Home Tags Transmission Control Protocol (TCP)

Tag: Transmission Control Protocol (TCP)

Linux Systemd Bug Could Have Led to Crash, Code Execution

Ubuntu fixed a Linux bug that could have let an attacker cause a denial of service or execute arbitrary code with a TCP payload this week.

Schroedinger’s Pet(ya)

Earlier today (June 27th), we received reports about a new wave of ransomware attacks spreading around the world, primarily targeting businesses in Ukraine, Russia and Western Europe. Our investigation is ongoing and our findings are far from final at this time.

Despite rampant public speculation, the following is what we can confirm from our independent analysis.

Cisco FirePOWER System Software SSL Logging Denial of Service Vulnerability

A vulnerability in the logging configuration of Secure Sockets Layernbsp;(SSL) policies for Cisconbsp;FirePOWER System Software could allow an unauthenticated, remote attacker to cause a denial of servicenbsp;(DoS) condition due...

The Fundamental Flaw in TCP/IP: Connecting Everything

Almost 30 years after its inception, it's time to fix the engine that both fuels the modern day Internet and is the root cause of its most vexing security challenges.

WannaCry FAQ: What you need to know today

Friday May 12th marked the start of the dizzying madness that has been ‘WannaCryrsquo;, the largest ransomware infection in history.

Defenders have been running around trying to understand the malwarersquo;s capabilities.
In the process, a lot of wires have gotten crossed and we figured itrsquo;s time to sit down and set the record straight on what we know, what we wish we knew, and what the near future might hold for us going forward.

Linkerd 1.0 helps cloud services communicate

Linkerd, providing an enterprise-level open source service mesh for cloud-native applications, has moved to a 1.0 release.Offered by cloud software provider Buoyant, the mesh adds service discovery, load balancing, failure handling, instrumentation, and routing to all interservice communication.[ InfoWorld's quick guide: Digital Transformation and the Agile Enterprise. | Download InfoWorld’s essential guide to microservices and learn how to create modern web and mobile applications that scale. ] Bouyant describes a service mesh as a dedicated infrastructure layer for safe, fast, and reliable service-to-service communication, sitting as a layer of abstraction above TCP/IP.
It's responsible for delivering requests through a complex topology of services in a cloud-native application, said William Morgan of Buoyant.To read this article in full or to leave a comment, please click here

TCP/IP headers leak info about what you’re watching on Netflix

Not even HTTPS can hide your secret Gilmore Girls fetish An infosec educator from the United States Military Academy at West Point have taken a look at Netflix's HTTPS implementation, and reckons all he needs to know what programs you like is a bit of passive traffic capture.…

VU#214283: Commvault Edge contains a buffer overflow vulnerability

Commvault Edge,version 11 SP6(11.80.50.0),is vulnerable to a stack-based buffer overflow vulnerability.

Nginx JavaScript is ready for prime time

Nginx has upgraded its web server and load balancer to take advantage of its JavaScript implementation. The company on Tuesday debuts Nginx Plus R12, the commercially supported version of its technology.

This release moves NginScript, a JavaScript-...

Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability

A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficie...

Fileless attacks against enterprise networks

This threat was originally discovered by a bank’s security team, after detecting Meterpreter code inside the physical memory of a domain controller (DC). Kaspersky Lab participated in the forensic analysis, discovering the use of PowerShell scripts within the Windows registry.

Additionally it was discovered that the NETSH utility as used for tunnelling traffic from the victim’s host to the attacker´s C2.

VU#867968: Microsoft Windows SMB Tree Connect Response denial of service vulnerability

Microsoft Windows contains a memory corruption bug in the handling of SMB traffic,which may allow a remote,unauthenticated attacker to cause a denial of service on a vulnerable system.