Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

Adobe Releases Security Updates for ColdFusion

Description: Adobe has released security updates to address a vulnerability in ColdFusion. These updates resolve a critical vulnerability that could lead to arbitrary code execution in the context of the running ColdFusion service.    Adobe is aware of a report that CVE-2019-7816 has been exploited in the wild.   Impact: A remote attacker could exploit this...

Read more

0
04 Mar 2019
in Security Advisories & Alerts

Cisco Releases Security Updates

Description: Cisco has released security updates to address vulnerabilities in multiple Cisco products. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker...

Read more

0
04 Mar 2019
in Security Advisories & Alerts

OpenSSL Releases Security Update

Description: OpenSSL version 1.0.2r has been released to address a vulnerability for users of versions 1.0.2–1.0.2q Impact: An attacker could exploit this vulnerability to obtain sensitive information. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.openssl.org/news/secadv/20190226.txt

0
04 Mar 2019
in Security Advisories & Alerts

Drupal Releases Security Updates

Description: Drupal has released security updates to address a vulnerability in Drupal Core. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.drupal.org/sa-core-2019-003

0
04 Mar 2019
GlobeImposter 2.0 র‍্যানসমওয়্যার ও সতর্কতামূলক পদক্ষেপ
in Articles, Bangla Articles, News

GlobeImposter 2.0 র‍্যানসমওয়্যার ও সতর্কতামূলক পদক্ষেপ

GlobeImposter 2.0 র‍্যানসমওয়্যার কি : সাইবার সিকিউরিটি  গবেষকগন ২০১৮ সালে প্রথম GlobeImposter  র‍্যানসমওয়্যার এর উপস্থিতি লক্ষ করেন যা GlobeImposter 1.0 নামে পরিচিত। কিন্তু বর্তমানে এর একটি নতুন সংস্করণ GlobeImposter 2.0  র‍্যানসমওয়্যার প্রকাশিত হয়েছে এবং দ্রুত সারা বিশ্বে ছড়িয়ে পড়েছে। এই সাম্প্রতিক আক্রমণে, সংক্রামিত কম্পিউটার সিস্টেম এর বিভিন্ন ফাইলগুলি এনক্রিপ্ট হচ্ছে,...

Read more

0
19 Feb 2019
in News Clipping

CISCO addresses DoS bugs in CISCO ESA products [securityaffairs]

Cisco addressed two DoS vulnerabilities in CISCO ESA products that can be exploited by remote unauthenticated attacker. Cisco fixed two denial-of-service (DoS) flaws in Email Security Appliance (ESA) products that can be exploited by a remote unauthenticated attacker. The first flaw tracked as CVE-2018-15453  has been rated as “critical,” it is a memory corruption...

Read more

0
17 Jan 2019
in News Clipping

OWASP Secure Coding Practices Checklist [informationsecuritycontrol]

Input Validation 1. Conduct all data validation on a trusted system (e.g., The server) 2. Identify all data sources and classify them into trusted and untrusted. Validate all data from untrusted sources (e.g., Databases, file streams, etc.) 3. There should be a centralized input validation routine for the application 4. Specify proper character sets, such as UTF-8,...

Read more

0
17 Jan 2019
Page 10 of 94« First...89101112...203040...Last »