Virus Bulletin 2015 in Prague could be the biggest ever, a great place to discover the latest developments in malware protection and information security, and address issues like the infosec skills gap.
The post Viruses, bulletins, surveys, and gender: hashtag #VB2015 appeared first on We Live Security.
CentOS Errata and Security Advisory 2015:1840 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1840.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: c0fbed4f2b242cde4830df33b394a226e705eae993e17e38f90e663f511fe6fd openldap-2.4.39-7.el7.centos.i686.rpm 960f62ded3dfa6c3f92f3e466ebc07c0b4f30465c3fefd4ea302128152c936e0 openldap-2.4.39-7.el7.centos.x86_64.rpm 1c1853339b71aa16592859b80f670a450a0b45cc713ccca4c3d770a76ee096a8 openldap-clients-2.4.39-7.el7.centos.x86_64.rpm 51dc10dfcfc9ba0ff965256477d789b692f942772c54845edbc8fc5f8f1e5450 openldap-devel-2.4.39-7.el7.centos.i686.rpm d906620f31cdd8a5866dfac65bcfc42fc0fec7a7b826922da0afd29d2c8dfd2b openldap-devel-2.4.39-7.el7.centos.x86_64.rpm 49d45cc17bd198d65ba8fea53944e4f8e8525ec61eaf91b9f03da839acf530c4 openldap-servers-2.4.39-7.el7.centos.x86_64.rpm 99d31fc1f35404da6a32b2ca4239a124966d3f51388c35fafa06dcf0018bd864 openldap-servers-sql-2.4.39-7.el7.centos.x86_64.rpm Source: 5ff494cb8637ecc22d9a5299d51bbd6a1dd646f75a4cd97315c9f303259f0438 openldap-2.4.39-7.el7.centos.src.rpm
CentOS Errata and Security Advisory 2015:1840 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1840.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: ce59a16e8d9f797feff522711be61aa9bd976ddcd0e629c260a9e1120b1abda4 openldap-2.4.40-6.el6_7.i686.rpm 90cfd98aa85f7e6b816f3b9472a8bbd26979a1224fce84390d784da68f582d20 openldap-clients-2.4.40-6.el6_7.i686.rpm afa5499f0434b52f57fe96d70489d195e73f9ef59ca22f6a4b12c304ebb43635 openldap-devel-2.4.40-6.el6_7.i686.rpm 80b87de3386d0b711597554cce65d8b4e4cdea909425675562ccef2d28402453 openldap-servers-2.4.40-6.el6_7.i686.rpm be985035faf4b5b8dbee232a00eb9631659a99106d14b2044f82d8ccec34dd8a openldap-servers-sql-2.4.40-6.el6_7.i686.rpm x86_64: ce59a16e8d9f797feff522711be61aa9bd976ddcd0e629c260a9e1120b1abda4 openldap-2.4.40-6.el6_7.i686.rpm b8658e6e57809577463a9f168656d9ccbb1f2d9e5d480d77ace7eac594789350 openldap-2.4.40-6.el6_7.x86_64.rpm 516d525207917340a6fc22b4cc3d1fd6d9398a0ce79ef746579155d95aac9325 openldap-clients-2.4.40-6.el6_7.x86_64.rpm afa5499f0434b52f57fe96d70489d195e73f9ef59ca22f6a4b12c304ebb43635 openldap-devel-2.4.40-6.el6_7.i686.rpm 655274004efc40a05c9947af3cb1ff654b8038cbd083fc44e25190a18f2c776d openldap-devel-2.4.40-6.el6_7.x86_64.rpm 678906aa40444064d8188d74ca33591dcc34da97723f3aff762524798b28500c openldap-servers-2.4.40-6.el6_7.x86_64.rpm d8fcc13e67551c0893f0826e1f986930094dc5efffd9cce2af0577612281d597 openldap-servers-sql-2.4.40-6.el6_7.x86_64.rpm Source: 63c1dcfee015ccec322361e78080c686e7f14a51b7cf331726b3017c1c760a67 openldap-2.4.40-6.el6_7.src.rpm
CentOS Errata and Security Advisory 2015:1840 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1840.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: cc181bbfac7f8256afb84c7345aeeabe02967ce32d0b19980e3d10ab7eff941d compat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm b22b59b70a24b9d81e3636dd64c13bcb31837d0fc585e8d40d3c42b09addc982 openldap-2.3.43-29.el5_11.i386.rpm 3071dbeb025e46da4b8ebb3cf697871525e0ff3f319c062f989d6538b4b6a3d3 openldap-clients-2.3.43-29.el5_11.i386.rpm f42c1033d9c8749d85358d8ed2636c5f43a06bc15561dca4d00adc69483044bf openldap-devel-2.3.43-29.el5_11.i386.rpm 7dee4dd6721f9222268e9c11d96db5d0624ec0067d7924b0eeebf78791cad6ee openldap-servers-2.3.43-29.el5_11.i386.rpm a738a621d1fff4855f994c2eb316dd277cda9f20c74c3437c7718f21ddad7901 openldap-servers-overlays-2.3.43-29.el5_11.i386.rpm f902ae9ff4405241871cbe51bdf94064a4b1759d7fbce279df5d8be04d26d074 openldap-servers-sql-2.3.43-29.el5_11.i386.rpm x86_64: cc181bbfac7f8256afb84c7345aeeabe02967ce32d0b19980e3d10ab7eff941d compat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm 5757fda05767444bb1642a8191c3b6f2d76745ba30132ea9d3fd766379f99e2b compat-openldap-2.3.43_2.2.29-29.el5_11.x86_64.rpm b22b59b70a24b9d81e3636dd64c13bcb31837d0fc585e8d40d3c42b09addc982 openldap-2.3.43-29.el5_11.i386.rpm e6dd51c4f2f4a23fec2be3f298b76abc87b3930e2fa0f3c0ad440f5ef70da35e openldap-2.3.43-29.el5_11.x86_64.rpm a7bdd364235403770fac7632b572323bda2565b3c9f23d371768ab859dfc5137 openldap-clients-2.3.43-29.el5_11.x86_64.rpm f42c1033d9c8749d85358d8ed2636c5f43a06bc15561dca4d00adc69483044bf openldap-devel-2.3.43-29.el5_11.i386.rpm 32164d50ac497028e5c24f8bb1535c37abdf78cd230922cc63bb0c8ac7cf65af openldap-devel-2.3.43-29.el5_11.x86_64.rpm 818492aef0cad81ecc9ea66f4eeff8a4a44a23ed223927d601e4b555d3499e51 openldap-servers-2.3.43-29.el5_11.x86_64.rpm d21a9d33c3559b97ee2a295c04ce723b4eae3ed46846baafe760e0cd495f5945 openldap-servers-overlays-2.3.43-29.el5_11.x86_64.rpm 13db919bbc3c414f54fb656b7e127f8cfb8700830ef261bd16b4d65e162c9f52 openldap-servers-sql-2.3.43-29.el5_11.x86_64.rpm Source: 7092b7f27ed18b2fc5496587940b14f1d223762cf8182f282a65db3c4296bc13 openldap-2.3.43-29.el5_11.src.rpm
When you’re watching a movie and you see the typical computer screen filled with green coding (you know the type, rows of 1s and 0s) you might get the impression that IT experts are magicians that work wonders with a mouse and a keyboard. Theirs is a difficult professions, but they are also humans that suffer from the same human errors and doubts as the rest of us.
At Google they are well aware of this and for this reason they have carried out an investigation that tries to shed light on the security measures that IT professionals follow, and that for the rest of us seem impossible to imitate.
The conclusion they reached leaves us all in a bad light – what seems difficult really isn’t that complex at all. The majority of the steps taken by IT professionals to protect themselves from digital threats are based on pure common sense and are easy enough for the average use to put into practice.
The people behind the study compared the precautions taken by experts and those taken by regular users and discovered that the latter are skipping some of the basic steps. Here are the main ones.
Make sure you have the latest version of software installed on your operating system and the programs that you use. This is the same for both computers and mobile devices. The manufacturers usually correct vulnerabilities as soon as they realize them, so it’s up to you to make sure you install the latest version. You can always allow for automatic updates if you want to.
Although passwords are on the verge of extinction, they are still the main way to protect your devices. You should make sure to follow these basic guidelines for choosing passwords which include a different one for each service, ones that are hard to guess, and ones that contain a mix of letters, numbers, and symbols.
If you choose a secure password, you’re on the right path, but that still isn’t enough. The experts recommend activating the two-step verification process whenever possible (in Gmail or Facebook, for example). This way, if anyone tries to access your account then the service will ask for a code which is only sent to your mobile. This should be out of bounds for a cybercriminal.
There are very few things that can’t be found on the Internet. Every day you can find something new while surfing online, but you need to be careful where you click. Not all websites are safe and some hide nasty surprises. If your browser says that something’s not right, then pay attention to its warning. Unless it’s a website that is totally secure, a warning that the website isn’t following correct security protocol should be enough for.
Although some doubt its effectiveness, what’s certain is that an antivirus software with firewall is the best barrier against attacks. Surfing the web without an updated or reliable protection is an unnecessary risk that the experts at Google aren’t prepared to take. So why do some users continue putting themselves at risk?
If some of these measures don’t form part of your routine, then you should adopt them immediately. Not only because the experts consider them common sense, but because, above all, they are very easy to adopt and can save you a lot of problems.
The post 5 security measures that experts follow (and so should you!) appeared first on MediaCenter Panda Security.
Vulnerable hospital equipment details can be found online, two security researchers have found.
The post Vulnerable medical equipment details disclosed online appeared first on We Live Security.
Posted by Onapsis Research Team on Sep 29
Onapsis Security Advisory 2015-020: SAP HANA Trace configuration SQL
injection
1. Impact on Business
=====================
By exploiting this vulnerability an attacker could change configuration
settings in the HANA system, affecting the integrity of the data stored
and possibly turning the platform unavailable to other users.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/29/2015
– Last Revised:…
Posted by Onapsis Research Team on Sep 29
Onapsis Security Advisory 2015-021: SAP HANA XSS in user creation
through Web-based development workbench
1. Impact on Business
=====================
By exploiting this vulnerability a remote authenticated attacker would
be able to attack other users connected to the HANA system.
Risk Level: Medium
2. Advisory Information
=======================
– Public Release Date: 09/29/2015
– Last Revised: 09/29/2015
– Security Advisory ID:…