Tag: java

Database Insecurity And The Trends Of 2013Team Shatter Exclusive

Posted January 30, 2013 by Josh Shaul in Attack Vectors, Data Breach, Database Security, Team Shatter Exclusive with 0 comments

What is in store for us in 2013? What new threats should organizations be aware of? Are you next to be hacked? Let’s first take a quick look back at the events of 2012. In the past twelve months, the good news is that the hacktivists went away (mostly). However, we saw an increase of 45% over 2011 in the number of breaches disclosed, there were lots of new database vulnerabilities reported and patched, including one with a CVSS 10.0…

Click for complete article >>

Advisory: Sybase Java Operating System command execution vulnerabilityTeam Shatter Exclusive

Posted October 4, 2012 by Alex Rothacker in Sybase ASE, Team Shatter Exclusive with 0 comments

Risk Level: High Affected versions: Sybase ASE 15.0, 15.5 and 15.7 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Esteban Martinez Fayo of Application Security Inc. Details: It is possible to execute Operating System commands using the Java call Runtime.getRuntime().exec(). Impact: Any low privileged database user can execute Operating System commands on the Sybase server host with the privilege of the Sybase server process.  The attack requires that Java is installed and enabled on Sybase ASE. Vendor…

Click for complete article >>

Securing Java Applications with Smart Cards and Single-Sign-OnTeam Shatter Exclusive

Posted November 2, 2010 by TeamSHATTER Admin in Best Practices, Government (Federal), Team Shatter Exclusive with 0 comments
masterlock

I recently visited a large U.S. government agency that has been rolling out a number of security initiatives over the last few years. The organization has been an AppSecInc customer for quite sometime and is currently fully deployed with DbProtect, scanning and monitoring hundreds of databases. They take security seriously and continue reducing their risks with various enterprise-wide activities, one small step at a time. This is my favorite kind of progress, where patience and grit always pays off in the long run.

Click for complete article >>
Powered by