control center. You also get rich on-box reporting and the option to add Sophos iView for centralized … Continue reading SSD Advisory – Sophos XG from Unauthenticated Persistent XSS to Unauthorized Root Access

Read More
IndependentSecuriteam

Happy New Year 2018 – Challenge Solution

Credit to Author: SSD / Noam Rathaus| Date: Mon, 08 Jan 2018 06:15:57 +0000

In our post found here: https://blogs.securiteam.com/index.php/archives/3616, we hid a challenge. The challenge was split into two parts: 1. Finding it 2. Solving it Finding it wasn’t very hard, the challenge was hidden inside the image, it wasn’t anything fancy, just inside the image you had a zip file appended to the end of the file: … Continue reading Happy New Year 2018 – Challenge Solution

Read More
FortinetSecurity

Fortinet Security Fabric earns NSS Recommendation for Breach Prevention

Credit to Author: Damien Lim| Date: Mon, 08 Jan 2018 14:45:59 +0000

FortiSandbox has already proven itself effective in the 2017 BDS test with a 99% Breach Detection rate, earning a Recommended rating four out of four years. And now, integrated with other Security Fabric components – namely, FortiGate, FortiMail, and FortiClient – it has achieved another NSS Recommended award with this latest 2017 BPS test.

Read More
ComputerWorldIndependent

How to use Parental Controls to protect your iPhone

Credit to Author: Jonny Evans| Date: Mon, 08 Jan 2018 07:06:00 -0800

Even while we accept that coding skills are key to some future employment, Apple is under some pressure to improve parental controls to help prevent children from becoming hooked on their phones. Apple already provides some protection parents can use to limit their children’s smartphone use. Here’s what you need to know:

What are Parental Controls?

Apple has similar controls for iPads, iPhones, Macs and the Apple TV. Apple calls these Restrictions, and you can use them to block or limit apps and features that children can access on their device. Among other things, these tools can restrict use of Safari, the camera, Siri, FaceTime, AirDrop, CarPlay and individual apps. You can also prevent others from deleting apps, making in-app purchases, playing multiplayer games. Privacy settings let you control things like location services, contacts, calendars, reminders and share my location, and you can also apply account-related protections.

To read this article in full, please click here

Read More
FortinetSecurity

Executive Insights: Viewing GDPR as an Opportunity to Drive Competitive Advantage and Create Digital Trust

Credit to Author: Drew Del Matto| Date: Mon, 08 Jan 2018 13:45:59 +0000

With GDPR scheduled to come into full effect this May, private and public-sector organizations across the world have no time to waste in taking actions to ensure they are ready to comply with these new requirements. The best way forward is through a comprehensive and integrated strategy that is able to see and track personal data, as well as prevent, detect, and remediate data breaches anywhere they may occur.  This is a strategic approach that not only enables regulatory compliance, but will allow you to differentiate security as a value-add.

Read More