OpenSSL Says Breach Did Not Involve Corrupted Hypervisor
1/3/2014Hosting provider's compromised password system, not a hacked hypervisor, led to defacing of OpenSSL.org site, site reps say – after VMware cries foul.
Post a Comment
Author
Profile of Charles Babcock
Editor at Large, Cloud News & Commentary Posts: 23Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive Week. He is a graduate of Syracuse University where he obtained a bachelor's degree in journalism. He joined the publication in 2003.
Articles by Charles Babcock
Hosting provider's compromised password system, not a hacked hypervisor, led to defacing of OpenSSL.org site, site reps say – after VMware cries foul.
Post a Comment
Bromium Secures Older PCs, Terminals Via 'Microvisor'
12/17/2012CTO Simon Crosby says goal is to isolate untrusted tasks on Windows XP machines, thin clients as users bring outside code and content inside the enterprise.
Post a Comment
Bromium Strengthens Desktop Security Using Virtualization
10/11/2012Ex-Citrix CTO Simon Crosby says Bromium's vSentry technology isolates suspicious activity in a virtual machine, then identifies and flushes it when the VM is erased.
Post a Comment
Cloud Services Face Different Security Threats
9/14/2012Alert Logic study finds that cloud and on-premises customers face about the same number, but different types, of threats.
Post a Comment
Virtualization Security: No One Product Does It
9/8/2011VMware environments demand multiple tools to build barriers, trap intruders, maintain VM security-- and keep the Jason Cornishes out.
Post a Comment
Virtualization Security: Your Biggest Risk Is Disgruntled Insider
9/6/2011Could 88 of your virtual servers be deleted by an angry insider during one McDonald's visit? Learn from Shionogi's experience.
Post a Comment
Cloud Identity Problems Solved By Federating Directories
8/4/2011Amazon, Radiant Logic join competition to supply virtual directories that make enterprise identities available in the cloud.
Post a Comment
Verizon To Continue Rapid Cloud Ramp
1/18/2011The firm will rapidly expand its cloud offerings, with platform-based services, customer relationship management, and enterprise resourcThe telecom provider will expand its cloud computing offerings with platform-based services, and upcoming CRM and ERP apps.e planning launching in 2011.
Post a Comment
10Gen Raises $6.5 Million For MongoDB
12/10/2010The open source NoSQL database company has attracted a venture funding round from Sequoia Capital, Flybridge Capital Partners, and Union Square Ventures.
Post a Comment
Zenworks 11 Update Consolidates Endpoint Governance
11/11/2010Novell's Zenworks 11 suite combines identity, security, patch, and asset management onto a single pane of glass with a web-based management console.
Post a Comment
Amazon Says Cloud Beats Data Center Security
11/4/2010Security is a shared responsibility between the cloud provider and its customers, says Amazon Web Services security architect.
Post a Comment
EnterpriseDB Adds Integrated Replication, Hot Standby
9/24/2010Postgres Plus gains features from updated open source database PostgreSQL 9.0.
Post a Comment
Rackspace Updates Hybrid Email Service
6/17/2010Shared calendaring and other features are included in Rackspace's expanded hybrid Microsoft Exchange/Rackspace email offering in the cloud.
Post a Comment
Terracotta Releases Ehcache 2.1
5/25/2010Ehcache 2.1 governs the distributed random access memories of a server cluster on behalf of Java applications.
Post a Comment
Oracle To Acquire Firewall Maker Secerno
5/20/2010The Secerno DataWall firewall appliance inspects commands, logs activities, and issues alerts to protect Oracle and other database systems.
Post a Comment
Sun MySQL Head Joins EnterpriseDB
4/12/2010Karen Padir, a key software leader at Sun Microsystems, has joined Oracle's competition, open source EnterpriseDB.
Post a Comment
IT Spending On Cloud Ratcheting Up
4/2/2010A Sandhill Group survey shows enterprise interest in -- and IT spending on -- cloud computing accelerating over the next three years.
Post a Comment
BMC To Acquire Phurnace
1/7/2010The startup is being picked up for its Java application management knowhow.
Post a Comment
Red Hat CEO On Recession, Virtualization, Ballmer
1/6/2010Jim Whitehurst says his firm has encountered a "perfect storm" of conditions furthering its growth in recession.
Post a Comment
IBM Tool Scans For Malevolent Ajax, Flash Code
2/5/2009Rational AppScan monitors interactive Web applications and SOA services built as Web services to spot potential security holes.
Post a Comment
Only 35% Of Oracle Users Continuously Monitor For Suspicious Activity
9/19/2008A recent Unisphere survey found 20% of respondents anticipated some kind of data security breach over the coming year.
Post a Comment
VMware Issues Patch For Hypervisor Bug
8/13/2008CEO Paul Maritz apologized to customers and said VMware was determined to get to the bottom of the problem that caused virtual machines to refuse to start.
Post a Comment
Oracle Counters SQL-Injection Holes With Update
7/21/2008There were an additional seven patches for PeopleSoft and J.D. Edwards applications, seven for the recently acquired BEA product suite, and six for Oracle E-Business Suite.
Post a Comment
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
![[Strategic Security Report] Navigating the Threat Intelligence Maze](https://dsimg.ubm-us.net/asset/393933/543593/DR_ThreatConnect_Report.png)
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-11354
PUBLISHED: 2018-05-22
PUBLISHED: 2018-05-22
PUBLISHED: 2018-05-22
PUBLISHED: 2018-05-22
PUBLISHED: 2018-05-22
From DHS/US-CERT's National Vulnerability Database CVE-2018-11354
PUBLISHED: 2018-05-22
In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was addressed in epan/dissectors/packet-ieee1905.c by making a certain correction to string handling.
CVE-2018-11355PUBLISHED: 2018-05-22
In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks.
CVE-2018-11356PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. This was addressed in epan/dissectors/packet-dns.c by avoiding a NULL pointer dereference for an empty name in an SRV record.
CVE-2018-11357PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. This was addressed in epan/tvbuff.c by rejecting negative lengths.
CVE-2018-11358PUBLISHED: 2018-05-22
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a use-after-free after a malformed packet prevented certain cleanup.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This