ISC Bind 9.9.2 Denial Of Service Vulnerability

ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record.

Link: http://www.securiteam.com/securitynews/5OP3L20KKC.html

Cisco Firesight System Software 5.4.0.2 Bypass a restriction or similar Vulnerability

A vulnerability in the FTP Representational State Transfer Application Programming Interface (REST API) for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an FTP connection. Cisco Firepower System Software is affected when the device has a file policy with malware block configured for FTP connections. More Information: CSCuv36188 CSCuy91156. Known Affected Releases: 5.4.0.2 5.4.1.1 5.4.1.6 6.0.0 6.1.0 6.2.0. Known Fixed Releases: 6.0.0.

Link: http://www.securiteam.com/securitynews/5MP3J20KKE.html

Adobe Acrobat Reader Dc 15.006.30201 Execute Code Overflow Vulnerability

Adobe Acrobat Reader Dc is prone to a local code-execution vulnerability.This allows a local attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.

Link: http://www.securiteam.com/securitynews/5KP3H20KKG.html

Jim Routh, Aetna – Enterprise Security Weekly #34

Jim Routh is the Chief Security Officer and leads the Global Security function for Aetna. He is also the Chairman of the NH-ISAC Board, and has previously worked for JP Morgan Chase and American Express. Jim has over 30 years of experience in information technology and information security as a practitioner and management consultant, as

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/KoHDry2mDZM/

Deception-based Ransomware Detection: What It Is and Why You Need it

The FBI deemed criminal ransomware a $1 billion industry in 2016. And the ransomware trend is expected to continue in 2017 as incentives increase and the hacking software spreads. The problem is it’s getting easier for cybercriminals to execute these shakedowns with new Ransomware-as-a-Service (RaaS) tools, BYOD user vulnerabilities, improved encryption methods and untraceable bitcoin […]
The post Deception-based Ransomware Detection: What It Is and Why You Need it appeared first on Blog | Imperva.

Link: http://feedproxy.google.com/~r/Imperviews/~3/F44GQ94Q3og/