Recent cyber attacks on organizations around the world have demonstrated the need for consistency in managing security vulnerabilities. To answer that demand, the Industry Consortium for the Advancement of Security on the Internet (ICASI) and the
Vulnerabilities discovered by Talos Talos is disclosing multiple vulnerabilities discovered in the Aerospike Database Server. These vulnerabilities range from memory disclosure to potential remote code execution. This software is used by various
The final patch Tuesday of 2016 has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release contains 12 bulletins addressing 48
Overview Crash triaging can be a long and complicated process; by using proper tools and having an optimal approach, we can make this a bit easier and less time consuming. In this post we describe a triaging strategy and toolset based on two examples
Back in April, I wrote a blog post about the new version of the Common Vulnerability Scoring System (CVSS). The changes made for CVSSv3 addressed some of the challenges that existed in CVSSv2. For example, CVSSv3 analyzes the scope of a vulnerability
In late August we began to detect malicious Microsoft Word documents that contained VisualBasic (VB) macro code and the code appeared to be triggering when the document was opened. However, the documents did not contain any of the standard events used
Today, we released the last Cisco IOS & IOS XE Software Security Advisory Bundled Publication of 2016. (As a reminder, Cisco discloses vulnerabilities in Cisco IOS and IOS XE Software on a predictable schedule—the fourth Wednesday of March and
Cisco has been working to draw attention to the hidden security risks organizations face by not properly maintaining their aging infrastructure and patching vulnerable systems. Threat actors, including ransomware operators, are using vulnerable
Vulnerabilities discovered by Aleksandar Nikolic. Blog post authored by Jaeson Schultz and Aleksandar Nikolic. One of the most fundamental tasks performed by many software programs involves the reading, writing, and general processing of files. In
