A Global Cybergovernance Framework: The Real Infrastructure Needed to Support a More Secure Internet

/in /von

By Eric Wenger As part of a broader “Cybersecurity Call to Action” outlined in the Cisco 2015 Midyear Security Report , Cisco has called for the development of a cohesive, multi-stakeholder, global cybergovernance framework. Investing in the development of such a framework is essential to supporting innovation and economic growth in business on the global stage. While there has been an increasing awareness that managing cyber risks is essential to the operation of any networked system, current mechanisms are not effective to protect businesses from cyberattacks. The lack []

Source:: Cisco Security Notice

Talos Identifies Multiple Memory Corruption Issues in Quicktime

/in /von

By Talos Group Talos, in conjunction with Apple’s security advisory issued on August 13, is releasing five advisories for vulnerabilities that Talos found in Apple Quicktime. In accordance with our Vendor Vulnerability Reporting and Disclosure policy, these vulnerabilities have been reported to Apple and CERT. This post serves as a summary for the advisories being released in coordination with Apple and CERT. Ryan Pentney and Richard Johnson of Talos are credited with the discovery of these vulnerabilities. Advisory Summary Several memory corruption vulnerabilities exist in Apple Quicktime []

Source:: Cisco Security Notice

Talos Identifies Multiple Memory Corruption Issues in Quicktime

/in /von

By Talos Group Talos, in conjunction with Apple’s security advisory issued on August 13, is releasing five advisories for vulnerabilities that Talos found in Apple Quicktime. In accordance with our Vendor Vulnerability Reporting and Disclosure policy, these vulnerabilities have been reported to Apple and CERT. This post serves as a summary for the advisories being released in coordination with Apple and CERT. Ryan Pentney and Richard Johnson of Talos are credited with the discovery of these vulnerabilities. Advisory Summary Several memory corruption vulnerabilities exist in Apple Quicktime []

Source:: Cisco Security Notice

Enabling Retail Business Innovation With Threat-Centric Security

/in /von

By Marc Solomon Last year was one of the biggest years for retail data breaches, with credit card data from well over 106 million shoppers stolen from two of America’s largest retailers alone. The attacks shook consumer confidence, eroded brand loyalty, and cost the industry millions of dollars. Even though the retail and security industries have been talking about compliance and security for more than a decade, breaches continue. And while research shows that compliance with PCI DSS has improved in recent years, []

Source:: Cisco Security Notice

Enabling Retail Business Innovation With Threat-Centric Security

/in /von

By Marc Solomon Last year was one of the biggest years for retail data breaches, with credit card data from well over 106 million shoppers stolen from two of America’s largest retailers alone. The attacks shook consumer confidence, eroded brand loyalty, and cost the industry millions of dollars. Even though the retail and security industries have been talking about compliance and security for more than a decade, breaches continue. And while research shows that compliance with PCI DSS has improved in recent years, []

Source:: Cisco Security Notice

Microsoft Patch Tuesday – August 2015

/in /von

By Talos Group Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins released which address 58 CVEs. Four bulletins are rated “Critical” this month and address vulnerabilities in Internet Explorer, Graphics Component, Office, and Edge. The other eleven bulletins are rated “Important” and address vulnerabilities within Remote Desktop Protocol (RDP), Server Message Block (SMB), XML Core Services, Mount Manager, System Center Operations Manager, UDDI Services, Command []

Source:: Cisco Security Notice

Microsoft Patch Tuesday – August 2015

/in /von

By Talos Group Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins released which address 58 CVEs. Four bulletins are rated “Critical” this month and address vulnerabilities in Internet Explorer, Graphics Component, Office, and Edge. The other eleven bulletins are rated “Important” and address vulnerabilities within Remote Desktop Protocol (RDP), Server Message Block (SMB), XML Core Services, Mount Manager, System Center Operations Manager, UDDI Services, Command []

Source:: Cisco Security Notice

Fortinet Launches the Industry’s Most Secure Cloud-Managed Enterprise Wi-Fi Solution

/in /von

Fortinet Launches the Industry’s Most Secure Cloud-Managed Enterprise Wi-Fi Solution

Source:: Fortinet

Fortinet Launches the Industry’s Most Secure Cloud-Managed Enterprise Wi-Fi Solution

/in /von

Fortinet Launches the Industry’s Most Secure Cloud-Managed Enterprise Wi-Fi Solution

Source:: Fortinet

Threat Vectors for Criminals: Common Coding Errors and Open-Source Vulnerabilities

/in /von

By Jeff Shipley Coding errors in software products provide easy paths of entry for online criminals, who can exploit vulnerabilities to compromise systems or launch additional attacks and malware. As reported in the Cisco 2015 Midyear Security Report , certain types of coding errors consistently appear on lists of most common vulnerabilities. This raises an important question for vendors and security professionals: If the same coding errors are identified year in and year out, why aren’t these errors being mitigated? Buffer errors, input validation, and resource errors are []

Source:: Cisco Security Notice