The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 before 13.3R8, 13.3R7 before 13.3R7-S3, 14.1R1 before 14.1R6, 14.1R3 before 14.1R3-S9, 14.1R4 before 14.1R4-S7, 14.1X51 before 14.1X51-D65, 14.1X53 before 14.1X53-D12, 14.1X53 before 14.1X53-D28, 14.1X53 before 4.1X53-D35, 14.2R1 before 14.2R5, 14.2R3 before 14.2R3-S4, 14.2R4 before 14.2R4-S1, 15.1 before 15.1R3, 15.1F2 before 15.1F2-S2, and 15.1X49 before 15.1X49-D40, when LDP is enabled, allows remote attackers to cause a denial of service (RPD routing process crash) via a crafted LDP packet.
Monthly Archives: January 2016
CVE-2016-1258
Embedthis Appweb, as used in J-Web in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R8, 14.1 before 14.1R6, and 14.2 before 14.2R5, allows remote attackers to cause a denial of service (J-Web crash) via unspecified vectors.
CVE-2016-1260
Juniper Junos OS before 13.2X51-D36, 14.1X53 before 14.1X53-D25, and 15.2 before 15.2R1 on EX4300 series switches allow remote attackers to cause a denial of service (network loop and bandwidth consumption) via unspecified vectors related to Spanning Tree Protocol (STP) traffic.
CVE-2016-1262
Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet.
[KIS-2016-01] CakePHP <= 3.2.0 "_method" CSRF Protection Bypass Vulnerability
Posted by Egidio Romano on Jan 15
—————————————————————
CakePHP <= 3.2.0 “_method” CSRF Protection Bypass Vulnerability
—————————————————————
[-] Software Link:
[-] Affected Versions:
Version 3.2.0 RC1 and prior 3.x versions.
Version 2.8.0 RC1 and prior 2.x versions.
[-] Vulnerability Description:
CakePHP provides some built-in security features…
Kaspersky Says Ransomware Doubled Last Year, Will Now Target the Enterprise – Cloud Security Resource
3 Biggest Security Threats of 2016 – Kim Komando
Kaspersky Caught Scent Of Silverlight Zero-Day In Hacking Team Breach – Dark Reading
Legal firms ‘risk compromising data over poor login security’
Firms in the legal sector are at risk of compromising information confidentiality because of poor data practices, according to new research by IS Decisions.
The post Legal firms ‘risk compromising data over poor login security’ appeared first on We Live Security.
Avast for Business: Zero to One Million endpoints protected in less than a year
Since the launch of Avast for Business, a free, cloud-managed security solution, in February 2015, organizations worldwide have deployed it to protect more than one million PCs, Macs, and servers from cyberattacks and data breaches.
Avast for Business is successful across diverse sectors
Avast for Business is extremely popular with Education, Non-profits, Retail, Healthcare, IT consulting firms, and small business because many organizations lack the IT resources to install costly and complex security solutions. Avast for Business is easily scalable and managed from anywhere. Additionally, Avast for Business starts at a price everyone can afford: Free, making it a natural fit for organizations worldwide.
Education IT admins value easy deployment, management, and the free cost
The sector that has embraced Avast for Business whole-heartedly is Education. IT administrators from universities, school districts, private and charter schools, libraries, and museums all tell us that ease of deployment and management is at the top of their security solution wish list. The fact that it’s also free makes it an easy decision.
“Avast for Business is so easy to deploy and monitor, it’s made the administration of our network much smoother,” said Jothan Virgil, an IT Administrator at Alabama State University. The university has a large network managed by multiple IT professionals, with over 1,000 faculty and staff members and more than 5,600 students. Avast for Business now protects all of them from one console.
“We had AVG before switching to Avast and we really needed to simplify our security solution,” said Tyler Hisel, an IT technician with the Chillicothe City School District in Ohio. He needed software with easy-to-use centralized management where he could monitor the district’s devices. “All we wanted was a simple security solution that worked, and I knew we didn’t have to pay a fortune for it,” he said, “Avast was cost saving and had lots of features that I was surprised came free,” said Tyler. “I’ve got to hand it to you, it’s really an impressive product and it being free just makes it better.”
Non-profits value ease-of-use and the free cost
Monitoring their budget is a priority for non-profits. Avast for Business is free and compared to other antivirus solutions, the optional support costs are nominal. Michael Hensley, Information and Facilities Officer at NeighborImpact, a non-profit human-services agency in central Oregon switched from BitDefender because of the costs.
“The savings on software were extremely helpful in budgeting for our hardware upgrade. The extra money allowed us to get hardware in a different category than we otherwise would have been able to afford,” he said.
Hensley’s staff is not tech-savvy, which contributed to significant security issues in the past.
“The fact that [Avast for Business] is cloud-managed is the primary feature that we needed. We have offices and classrooms distributed throughout the area. We are able to monitor all of our computers from the web-console which has shown consistent improvement.”
SMBs and MSPs value prevention, support, and the free cost
Many businesses have budgeted for security, so free software isn’t the priority, but it certainly doesn’t hurt. Scott Quinn from Montana-based Caritas Design, a small husband and wife web-design firm said, “Any savings are huge for us.”
Despite the huge savings, the primary need is simple managementfrom a solution designed “to keep our clients and servers in a secure environment,” said Levent Silay, of Login Business Solutions, a Managed Service Provider in Istanbul, Turkey. The advantages of Avast’s cloud-managed business security according to Silay are “the quick and easy installation, the monitoring screen that helps in the visualization of all the computers on the network, the online management that can be utilized from anywhere, and the fact that it’s simple and there is no need for training.”
When managing your own business or multiple clients, quick support is essential. Quinn says, “Their support has been amazing on the rare occasions I’ve needed to utilize them. I would, and will, recommend Avast for Business to everyone I encounter.”
Avast for Business is available for every business worldwide
Avast for Business is free for every organization worldwide. Visit Avast for Business to learn more and sign up.
