Security Advisories

  • 2015-825: JUNIPER multiple Security issues with ScreenOS

    Friday, December 18, 2015 11:38:00 AM CET

    During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections.

  • 2015-824: Remote code execution vulnerability in jar analysis

    Wednesday, December 16, 2015 05:44:00 PM CET

    Tavis Ormandy and Natalie Silvanovich of Google Project Zero discovered a critical vulnerability in Fireeye devices. As a result, an attacker can send an email to a user or alternatively get them to click a link and completely compromise one of the most privileged machines on the network. This allows exfiltration of confidential data, tampering with traffic, lateral movement around networks and even self-propagating internet worms.

  • 2015-750: Vulnerable Dell Self-Signed Root certificates

    Tuesday, November 24, 2015 04:11:00 PM CET

    Some Dell laptops and desktops come with a pre-installed self-signed root certificate under the name of eDellRoot and in some occasions have also an installed another self-signed root certificate under the name of DSDTestProvider. This is a potential security vulnerability that makes it easy for attackers to hijack Internet connections and masquerade as trusted websites. That security vulnerability compromises the security of encrypted HTTPS connections.

  • 2015-325: Logjam Attack

    Tuesday, June 09, 2015 03:50:00 PM CEST

    Last days was published a new vulnerability related to TSL/SSL protocol called Logjam attack. This vulnerability allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography (which is an old working mode, still there to support legacy system enforcing former US cryptography exportation restrictions).

We got cookies

We only use cookies that are necessary for the technical functioning of our website. Find out more on here.