Logjam Vulnerability Advisory This is a security advisory on the "Logjam Vulnerability." What is Logjam Attack The Logjam vulnerability is a weakness that left secure sites open to attack. A weakness in encryption protocol called Diffie-Hellman is letting attackers downgrade certain
Simplify Compliance with Multiple Regulations using “One Audit”
ControlCase Newsletter April 2015 ControlCase Announces "One Audit" to Simplify Compliance with Multiple Regulations The ControlCase One Audit service provides the ability for organizations to perform a single audit and certify/comply to multiple regulations including but not limited to PCI
GHOST Vulnerability Advisory
GHOST Vulnerability Advisory This is a security advisory on the "GHOST Vulnerability (CVE-2015-0235)." About the Vulnerability The GHOST vulnerability is a serious weakness in the Linux "glibc library". It allows attackers to remotely take complete control of the victim system. GHOST is a
Windows OLE RCE – The Sandworm Exploit
Windows OLE RCE - The Sandworm Exploit This is a security advisory on the "Windows OLE Remote Code Execution Vulnerability" widely known as "The Sandworm" exploit. About the Vulnerability On October 14th, Microsoft released several Patches on the Patch Tuesday. The patches mainly address a
SSL V3.0 Fallback – POODLE Advisory
SSL V3.0 Fallback - POODLE Advisory This is a security advisory on the "SSL V3.0 Fallback - POODLE." About the Vulnerability On October 14th, an attack affecting the SSLv3.0 protocol was disclosed. The attack named POODLE which is acronym for "Padding Oracle On Downgraded Legacy Encryption"
ControlCase Advisory on the Shellshock Vulnerability
ControlCase Advisory on the Shellshock Vulnerability This is a security advisory on the "Shellshock" vulnerability. What is Shellshock Bourne Again Shell (bash) is a widely used shell on *NIX systems. It contains flaw that allows attacker to provide specially-crafted environment variables
OpenSSL Critical Patch Update Advisory
OpenSSL Critical Patch Update Advisory This is a security advisory on the "OpenSSL Critical Patch Update." About the Vulnerability On June 5th, the OpenSSL team published fixes for six security vulnerabilities in the widely used crypto library. OpenSSL components DTLS, do_ssl3,
ControlCase Advisory on Heartbleed Security Vulnerability
ControlCase Advisory on Heartbleed Security Vulnerability This is a security advisory on the "Heartbleed" vulnerability. What is HeartBleed Bug The bug, called "Heartbleed", affects servers running a package called OpenSSL. This is considered a serious vulnerability because of wide use of