EMC Replication Manager and EMC AppSync may contain unquoted entries in the Windows registry service path that could potentially be exploited by an attacker to execute malicious programs. EMC Replication Manager versions prior to 5.5.2 and EMC AppSync versions prior to 2.1.0 are affected.
Monthly Archives: December 2014
Osclass 3.4.2 Shell Upload
Osclass versions 3.4.2 and below suffer from a remote shell upload vulnerability.
Happy New Year 2015 from Avast!
From our headquarters in Prague, Czech Republic to our offices in the USA, Germany, China, and South Korea, all of us at Avast Software wish you love, laughter, and peace in 2015.
Looking back on 2014, we are grateful for the trust that our 220 million customers have placed in us. We thank you for your loyalty and for sharing Avast with your friends and family. We appreciate your support, your suggestions and feedback (even when it’s not so good 
), the way you help others on our forum and social channels like Facebook, Google +, and Twitter, and especially when you write us with your stories of how Avast saved the day for you.
As we enter this new year, we promise to bring you the best security products for your home network, your business, your PCs, Macs, and Android devices, that we can. We will stay on top of new threats and contain the old ones that keep coming back to plague us. We will strive to keep your trust, but most of all, to keep you and your important data and hardware save from harm.
So raise your glass with us, and join us for our 2015 wish.
Peace. Love. Security. ~ from Avast
WordPress Symposium Plug-In Plagued by File Upload Vulnerability
Researchers warn that since public disclosure of a file-upload vulnerability in the WordPress Symposium plug-in and the availability of proof-of-concept exploit code, scans and exploit attempts are on the rise.
RSA BSAFE Micro Edition Suite / SSL-J Triple Handshake
RSA BSAFE Micro Edition Suite and SSL-J contain updates designed to prevent Triple Handshake attacks. There is a known potential vulnerability in the TLS protocol where it is possible for a malicious server to impersonate a client to another server using the client’s credentials and successfully perform a man-in-the-middle attack on the third handshake.
XBox and PSN attacks were “marketing scheme†for Lizard Squad’s DDoS service
The attack which knocked the PlayStation Network (PSN) and Xbox Live offline over Christmas appears to have been a publicity stunt, designed to gain notoriety and draw attention to the hacking group which has claimed responsibility – Lizard Squad.
The post XBox and PSN attacks were “marketing scheme” for Lizard Squad’s DDoS service appeared first on We Live Security.
Osclass 3.4.2 SQL Injection
Osclass versions 3.4.2 and below suffer from a remote SQL injection vulnerability.
Judge Approves Fake Instagram Account To Obtain Case Evidence
2015 Resolutions: The Nerd’s List
We like nerds. We love nerds. We are nerds. And, as any respectable nerd would do, we have already thought about our 2015 resolutions. Check out what some of the coolest Avira nerds have planned for next year. It will give you a good hint of our guilty little pleasures.
Our gamers, in particular, have big plans…
- Avoiding Steam sales: No Steam,you won’t get my money this year!
- Play more indie games.
- Don’t flame and troll. Ok ok. Flame and troll less. At least a bit.
- Don’t buy games immediately after they are released, especially if you already know in advance that it will just be a paid beta test.
- Buy an Oculus Rift. Come on, I know you want it too.
...what about their other passions?
- Get Android Auto as soon as it’s launched: steering wheel controls and smartphone connected to access music, contacts, and messages while you keep your eyes on the road? Can’t wait to be driven by Android!
- Operate Full Home automation with Raspberry Pi: wireless sensors, OCR, connect front door camera to smartphone… it already feels like home.
- Convince my friends that the perfect birthday gift would be a mini tablet with retina display for kick-ass resolution
- Get into machine learning and data mining (who owns big data is ready to rule the world – to be followed by an evil laughter when read aloud)
- Get back into manga drawing and super edit my makeup photos with the help of this beauty (you didn’t see this one coming, did you?)
Special thanks to my colleagues who accepted the challenge of going public with their nerdiest 2015 resolutions: Nicole, Daniela, Cornel, Eliza, Ovidiu, Calin, Bogdan… you just made it to the Nerd Hall of Fame!
If you also have “nerdy” wishes on your Resolutions list, please share them with us in the comments section below.
Happy New Year from the whole Avira team!
The post 2015 Resolutions: The Nerd’s List appeared first on Avira Blog.