Certstation knowledge base provides state of the art information related to IT security that covers a broad spectrum which includes news, blogs, articles, malwares and whitepapers related to what is happening in the security arena. Besides more in-depth technical analysis in the form of security advisories not only from their vendors, but also from the top-notch security sources. It provides a platform for security professionals to look for security patches and apply them on timely basis. Patches are available for proprietary as well as open source applications. Our updated repositories provide a complete snapshot for professionals to stay ahead in the cyber world. So let’s start using Knowledge Base.
Oracle is planning to release a Critical Patch Update on Tuesday that affects multiple versions of Java, and it’s another products. According to Oracle’s security announcement, the patch addresses 40 different vulnerabilities. All update levels of Java SE 5, 6, and 7 are affected by the flaws, as are all versions of JavaFX. Of the 40 bugs, all but three are remotely exploitable over a network without the need for a username or password. Oracle ranks the severity of its flaws using the Common Vulnerability Scoring System (CVSS), and the top-ranked bug in this particular update rates a 10.0. <more>
Apple’s iOS 7 brings a number of visual changes, but somehow the lock screen remains leaky. According to Forbes, the iOS7 lock screen can be bypassed thanks to one of the new features in the OS, the Control Center which can be accessed from any screen in iOS, brings shortcuts to four frequently-used apps. By opening up the Control Center, and launching the Calculator app and then launching the Camera app once again through the Control Center in the Calculator screen, anyone can access, delete, email and tweet the pictures in the Camera Roll. All this without having to enter the passcode on the lock screen. The vulnerability is discovered by Jose Rodriguez from Spain living in Tenerife sent the video showing how to bypass the lockscreen on Apple’s beta version of iOS 7 in just a few seconds.<watch>
Microsoft will release fix for five flaws in its software including Mac software on coming Tuesday i.e. 11th June. Only one of this month’s vulnerabilities is deemed “critical,” in that it could let a hacker remotely run malicious code without the legitimate user’s knowledge. According to Microsoft’s advance June security bulletin, which doesn’t disclose many details, that vulnerability apparently affects all currently supported versions of Windows that ranges from XP to 8 and the tablet-only RT; and also Internet Explorer versions 6 through 10 that means it should be applied on urgent basis. <more>
Juniper Networks announced the availability of Junos DDoS Secure, a new offering designed to protect data centers against increasingly complex Distributed Denial of Service (DDoS) attacks. Junos DDoS Secure provides protection against both high-volume and targeted application-level (low-and-slow) DDoS attacks by leveraging behavioral analytics and detailed network visibility to detect unusual activity from each user of a website and drop suspect traffic before it is able to cause damage, the company said. Juniper said the new offering provides DDoS protection against “low-and-slow” application attacks with minimal false positives, as well as up to 10 Gbps of mitigation against volumetric attacks. <more>