Category Archives: Sicherheit

NTIA, Bug Bounty Programs, and Good Intentions

[Note: This blog had been sitting as a 99% completed draft since early September. I lost track of time and forgot to finish it off then. Since this is still a relevant topic, I am publishing now despite it not … Continue reading

Posted in Aktualisierung, Sicherheit | Leave a comment

Rebuttal: Dark Reading’s “9” Sources for Tracking New Vulnerabilities

Earlier today, Sean Martin published an article on Dark Reading titled “9 Sources For Tracking New Vulnerabilities“. Spanning 10 pages, likely for extra ad revenue, the sub-title reads: Keeping up with the latest vulnerabilities — especially in the context of … Continue reading

Posted in Aktualisierung, Sicherheit | Leave a comment

New VMware Security Advisory VMSA-2016-0017

Today VMware has released the following new security advisory: “VMSA-2016-0017 – VMware product updates address multiple information disclosure issues” This addresses multiple information disclosure issues (CVE-2016-5328) in VMware Tools (versions 9.x and 10.x) running on Mac OS X VMs and … Continue reading

Posted in Aktualisierung, Allgemein, Sicherheit | Leave a comment

VMware Security Response Center and Certifications @ VMworld Barcelona

¡Visítenos en VMworld in Barcelona! If you are at VMworld next week, come over to the VMware Security Response and Certification booth at the Solutions Exchange to hear how we keep customers safe. Also, in the same booth we have … Continue reading

Posted in Aktualisierung, Allgemein, Sicherheit | Leave a comment

VMSA-2016-0016

Greetings from the VMware Security Response Center! Today we released VMSA-2016-0016 which documents CVE-2016-7457 – a Critical severity issue in vRealize Operations (vROps). Due to the severity of this issue we have released emergency patches to resolve the issue in … Continue reading

Posted in Aktualisierung, Allgemein, Sicherheit | Leave a comment

VMware Security Advisory VMSA-2016-0015

Greetings from the VMware Security Response Center! Today we released VMSA-2016-0015 which documents an Important severity issue in VMware Horizon View. During internal discussions the most common question I have been asked about CVE-2016-7087 is why the issue has been classified … Continue reading

Posted in Aktualisierung, Allgemein, Sicherheit | Leave a comment

Newly Released STIG Validates VMware NSX Meets the Security Hardening Guidance Required for Installment on Department of Defense (DoD) Networks

As the first software-defined networking solution with a published STIG, VMware NSX meets the security hardening guidance required for installment on Department of Defense (DoD) networks. The VMware NSX STIG provides the technical security policies, requirements, and implementation details for … Continue reading

Posted in Aktualisierung, Allgemein, Sicherheit | Leave a comment

Response to Kenna Security’s Explanation of the DBIR Vulnerability Mess

Earlier this week, Michael Roytman of Kenna Security wrote a blog with more details about the vulnerability section of the Verizon DBIR report, partially in response to my last blog here questioning how some of the data was generated and … Continue reading

Posted in Aktualisierung, Sicherheit | Leave a comment

Response to Kenna Security’s Explanation of the DBIR Vulnerability Mess

Earlier this week, Michael Roytman of Kenna Security wrote a blog with more details about the vulnerability section of the Verizon DBIR report, partially in response to my last blog here questioning how some of the data was generated and … Continue reading

Posted in Aktualisierung, Sicherheit | Leave a comment

A Note on the Verizon DBIR 2016 Vulnerabilities Claims

[Updated 4/28/2016] Verizon released their yearly Data Breach Investigations Report (DBIR) and it wasn’t too long before I started getting asked about their “Vulnerabilities” section (page 13). After bringing up some highly questionable points about last year’s report regarding vulnerabilities, … Continue reading

Posted in Aktualisierung, Sicherheit | Leave a comment