Top Security Events / Vulnerabilities in 2018, 2017, 2016, 2015, 2014
Here is a list of top vulnerabilities found since 2015, which I am still working on to compile them together. It will come from different sources and includes those which…
Installation and Configuration of Sophos Enterprise Console 5.1 in your Networks – 2. Configuration
Continue with previous post “Installation and Configuration of Sophos Enterprise Console 5.1 in your Networks – 1. Installation” Steps: After the installation of the Sophos Enterprise Console you had logged…
Installation and Configuration of Sophos Enterprise Console 5.1 in your Networks – 1. Installation
This post is a detail documentation how to install Sophos Enterprise Console 5.1 in your networks. Pre-Requirements: copy the Sophos Enterprise Console to the Server (ProdInstall\Sophos\Sophos Console\sec_5.1.exe) check if you…
Cisco IOS Internet Key Exchange version 1 (IKEv1) Vulnerability and Fix
Cisco IKEv1 is still popular in VPN configuration. Most of my vpn configuration is based on IKE v1 although there are more demands for v2. I had a post “Cisco…
Real-Time Cyber Attack Threat Map
More and more security companies use a webpage to show their monitored global security events such as the Live Status of Cyber Attacks being launched from where and who is…
Ransomware Locked Files on My Test Machine
One of my test machines which I am using to download and test software from Internet was hit by Ransomware recently. Check out what it did to my machine. In…
How Firewalls (Security Gateways) Handle the Packets? (Traffic Flow)
Different firewall (security gateway) vendor has different solution to handle the passing traffic. This post compiles some useful Internet posts that interpret major vendors’ solutions including:1. Checkpoint2. Palo Alto3. Fortigate4.…
Gartner Magic Quadrant for Mobile Data Protection (2015, 2014, 2013, 2012, 2011…, 2006)
According to Gartner, “Mobile Data Protection (MDP) systems and procedures are needed to protect business data privacy, meet regulatory and contractual requirements, and comply with audits.” Additionally, “Most companies, even…
My Top Network Security Tools
I listed some of my favorite and useful Internet websites and network tools in previous post which has been used in my daily IT life. There are some network security…
Troubleshooting Java HTTPS Security Warning Message
One of our Internal Website is always having a Security Warning message when using Internet Explorer https to it, but this message is not showing when using Google Chrome. Symptoms:…
CVE-2015-0235: GHOST – A Critical Vulnerability in the Glibc Library
GHOST is a ‘buffer overflow’ bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. If a remote attacker can make an application call to gethostbyname() or gethostbyname2(),…
Poodle : New SSL 3.0 Bug (CVE-2014-3566)
Oct 14 2014, this bug CVE_2014-3566 has been found as a subtle but significant security weakness in version 3 of the SSL protocol. Severity level is Medium. Basically this vulnerability…