Next Page >>
security software
Networking Interface" vulnerability (CSCse89550) was reported to Cisco by
a customer.
The "Local Privilege Escalation Through Default cvpnd.exe File
Permissions" vulnerability (CSCsj00785) was reported to Cisco by Dominic
Beecher of Next Generation Security Software Ltd. Dominic also provided a
viable workaround for this vulnerability. Cisco would like to thank
Dominic Beecher and Next Generation Security Software Ltd. for reporting
this vulnerability and for working with us towards a coordinated
disclosure of the vulnerability.
a malicious SMB request.
Description
============
Cisco Security Agent is a security software agent that provides threat protection
for server and desktop computing systems.
A driver bundled with Cisco Security Agent for Windows does not correctly
check the data length provided by users when processing a SMB packet, which
might trigger a stack buffer overflow in the system kernel. A remote attacker
3. Solution
Bkis recommends all organizations and individuals who are using BigAce to immediately update the latest software version.
Download: http://www.bigace.de/BIGACE-2.7.2.html
4. About Bkis
Bkis is Vietnamese leading Company in researching, deploying network security software and solutions.
Official website: http://www.bkis.com
Blog: http://blog.bkis.com and http://security.bkis.com
----------------------------------------------------------------
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
Background:
===========
Websense Email Security software incorporates multiple layers of
real-time Web security and data security intelligence to provide
leading email protection from converged email and Web 2.0 threats.
It helps to manage outbound data leaks and compliance risk, and enables
a consolidated security strategy with the trusted leader in Essential
Information Protection.
vulnerability.
Details
=======
Cisco Security Agent is a security software agent that provides threat
protection for server and desktop computing systems. Cisco Security
Agents can be managed by a Management Center for Cisco Security Agents
or can be standalone agents that are not managed by a Cisco Security
Agent Management Center.
>
> SecuriTeam Blogs:
> http://blogs.securiteam.com/?p=1052
>
> Additionally, there is more information about NSA's role on Windows
> security software industry provided ('further details regarding which
> publishers and their means of facilitation' mentioned by Cryptome post
> on 1st Nov, link mentioned in Bugtraq post referenced below).
>
> Cryptome: NSA has access to Windows Mobile smartphones
> http://www.securityfocus.com/archive/1/483129
Details
=======
The Cisco Security Agent is a security software agent that provides
threat protection for server and desktop computing systems. Cisco
Security Agents can be standalone agents or can be managed by the
Cisco Security Agent Management Center.
Version 6.x of Cisco Security Agent running on Windows platforms are
http://cryptome.org/nsa-ssl-email.htm
SecuriTeam Blogs:
http://blogs.securiteam.com/?p=1052
Additionally, there is more information about NSA's role on Windows security software industry provided ('further details regarding which publishers and their means of facilitation' mentioned by Cryptome post on 1st Nov, link mentioned in Bugtraq post referenced below).
Cryptome: NSA has access to Windows Mobile smartphones
http://www.securityfocus.com/archive/1/483129
Juha-Matti
>
> SecuriTeam Blogs:
> http://blogs.securiteam.com/?p=1052
>
> Additionally, there is more information about NSA's role on Windows
> security software industry provided ('further details regarding which
> publishers and their means of facilitation' mentioned by Cryptome post
> on 1st Nov, link mentioned in Bugtraq post referenced below).
>
> Cryptome: NSA has access to Windows Mobile smartphones
> http://www.securityfocus.com/archive/1/483129
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
> quite alarmed. The number of Bugs and Design problems we found
> were so tremendous that we had problems dealing with the shear
> amount of Vendor coordination and notification emails.
the title is misleading at best. Defense in Depth has nothing to do
with security software. To the contrary. The paradigm describes an
approach where you assume that invidual (even multiple) elements of your
defense fall, in the worst possible way (which could be code
execution). What you are describing is people adding security software
_instead_ of applying a thorough defense in depth design.
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
About Onapsis, Inc.
===================
Onapsis provides innovative security software solutions to protect ERP systems from cyber-attacks. Through unmatched ERP security, compliance and
continuous monitoring products, Onapsis secures the business-critical infrastructure of its global customers against espionage, sabotage and financial
fraud threats.
Onapsis X1, the company's flagship product, is the industry's first comprehensive solution for the automated security assessment of SAP platforms.
Being the first and only SAP-certified solution of its kind, Onapsis X1 allows customers to perform automated Vulnerability Assessments, Security &
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: Manchester Technology Centre,
Oxford Road, Manchester, M1 7EF with Company Number 04225835 and
VAT Number 783096402
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: Manchester Technology Centre,
Oxford Road, Manchester, M1 7EF with Company Number 04225835 and
VAT Number 783096402
immediately update the latest software version.
Download: http://www.bigace.de/BIGACE-2.7.2.html
4. About Bkis
Bkis is Vietnamese leading Company in researching, deploying network
security software and solutions.
Official website: http://www.bkis.com
Blog: http://blog.bkis.com and http://security.bkis.com
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: Manchester Technology Centre,
Oxford Road, Manchester, M1 7EF with Company Number 04225835 and
VAT Number 783096402
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
[Snip..]
I. Background
~~~~~~~~~~~~~
I. Background
Quote:"Trend Micro Incorporated is a global leader in network antivirus and Internet content security software and services. Founded in 1988, Trend Micro was a pioneer in secure content and threat management, leading the migration of early virus protection from the desktop to the network server and the Internet gateway. Today, the company continues to advance its comprehensive approach to management of content security threats into the Internet cloud, encompassing information flow beyond the boundaries of the network. With its 24x7 global support operations and dedication to innovative technologies and methodologies, Trend Micro is well positioned to protect its customers against an expanding range of threats that silently endanger business operations, personal information, and property."
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
announcement of security vulnerabilities in software, operating systems,
network protocols and embedded systems.
· About Bkis :
Bkis (Bach Khoa Internetwork Security) is Vietnamese leading Center in
researching, deploying network security software and solutions.
· Website : http://security.bkis.vn
· Mail : svrt[at]bkav.com.vn
case, I am sorry dude, but how can you tell ? Have you seen the
presentation? Have you heard the conclusion? I don't think so?
Though you are more than welcome to see it :)
FFL> Defense in Depth has nothing to do
FFL> with security software.
In a certain sense it has. Defence in depth is a Paradigm as not only
applied to how you design software but also how you implement solutions.
The talk is about reality, not an RFC or CISSP Definition.
FYI, while certainly not a reference, here is what Wikipedia has to say:
"Signatory states passing legislation to implement the treaty may
endanger the security of their computer systems, because computer
users in those countries will not be able to adequately protect
their computer systems... legislation that criminalizes security
software development, distribution, and use is counter to that goal,
as it would adversely impact security practitioners, researchers,
and educators."
If I recall correctly, we were assured by representatives that such an
outcome would not occur.
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
The views expressed in this email do not necessarily reflect NGS policy.
NGS accepts no liability or responsibility for any onward transmission
or use of emails and attachments having left the NGS domain.
NGS and NGSSoftware are trading names of Next Generation Security
Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1
4BF with Company Number 04225835 and VAT Number 783096402
Background:
===========
Websense Email Security software incorporates multiple layers of
real-time Web security and data security intelligence to provide
leading email protection from converged email and Web 2.0 threats.
It helps to manage outbound data leaks and compliance risk, and enables
a consolidated security strategy with the trusted leader in Essential
Information Protection.
Next Page>>
|
