OpenSSL Says Breach Did Not Involve Corrupted Hypervisor
1/3/2014Hosting provider's compromised password system, not a hacked hypervisor, led to defacing of OpenSSL.org site, site reps say – after VMware cries foul.
Post a Comment
Author
Profile of Charles Babcock
Editor at Large, Cloud News & Commentary Posts: 23Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive Week. He is a graduate of Syracuse University where he obtained a bachelor's degree in journalism. He joined the publication in 2003.
Articles by Charles Babcock
Hosting provider's compromised password system, not a hacked hypervisor, led to defacing of OpenSSL.org site, site reps say – after VMware cries foul.
Post a Comment
Bromium Secures Older PCs, Terminals Via 'Microvisor'
12/17/2012CTO Simon Crosby says goal is to isolate untrusted tasks on Windows XP machines, thin clients as users bring outside code and content inside the enterprise.
Post a Comment
Bromium Strengthens Desktop Security Using Virtualization
10/11/2012Ex-Citrix CTO Simon Crosby says Bromium's vSentry technology isolates suspicious activity in a virtual machine, then identifies and flushes it when the VM is erased.
Post a Comment
Cloud Services Face Different Security Threats
9/14/2012Alert Logic study finds that cloud and on-premises customers face about the same number, but different types, of threats.
Post a Comment
Virtualization Security: No One Product Does It
9/8/2011VMware environments demand multiple tools to build barriers, trap intruders, maintain VM security-- and keep the Jason Cornishes out.
Post a Comment
Virtualization Security: Your Biggest Risk Is Disgruntled Insider
9/6/2011Could 88 of your virtual servers be deleted by an angry insider during one McDonald's visit? Learn from Shionogi's experience.
Post a Comment
Cloud Identity Problems Solved By Federating Directories
8/4/2011Amazon, Radiant Logic join competition to supply virtual directories that make enterprise identities available in the cloud.
Post a Comment
Verizon To Continue Rapid Cloud Ramp
1/18/2011The firm will rapidly expand its cloud offerings, with platform-based services, customer relationship management, and enterprise resourcThe telecom provider will expand its cloud computing offerings with platform-based services, and upcoming CRM and ERP apps.e planning launching in 2011.
Post a Comment
10Gen Raises $6.5 Million For MongoDB
12/10/2010The open source NoSQL database company has attracted a venture funding round from Sequoia Capital, Flybridge Capital Partners, and Union Square Ventures.
Post a Comment
Zenworks 11 Update Consolidates Endpoint Governance
11/11/2010Novell's Zenworks 11 suite combines identity, security, patch, and asset management onto a single pane of glass with a web-based management console.
Post a Comment
Amazon Says Cloud Beats Data Center Security
11/4/2010Security is a shared responsibility between the cloud provider and its customers, says Amazon Web Services security architect.
Post a Comment
EnterpriseDB Adds Integrated Replication, Hot Standby
9/24/2010Postgres Plus gains features from updated open source database PostgreSQL 9.0.
Post a Comment
Rackspace Updates Hybrid Email Service
6/17/2010Shared calendaring and other features are included in Rackspace's expanded hybrid Microsoft Exchange/Rackspace email offering in the cloud.
Post a Comment
Terracotta Releases Ehcache 2.1
5/25/2010Ehcache 2.1 governs the distributed random access memories of a server cluster on behalf of Java applications.
Post a Comment
Oracle To Acquire Firewall Maker Secerno
5/20/2010The Secerno DataWall firewall appliance inspects commands, logs activities, and issues alerts to protect Oracle and other database systems.
Post a Comment
Sun MySQL Head Joins EnterpriseDB
4/12/2010Karen Padir, a key software leader at Sun Microsystems, has joined Oracle's competition, open source EnterpriseDB.
Post a Comment
IT Spending On Cloud Ratcheting Up
4/2/2010A Sandhill Group survey shows enterprise interest in -- and IT spending on -- cloud computing accelerating over the next three years.
Post a Comment
BMC To Acquire Phurnace
1/7/2010The startup is being picked up for its Java application management knowhow.
Post a Comment
Red Hat CEO On Recession, Virtualization, Ballmer
1/6/2010Jim Whitehurst says his firm has encountered a "perfect storm" of conditions furthering its growth in recession.
Post a Comment
IBM Tool Scans For Malevolent Ajax, Flash Code
2/5/2009Rational AppScan monitors interactive Web applications and SOA services built as Web services to spot potential security holes.
Post a Comment
Only 35% Of Oracle Users Continuously Monitor For Suspicious Activity
9/19/2008A recent Unisphere survey found 20% of respondents anticipated some kind of data security breach over the coming year.
Post a Comment
VMware Issues Patch For Hypervisor Bug
8/13/2008CEO Paul Maritz apologized to customers and said VMware was determined to get to the bottom of the problem that caused virtual machines to refuse to start.
Post a Comment
Oracle Counters SQL-Injection Holes With Update
7/21/2008There were an additional seven patches for PeopleSoft and J.D. Edwards applications, seven for the recently acquired BEA product suite, and six for Oracle E-Business Suite.
Post a Comment
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Well, at least it isn't Mobby Dick!
Latest Comment: Well, at least it isn't Mobby Dick!
Current Issue
5 Emerging Cyber Threats to Watch for in 2019Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2016-10743
PUBLISHED: 2019-03-23
PUBLISHED: 2019-03-23
PUBLISHED: 2019-03-23
PUBLISHED: 2019-03-23
PUBLISHED: 2019-03-23
From DHS/US-CERT's National Vulnerability Database CVE-2016-10743
PUBLISHED: 2019-03-23
hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.
CVE-2019-9947PUBLISHED: 2019-03-23
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string or PATH_INFO) follo...
CVE-2019-9948PUBLISHED: 2019-03-23
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.
CVE-2019-9945PUBLISHED: 2019-03-23
SoftNAS Cloud 4.2.0 and 4.2.1 allows remote command execution. The NGINX default configuration file has a check to verify the status of a user cookie. If not set, a user is redirected to the login page. An arbitrary value can be provided for this cookie to access the web interface without valid user...
CVE-2019-9942PUBLISHED: 2019-03-23
A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the __toString() method on an object even if not allowed by the security policy in place.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This