Monthly Archives: May 2015

Fedora

Fedora 21 Security Update: dcraw-9.25.0-2.fc21

Resolved Bugs
1221249 – CVE-2015-3885 dcraw: input sanitization flaw leading to buffer overflow
1221251 – CVE-2015-3885 dcraw: input sanitization flaw leading to buffer overflow [fedora-all]<br
This update contains a fix for a bug which could cause dcraw write past array boundaries.
Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS.

Avira

#SECURITHON: Avira’s first hackathon

At Avira, we believe there is at least one thing multiplying faster than digital threats and that is…good ideas. Considering every day we are discovering more and more about the first ones, we wanted to also give you a chance to share with us your ideas on how we can turn the digital world into a better place.

It is our pleasure to invite you to Securithon, our very first hackathon. The event will take place one month from now, in Bucharest, and it aims at finding ingenious ways of solving ‘dirty software bundles’.  We are inviting skilled and passionate developers to write apps that work against unwanted applications from software bundles.

Who

You are a Computer Science student in your final year or a developer already turning good ideas into code and you’re looking for a cool challenge to prove your skills.

When & Where

27-28 June 2015

Connect Hub (Bucharest, Romania)

Why

Installer bundles often package more components than expected: some of them may install silently, others may come as opt-outs…either way, they represent a serious digital threat for all of us.

Together, we want to find other ways for users to avoid installing these additional components, send them useful notifications and make it easier to totally get rid of any kind of PUAs.

Also, we have prepared special prizes for the first three places and of course coffee and pizza are on us during the whole 24 Hours!

You’ll be working in teams of up to 4 members so prepare to share all the fun.

How

Registrations are on Eventbrite and the number of places is limited. Make sure to reserve your seat as soon as possible.

Register Now

The post #SECURITHON: Avira’s first hackathon appeared first on Avira Blog.

Avira

Watch OS 1.0.1 for the Apple Watch Released

With Watch OS 1.0.1 Apple has released the first update for its watch. While it doesn’t include any flashy new features you should definitely make sure to install the patch as soon as possible, since it includes fixes for several critical security issues.

One of them is the well known FREAK bug, the SSL/TSL vulnerability which was disclosed in March. The vulnerability can allow hackers to perform a Man in the Middle (MITM) attack on traffic routed between a device that uses the affected version of OpenSSL and many websites, by downgrading the encryption to an easy to crack 512 bits (64KB).

Other than that the update includes fixes for vulnerabilities that could lead to arbitrary code execution, disclose information, cause a denial of service, redirect user traffic to arbitrary hosts, and bypass network filters.

According to Macworld Watch OS 1.0.1 also improves your Apple Watch’s performance, adds seven new languages, and support for new emoji.

To install the new Watch OS just do the following: Open your Apple Watch app on your iPhone and go to My Watch > General > Software Update. Make sure that the watch is within range of the iPhone and connected to a charger. It should also be at least 50 percent charged.

The post Watch OS 1.0.1 for the Apple Watch Released appeared first on Avira Blog.

NVD

CVE-2015-0742 (adaptive_security_appliance_software)

The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software 9.2(0.0), 9.2(0.104), 9.2(3.1), 9.2(3.4), 9.3(1.105), 9.3(2.100), 9.4(0.115), 100.13(0.21), 100.13(20.3), 100.13(21.9), and 100.14(1.1) does not properly implement multicast-forwarding registration, which allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet, aka Bug ID CSCus74398.

Panda Security

According to PC Magazine Panda FREE is the best free antivirus for 2015

We bring you more great news! If a week ago we told you that we had achieved 100% detention rate according to AV-Comparatives, now we want to share with you that PC Magazine has listed Panda FREE as the best free antivirus for 2015.

best free antivirus

They highlight how easy to use it is, its quick install and that it provides “excellent lab results”.  PC Magazine says the best way of not having malware is to avoid downloading it and points out that Panda FREE has two ways of protecting you against these malicious downloads:

  • Blocking all access to known malicious URLs.
  • Scanning all the files downloaded, and eliminating the malicious ones immediately.

PC Magazine has chosen Panda FREE as their “Editors’ Choice”, and assures that Panda offers the best features of commercial antivirus according them and other independent labs.

Would you like to try the best free antivirus for 2015?

The post According to PC Magazine Panda FREE is the best free antivirus for 2015 appeared first on MediaCenter Panda Security.