OpenSSL Says Breach Did Not Involve Corrupted Hypervisor
1/3/2014Hosting provider's compromised password system, not a hacked hypervisor, led to defacing of OpenSSL.org site, site reps say – after VMware cries foul.
Post a Comment
Author
Profile of Charles Babcock
Editor at Large, Cloud News & Commentary Posts: 23Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive Week. He is a graduate of Syracuse University where he obtained a bachelor's degree in journalism. He joined the publication in 2003.
Articles by Charles Babcock
Hosting provider's compromised password system, not a hacked hypervisor, led to defacing of OpenSSL.org site, site reps say – after VMware cries foul.
Post a Comment
Bromium Secures Older PCs, Terminals Via 'Microvisor'
12/17/2012CTO Simon Crosby says goal is to isolate untrusted tasks on Windows XP machines, thin clients as users bring outside code and content inside the enterprise.
Post a Comment
Bromium Strengthens Desktop Security Using Virtualization
10/11/2012Ex-Citrix CTO Simon Crosby says Bromium's vSentry technology isolates suspicious activity in a virtual machine, then identifies and flushes it when the VM is erased.
Post a Comment
Cloud Services Face Different Security Threats
9/14/2012Alert Logic study finds that cloud and on-premises customers face about the same number, but different types, of threats.
Post a Comment
Virtualization Security: No One Product Does It
9/8/2011VMware environments demand multiple tools to build barriers, trap intruders, maintain VM security-- and keep the Jason Cornishes out.
Post a Comment
Virtualization Security: Your Biggest Risk Is Disgruntled Insider
9/6/2011Could 88 of your virtual servers be deleted by an angry insider during one McDonald's visit? Learn from Shionogi's experience.
Post a Comment
Cloud Identity Problems Solved By Federating Directories
8/4/2011Amazon, Radiant Logic join competition to supply virtual directories that make enterprise identities available in the cloud.
Post a Comment
Verizon To Continue Rapid Cloud Ramp
1/18/2011The firm will rapidly expand its cloud offerings, with platform-based services, customer relationship management, and enterprise resourcThe telecom provider will expand its cloud computing offerings with platform-based services, and upcoming CRM and ERP apps.e planning launching in 2011.
Post a Comment
10Gen Raises $6.5 Million For MongoDB
12/10/2010The open source NoSQL database company has attracted a venture funding round from Sequoia Capital, Flybridge Capital Partners, and Union Square Ventures.
Post a Comment
Zenworks 11 Update Consolidates Endpoint Governance
11/11/2010Novell's Zenworks 11 suite combines identity, security, patch, and asset management onto a single pane of glass with a web-based management console.
Post a Comment
Amazon Says Cloud Beats Data Center Security
11/4/2010Security is a shared responsibility between the cloud provider and its customers, says Amazon Web Services security architect.
Post a Comment
EnterpriseDB Adds Integrated Replication, Hot Standby
9/24/2010Postgres Plus gains features from updated open source database PostgreSQL 9.0.
Post a Comment
Rackspace Updates Hybrid Email Service
6/17/2010Shared calendaring and other features are included in Rackspace's expanded hybrid Microsoft Exchange/Rackspace email offering in the cloud.
Post a Comment
Terracotta Releases Ehcache 2.1
5/25/2010Ehcache 2.1 governs the distributed random access memories of a server cluster on behalf of Java applications.
Post a Comment
Oracle To Acquire Firewall Maker Secerno
5/20/2010The Secerno DataWall firewall appliance inspects commands, logs activities, and issues alerts to protect Oracle and other database systems.
Post a Comment
Sun MySQL Head Joins EnterpriseDB
4/12/2010Karen Padir, a key software leader at Sun Microsystems, has joined Oracle's competition, open source EnterpriseDB.
Post a Comment
IT Spending On Cloud Ratcheting Up
4/2/2010A Sandhill Group survey shows enterprise interest in -- and IT spending on -- cloud computing accelerating over the next three years.
Post a Comment
BMC To Acquire Phurnace
1/7/2010The startup is being picked up for its Java application management knowhow.
Post a Comment
Red Hat CEO On Recession, Virtualization, Ballmer
1/6/2010Jim Whitehurst says his firm has encountered a "perfect storm" of conditions furthering its growth in recession.
Post a Comment
IBM Tool Scans For Malevolent Ajax, Flash Code
2/5/2009Rational AppScan monitors interactive Web applications and SOA services built as Web services to spot potential security holes.
Post a Comment
Only 35% Of Oracle Users Continuously Monitor For Suspicious Activity
9/19/2008A recent Unisphere survey found 20% of respondents anticipated some kind of data security breach over the coming year.
Post a Comment
VMware Issues Patch For Hypervisor Bug
8/13/2008CEO Paul Maritz apologized to customers and said VMware was determined to get to the bottom of the problem that caused virtual machines to refuse to start.
Post a Comment
Oracle Counters SQL-Injection Holes With Update
7/21/2008There were an additional seven patches for PeopleSoft and J.D. Edwards applications, seven for the recently acquired BEA product suite, and six for Oracle E-Business Suite.
Post a Comment
White Papers
Video
1 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
The State of IT and Cybersecurity
IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-14492
PUBLISHED: 2018-07-21
PUBLISHED: 2018-07-20
PUBLISHED: 2018-07-20
PUBLISHED: 2018-07-20
PUBLISHED: 2018-07-20
From DHS/US-CERT's National Vulnerability Database CVE-2018-14492
PUBLISHED: 2018-07-21
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
CVE-2018-3770PUBLISHED: 2018-07-20
A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.
CVE-2018-3771PUBLISHED: 2018-07-20
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
CVE-2018-5065PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2018-5066PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This