Customer Alert: “GHOST” Vulnerability on Linux Systems

By | January 30th, 2015|Uncategorized|

On January 27, 2015, Qualys, Inc., the leading provider of cloud security and compliance solutions, announced that its security research team discovered a vulnerability in the Linux GNU C Library known as (glibc). This vulnerability, called "GHOST (CVE-2015-0235),” allows attackers to remotely take control of a system without having prior knowledge of system credentials. This [...]

Customer Alert: POODLE Vulnerability

By | October 16th, 2014|Uncategorized|

On October 14, 2014, three Google researchers announced the details of a vulnerability in the design of SSL version 3 named the POODLE (Passing Oracle On Downgraded Legacy Encryption) vulnerability. This vulnerability affects all implementations of SSLv3.0 protocol, but does not affect the newer encryption mechanism known as TLS (Transport Security Layer). Under the right [...]

News Recap: An Update on the Shellshock Bug

By | October 9th, 2014|Uncategorized|

On September 24, 2014, the Shellshock bug was discovered, exposing vulnerabilities in Unix and Linux machines. The aftermath of the Shellshock bug has continued to stay in headlines as a wave of new vulnerabilities have emerged.Threatpost’s Michael Mimoso explains that Shellshock has been actively exploited: “Analysis into the vulnerability and Bash behavior once it was [...]

Customer Alert: ‘Shellshock’ Bug

By | September 26th, 2014|Uncategorized|

On September 24, 2014, Red Hat, Inc., the software company that provides a version of the Linux Operating System, indicated that its security team discovered a vulnerability in the command line interface functionality known as “Bash” (Bourne-Again Shell). This vulnerability, called “Shellshock,” is believed to pose a larger threat than the Heartbleed vulnerability that was [...]

Load More Posts