Monthly Archives: October 2014

AVG

AVG and Sony partner to protect devices right out of the box

Mobile devices have become the cornerstone of our connected lives and we use them for everything from gaming to banking and tracking our health. This makes life incredibly convenient for smartphone users but it also carries a risk to our privacy and security.

Many apps on our smartphones stores generate and store information about us as people. With the average Android users having as many as 95 apps installed on their device, it quickly becomes clear that our devices are portable databanks that carry our contact, financial, health and location data.

With so much personal information stored on our devices, it’s never been more important for smartphone users to protect their data with basic security measures such as setting up a passcode or installing a security app that will check links and scan for infections when you download software or surf the web.

That’s why AVG is delighted to announce that we’ve teamed up with Sony Mobile to make it easier than ever for Sony Xperia customers to protect their devices and their data.

From autumn 2014, all Xperia Z3 smartphones and tablets will come with a free 180 days of AVG AntiVirus PRO so that devices are protected straight out of the box.

 

After the trial expires, users can either renew or downgrade to AVG AntiVirus FREE for Android so that their device is protected free of charge.

AVG AntiVirus FREE for Android was the first mobile security application to exceed 100 million downloads on the Google Play Store and has powerful tools to help you protect your device, keep it running smoothly and even locate your device should it get lost or stolen.

ESET

Cyber Security Awareness Month: It’s on!

October is National Cyber Security Awareness Month in America and each year this program brings more and more attention to issues that should be of concern to anyone who uses a computer, plus a low of how-to information, security resources, and awareness-raising events.

The post Cyber Security Awareness Month: It’s on! appeared first on We Live Security.

NVD

CVE-2014-3385

Race condition in the Health and Performance Monitoring (HPM) for ASDM feature in Cisco ASA Software 8.3 before 8.3(2.42), 8.4 before 8.4(7.11), 8.5 before 8.5(1.19), 8.6 before 8.6(1.13), 8.7 before 8.7(1.11), 9.0 before 9.0(4.8), and 9.1 before 9.1(4.5) allows remote attackers to cause a denial of service (device reload) via TCP traffic that triggers many half-open connections at the same time, aka Bug ID CSCum00556.

NVD

CVE-2014-3384

The IKEv2 implementation in Cisco ASA Software 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted packet that is sent during tunnel creation, aka Bug ID CSCum96401.

NVD

CVE-2014-3389

The VPN implementation in Cisco ASA Software 7.2 before 7.2(5.15), 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.15), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), 9.2 before 9.2(2.6), and 9.3 before 9.3(1.1) does not properly implement a tunnel filter, which allows remote authenticated users to obtain failover-unit access via crafted packets, aka Bug ID CSCuq28582.

NVD

CVE-2014-3388

The DNS inspection engine in Cisco ASA Software 9.0 before 9.0(4.13), 9.1 before 9.1(5.7), and 9.2 before 9.2(2) allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCuo68327.

NVD

CVE-2014-3402

The authentication-manager process in the web framework in Cisco Intrusion Prevention System (IPS) 7.0(8)E4 and earlier in Cisco Intrusion Detection System (IDS) does not properly manage user tokens, which allows remote attackers to cause a denial of service (temporary MainApp hang) via a crafted connection request to the management interface, aka Bug ID CSCuq39550.

NVD

CVE-2014-3386

The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA Software 8.2 before 8.2(5.51), 8.4 before 8.4(7.15), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted series of GTP packets, aka Bug ID CSCum56399.

NVD

CVE-2014-3394

The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to bypass certificate validation via an arbitrary VeriSign certificate, aka Bug ID CSCun10916.

NVD

CVE-2014-3390

The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and CSCuq47574.