Security Leftovers
-
Security updates for Wednesday
-
Customer security awareness: alerting you to vulnerabilities that are of real risk
-
Cisco's WikiLeaks Security Vulnerability Exposure: 10 Things Partners Need To Know
Cisco's security team has discovered that hundreds of its networking devices contain a vulnerability that could allow attackers to remotely executive malicious code and take control of the affected device.
"We are committed to responsible disclosure, protecting our customers, and building the strongest security architecture and products that are designed through our Trustworthy Systems initiatives," said a Cisco spokesperson in an email to CRN regarding the vulnerability.
Some channel partners of the San Jose, Calif.-based networking giant are already advising customers on how to bypass the critical security flaw. Here are 10 important items that Cisco channel partners should know about the security vulnerability.
-
Linux had a killer flaw for 11 years and no one noticed
One of the key advantages of Open sauce software is that it is supposed to be easier to spot and fix software flaws, however Linux has had a local privilege escalation flaw for 11 years and no-one has noticed.
The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely introduced in 2005 when the Linux kernel gained support for the Datagram Congestion Control Protocol (DCCP). It was discovered last week and was patched by the kernel developers on Friday.
-
6 Hot Internet of Things (IoT) Security Technologies
-
Microsoft Losing Its Edge
However, despite these improvements in code cleanness and security technologies, it hasn’t quite proven itself when faced with experienced hackers at contests such as Pwn2Own. At last year’s edition of Pwn2Own, Edge proved to be a little better than Internet Explorer and Safari, but it still ended up getting hacked twice, while Chrome was only partially hacked once.
Things seem to have gotten worse, rather than better, for Edge. At this year’s Pwn2Own, Microsoft’s browser was hacked no less than five times.
-
Microsoft loses the Edge at hacking contest
And for every hack perpetrated against Edge, there was a corresponding attack against the Windows 10 kernel, indicating that it has a way to go in terms of security, according to Tom's Hardware.
-
Wikileaks: Apple, Microsoft and Google must fix CIA exploits within 90 days
The 90-day deadline is the same that Google's own Project Zero security group provides to companies when it uncovers flaws in their software. If a company has failed to patch its software accordingly, Project Zero publishes details of the flaw whether the vendor likes it or not.
-
NTPsec Project announces 0.9.7
- Login or register to post comments
- Printer-friendly version
- 1147 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago