Red Hat Security Advisory 2016-1001-01 – KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: An out-of-bounds read/write access flaw was found in the way QEMU’s VGA emulation with VESA BIOS Extensions support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host’s QEMU process.
Monthly Archives: May 2016
Red Hat Security Advisory 2016-1000-01
Red Hat Security Advisory 2016-1000-01 – KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: An out-of-bounds read/write access flaw was found in the way QEMU’s VGA emulation with VESA BIOS Extensions support performed read/write operations via I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host’s QEMU process.
Red Hat Security Advisory 2016-0999-01
Red Hat Security Advisory 2016-0999-01 – KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: An out-of-bounds read/write access flaw was found in the way QEMU’s VGA emulation with VESA BIOS Extensions support performed read/write operations via I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host’s QEMU process.
Red Hat Security Advisory 2016-0997-01
Red Hat Security Advisory 2016-0997-01 – KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: An out-of-bounds read/write access flaw was found in the way QEMU’s VGA emulation with VESA BIOS Extensions support performed read/write operations via I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host’s QEMU process.
Debian Security Advisory 3573-1
Debian Linux Security Advisory 3573-1 – Several vulnerabilities were discovered in qemu, a fast processor emulator.
HP Security Bulletin HPSBUX03577 SSRT102172 1
HP Security Bulletin HPSBUX03577 SSRT102172 1 – A potential security vulnerability has been identified in HP-UX VxFS ACL inheritance. The vulnerability could result in local unauthorized access to files. Notes: – Default ACL entries “default:other:”, “default:user:”, and “default:class:” are not inherited correctly. – There is a risk that file access restrictions may not be effective on inherited ACLs to restrict file or directory access by other users, for example, by defining “default:other:—” in a parent directory. – The defect does not impact “default:group:” entries. Revision 1 of this advisory.
Get rid of panic – get a PIN on your apps
You want to show off your new phone … but not show too much.
The post Get rid of panic – get a PIN on your apps appeared first on Avira Blog.
Panda Security named Company of the Year at the 5th Annual “Premios Nacionales El Suplementoâ€
Panda Security has been awarded Company of the Year at the 5th Annual “Premios Nacionales El Suplemento“.
Organized by the Spanish newspaper El Suplemento by ABC, at the “Premios Nacionales El Suplemento” well-deserved recognition is given to outstanding businesses and their hardworking professionals, who, despite the current economy, are boosting their efforts to be better leaders, stepup and grow, on a daily basis.
The gala honored 34 winners, with one winner in each category. Panda Security was awarded the night’s most coveted prize: Company of the Year. The company joined a group of exceptional winners—highlighting important professionals and Spanish companies, or businesses with headquarters in Spain—who have excelled in different sectors by their innovative work, growth, outreach , and history.
Center: Rosa Díaz, the General Director of Panda Security Spain, collected the award on behalf of the Bilbao-based, computer security company.
Although Panda Security is mostly known as an anti-virus software company, it has expanded its line of business to advanced cyber security technology. Rosa Díaz said that, thanks to Adaptive Defense 360, Panda is a pioneer in uniting EPP and EDR systems in the same solution. The new security model is capable of monitoring, registering and categorizing all active processes on the system.
This year, some of the highlighted winners include Turkish Airlines in the “Airline” category, the NGO Messengers of Peace in “Solidarity”, and Kone for his work in “Sustainability”, among others.
Technological milestones deserve an award
Panda Security is one of the leading manufacturers of security software in the world. They are included in Truffle 100´s list of Top European Software Vendors.
Among its milestones in technology, the pioneer has also launched security systems with concepts like SaaS (Security as a Service), or the anti-virus that protects from the Cloud (Cloud Computing). Panda is also recognized as the first security service provider to offer daily updates of your database signatures.
Panda Security also introduced the first automatic detection, analysis and classification of malware in real-time for systems. This is called Collective Intelligence” and, together with patented technology that blocks unknown viruses, is the precursor of Panda´s new security model: Adaptive Defense.
It is our desire that these awards will encourage professionals and companies to continue their innovation, outreach and in good practices.
Congratulations to all the winners!
The post Panda Security named Company of the Year at the 5th Annual “Premios Nacionales El Suplemento” appeared first on Panda Security Mediacenter.
Andromeda distributors craft new strategies for attacks
Most of popular botnet Andromeda’s (also known as Gamarue) distribution channels have been discovered and analyzed by antivirus vendors. This has forced Andromeda’s distributors to come up with a new attack strategy to continue to drop Andromeda binaries onto PCs.
Meanwhile at the Andromeda headquarters…
Operator: “Captain, all of our distribution channels have been discovered!”
Captain: “Report the loss..”
Operator: “Email scams, exploit kits, everything is known to the public.”
Captain: “Operator, let’s start with plan N!”
Operator: “Roger that, captain”
Before we dive into Andromeda’s new tactic, I’d recommend you to read this article by fellow security researchers from Stormshield, which describes one of Andromeda’s most recent phishing campaigns. We have observed similar Andromeda email phishing campaigns. Most of the emails we have seen seem to be targeting Germans and Italians. However, these two target groups seem to be too clever to fall for the bait, as they are not the top infected users.
Some of the popular subject lines used to target Germans and Italians are “Your current bill” and “A nude photo of you has appeared on the Internet”.
Nfdump Nfcapd 1.6.14 Multiple Vulnerabilities
Posted by Denis Andzakovic on May 10
( , ) (,
. ‘.’ ) (‘. ‘,
). , (‘. ( ) (
(_,) .’), ) _ _,
/ _____/ / _ ____ ____ _____
____ ==/ /_ _/ ___/ _ /
/ / | \ __( <_> ) Y Y
/______ /___|__ / ___ >____/|__|_| /
/ /.-. / /:wq
(x.0)
‘=.|w|.=’
_=”””=….