Monthly Archives: January 2017

Fedora

qemu-2.7.1-2.fc25

* CVE-2016-6836: vmxnet: Information leakage in vmxnet3_complete_packet (bz #1366370)
* CVE-2016-7909: pcnet: Infinite loop in pcnet_rdra_addr (bz #1381196)
* CVE-2016-7994: virtio-gpu: memory leak in resource_create_2d (bz #1382667)
* CVE-2016-8577: 9pfs: host memory leakage in v9fs_read (bz #1383286)
* CVE-2016-8578: 9pfs: potential NULL dereferencein 9pfs routines (bz #1383292)
* CVE-2016-8668: OOB buffer access in rocker switch emulation (bz #1384898)
* CVE-2016-8669: divide by zero error in serial_update_parameters (bz #1384911)
* CVE-2016-8909: intel-hda: infinite loop in dma buffer stream (bz #1388053)
* Infinite loop vulnerability in a9_gtimer_update (bz #1388300)
* CVE-2016-9101: eepro100: memory leakage at device unplug (bz #1389539)
* CVE-2016-9103: 9pfs: information leakage via xattr (bz #1389643)
* CVE-2016-9102: 9pfs: memory leakage when creating extended attribute (bz #1389551)
* CVE-2016-9104: 9pfs: integer overflow leading to OOB access (bz #1389687)
* CVE-2016-9105: 9pfs: memory leakage in v9fs_link (bz #1389704)
* CVE-2016-9106: 9pfs: memory leakage in v9fs_write (bz #1389713)
* CVE-2016-9381: xen: incautious about shared ring processing (bz #1397385)
* CVE-2016-9921: Divide by zero vulnerability in cirrus_do_copy (bz #1399054)
* CVE-2016-9776: infinite loop while receiving data in mcf_fec_receive (bz #1400830)
* CVE-2016-9845: information leakage in virgl_cmd_get_capset_info (bz #1402247)
* CVE-2016-9846: virtio-gpu: memory leakage while updating cursor data (bz #1402258)
* CVE-2016-9907: usbredir: memory leakage when destroying redirector (bz #1402266)
* CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer (bz #1402273)
* CVE-2016-9913: 9pfs: memory leakage via proxy/handle callbacks (bz #1402277)
* CVE-2016-10028: virtio-gpu-3d: OOB access while reading virgl capabilities (bz #1406368)
* CVE-2016-9908: virtio-gpu: information leakage in virgl_cmd_get_capset (bz #1402263)
* CVE-2016-9912: virtio-gpu: memory leakage when destroying gpu resource (bz #1402285)

Panda Security

Adaptive Defense 360 Given Stamp of Approval by AV-Comparatives

Defending your devices in our hyperconnected world is no simple task. Your protection should include a wide range of defense mechanisms, a necessary deployment that, until now, has forced IT organizations to purchase and maintain a variety of products from different providers.

In December, AV-Comparatives gave their stamp of approval to the three principles of the Adaptive Defense 360 security model: continuous monitoring of all applications on company servers and workstations, automatic classification of endpoint processes using big data and machine learning techniques in a Cloud-based platform, and the possibility, should a process not be automatically classified, of a PandaLabs expert technician analyzing the behavior in depth.

“The evaluation by AV-Comparatives is a good reflection of the value of Adaptive Defense to our customers,” said Iratxe Vázquez, Product Manager at Panda Security. “We protect from and detect all types of known and unknown malware and zero-day security attacks (ransomware, bot networks, exploits, fileless malware, APTs, etc.), all thanks to the continuous monitoring of all processes running on our customers’ devices.”

The Adaptive Defense 360 solution has been endorsed as the first and only product that combines endpoint protection (EPP) and endpoint detection and response (EDR) in a single platform.

“As this solution classifies all executed processes, it cannot fail to record any malware.”

Efficacy Test

Panda Security’s advanced cybersecurity solution detects and blocks malware that other protection systems don’t even see. “We know that Adaptive Defense is easily one of the best solutions on the market, and we needed this to be certified by a prestigious laboratory in the world of security,” said Luis Corrons, Technical Director of PandaLabs.

Adaptive Defense 360 achieved 99.4% detection in the 220 analyzed samples and 0 false positives in the independent analysis performed by the esteemed AV-Comparatives Institute, which establishes this solution as the most advanced end-user cybersecurity software.

“For us it was essential that the tests were done with the utmost rigor, as we were looking for an environment that would perfectly simulate the real world and the threats to which companies are constantly exposed,” says Corrons.

The Intelligent Control Platform, a Synthesis of Machine Learning and Big Data

Artificial intelligence and machine learning are booming trends this 2017, allowing companies to use data science to optimize resources and improve their productivity. Imagine the effectiveness of a cybersecurity software that combines both of these trends.

“The protection that Adaptive Defense 360 ​​offers is much more than a marketing strategy,” said Iratxe Vázquez. “This solution is a protection strategy, a new security model that our customers will need in order to deal with cyber threats. The attacker continually adapts his behavior, easily avoiding traditional antiviruses. He infiltrates and acts quietly, making all kinds of lateral movements that we monitor, analyze and block before he reaches his targets.”

Adaptive Defense 360 ​​is part of an intelligent cyber security platform, capable of merging contextual intelligence with defense operations.

“We continuously monitor and evaluate the behavior of everything running on our clients’ machines, using Machine Learning’s adaptive techniques in Big Data environments, which gives way to exponentially increasing knowledge of malware, tactics, techniques, and malicious processes, along with reliable application information, “explains Iratxe Vázquez.

Adaptive 360 is also ​​integrated with SIEM solutions (Security Information and Event Management), which add detailed information on the activity of running applications at workstations. For those customers who do not have a SIEM, Adaptive Defense 360 ​​incorporates its own security event management and storage system for real-time analysis of information collected with the Advanced Reporting Tool.

AV-Comparatives has seen what we can do, and they liked what they saw. How about you? Have you witnessed intelligent cybersecurity in action yet?

Follow the links to download the first  infographic on the most notable examples of ransomware in 2016.

The post Adaptive Defense 360 Given Stamp of Approval by AV-Comparatives appeared first on Panda Security Mediacenter.

Avast

How to protect your Android device from Ghost Push

Ghost Push is a malware family that exploits vulnerabilities to gain root access to Android devices to then download and review other apps in the background. Using social engineering, users are tricked into downloading Ghost Push from third party app stores or via links sent in text messages. Once installed, Ghost Push tries to gain root access. As the name suggests, Ghost Push acts in a ghostly fashion once it has root access, meaning infected users don’t notice anything – everything happens in the background. Recently, a new variant of the Ghost Push malware, Gooligan, was detected spreading in the wild. The Gooligan variant steals email addresses and authentication tokens stored on the infected devices, gaining access to users’ Google account data, including Gmail and Google Play.  More than one million users’ Google Play accounts were affected.

NVD

CVE-2017-5520

The media rename feature in GeniXCMS through 0.0.8 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to rename and execute files with the `.php6`, `.php7` and `.phtml` extensions.