Wednesday, June 19, 2019
Symantec

SYMSA1484-DLP Cross Site Scripting

Symantec has released updates to address an issue that was discovered in the DLP product.
Symantec

SA Search Results

Symantec

SYMSA1426-SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks

Symantec Network Protection products, which run on an affected CPU chipset and execute arbitrary code from external sources, are susceptible to several information disclosure vulnerabilities (aka Meltdown and Spectre attacks). A remote attacker, with the ability to execute arbitrary...
Symantec

SYMSA1443- SA166: OpenSSL Vulnerabilities 27-Mar-2018

Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities.  A remote attacker can forge cryptographic messages and cause denial of service through application crashes.
Symantec

SYMSA1482-Symantec Messaging Gateway Information Disclosure

Symantec has released an update to address an issue that was discovered in the Symantec Messaging Gateway (SMG) product.
Symantec

SYMSA1481-Symantec AV Engine Arbitrary File Deletion

Symantec has released an update to address an issue that was discovered in the Symantec AV Engine.
Symantec

SYMSA1479-Norton SEP Multiple Issues

Symantec has released updates to address issues that were discovered in the Norton Security, Symantec Endpoint Protection (SEP), Symantec Endpoint Protection Manager (SEPM), Symantec Endpoint Protection Small Business Edition (SEP SBE) and Symantec Endpoint Protection Cloud (SEP Cloud) products.
Symantec

SYMSA1478-Symantec Endpoint Encryption Privilege Escalation

Symantec has released an update to address an issue that was discovered in the Symantec Endpoint Encryption product.
Symantec

SYMSA1476-Norton Core Arbitrary Code Execution

Symantec has released an update to address an issue that was discovered in the Norton Core product.
Symantec

SYMSA1477-Symantec VIP Enterprise Gateway Cross Site Scripting

Symantec has released an update to address an issue that was discovered in the Symantec VIP Enterprise Gateway product.
Symantec

SYMSA1462-OpenSSL Vulnerabilities 16-Apr-2018 and 12-Jun-2018

Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A malicious SSL/TLS server can send large DH parameters during connections using DH/DHE cipher suites and cause denial-of-service in the SSL/TLS client. A local attacker can...
Symantec

SYMSA1451- SA165: NTP Vulnerabilities February 2018

Symantec Network Protection products using affected versions of the NTP reference implementation from ntp.org are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code, modify the target's system time, prevent the target from...
Symantec

SYMSA1475-Norton Password Manager Address Spoof

Symantec has released an update to address an issue that was discovered in the Norton Password Manager product.
Symantec

SYMSA1469-OpenSSH Vulnerabilities Jan-Aug 2018

Symantec Network Protection products using affected versions of OpenSSH are susceptible to several vulnerabilities.  A remote attacker, with access to the management interface, can obtain usernames for valid SSH users and cause denial of service through application crashes.
Symantec

SYMSA1467-Linux Kernel Aug 2017 – Sep 2018 Vulnerabilities

Symantec Network Protection products that include a vulnerable version of the Linux kernel are susceptible to multiple vulnerabilities.  A remote attacker, with access to the management interface, can obtain unauthorized read/write access to local files, cause denial of service,...
TechRepublic

How AI-enhanced malware poses a threat to your organization

Malware controlled by artificial intelligence could create more convincing spam, avoid security detection, and better adapt itself to each target, says a new report from Malwarebytes.
TechRepublic

Tech news roundup: HPE Discover 2019, Facebook’s Libra cryptocurrency, and Google Cloud’s debacle

This week's TechRepublic and ZDNet news stories include a look at the companies that hire the most data scientists, four significant impacts of a security breach, and a first-hand account of a major hack job.
SC Magazine

ACLU tells Ga. Supreme Court Fourth Amendment should apply to personal data stored by cars

Fourth Amendment protections should apply to personal data in a car’s Event Data Recorder, the American Civil Liberties Union (ACLU) will argue before the Georgia Supreme Court today. The state’s high court is hearing oral arguments in Mobley v. State, which challenges law...
PC Mag

Can Anything Protect Us From Deepfakes?

Along with fake news, forged videos have become a national security concern, especially as the 2020 presidential elections draw near. Researchers at the University of Surrey have developed a solution that might solve the problem.

How Hackers Emptied Church Coffers with a Simple Phishing Scam

Cyber thieves aren't bound by a code of ethics. They look for weak targets and high rewards, which is exactly what Saint Ambrose Catholic offered.