Zscaler Buys Deception Technology Startup

Subscribe to Newsletters

More Informa Tech Live Events

White Papers

2021 State of ITOps and SecOps Report

2021 Application Security Statistics Report Vol.2

The State of Endpoint Security

Tech Insights: Detecting and Preventing Insider Data Leaks

Assessing Cybersecurity Risk in Today’s Enterprises

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: Do you believe this new verison of Mario Kart! I can’t wait to collect Dogecoin. Where’s Elon’s rocket button?

Cartoon Archive

Current Issue

2021 Top Enterprise IT TrendsWe’ve identified the key trends that are poised to impact the IT landscape in 2021. Find out why they’re important and how they will affect you today!

Back Issues | Must Reads

Flash Poll

All Polls

How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.

Download Now!

Assessing Cybersecurity Risk in Today’s Enterprises

0 comments

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2018-10863
PUBLISHED: 2021-05-26

It has been discovered that redhat-certification is not properly configured and it lists all files and directories in the /var/www/rhcert/store/transfer directory through the /rhcert-transfer URL. An unauthorized attacker may use this flaw to gather sensible information. This flaw affects redhat-cer…

CVE-2018-10865
PUBLISHED: 2021-05-26

It has been discovered that redhat-certification does not perform an authorization check and allows an unauthenticated user to call a "restart" RPC method on any host accessible by the system. An attacker could use this flaw to send requests to port 8009 of any host or to keep restarting t…

CVE-2018-10866
PUBLISHED: 2021-05-26

It has been discovered that redhat-certification does not perform an authorization check and it allows an unauthenticated user to remove a "system" file, that is an xml file with host related information, not belonging to him. This flaw affects redhat-certification version 7.

CVE-2018-10867
PUBLISHED: 2021-05-26

It has been discovered that redhat-certification does not restrict file access in the /update/results page. A remote attacker could use this vulnerability to remove any file accessible by the user which is running httpd. This flaw affects redhat-certification version 7.

CVE-2018-10868
PUBLISHED: 2021-05-26

It has been discovered that redhat-certification does not properly limit the number of recursive definitions of entities in XML documents while parsing the status of a host. A remote attacker could use this vulnerability to consume all the memory of the server and cause a Denial of Service. This fla…

The post Zscaler Buys Deception Technology Startup appeared first on Malware Devil.

https://malwaredevil.com/2021/05/26/zscaler-buys-deception-technology-startup/?utm_source=rss&utm_medium=rss&utm_campaign=zscaler-buys-deception-technology-startup