February 26, SecurityWeek – (International) Over 60 vulnerabilities patched in Apple TV. Apple released Apple TV version 7.2.1 which patched security holes in over 20 different components of the TV including Webkit, the kernel, the third-party app sandbox, Office Viewer, and Cloudkit, among other libraries, and patched vulnerabilities that can be exploited for information disclosure, execution of unsigned code, arbitrary code execution, application crashes, and modifications to protected parts of the filesystem. Source
February 25, SecurityWeek – (International) Breach detection time improves, destructive attacks rise: FireEye. FireEye-owned Mandiant released a report titled, M-Trends, which stated that current organizations were improving their breach detection rates after an investigation on real-life incidences revealed that the median detection rate improved from 205 days in 2014 to 146 days in 2015. The report also stated that disruptive attacks were a legitimate threat and gave insight into how organizations can prepare for and deal with such attacks. Source
February 25, SecurityWeek – (International) Cisco patches command injection flaw in ACE appliance. Cisco released patches for its Application Control Engine (ACE) 4710 appliances after the company found that the product’s Device Manager graphical user interface (GUI) had an insufficient user input validation flaw that could be exploited by a remote, authenticated attacker to execute command-line interface commands with administrator privileges by sending specially crafted Hypertext Transfer Protocol (HTTP) POST requests with commands injected into the value of the POST parameter. Attackers could exploit the flaw to bypass role-based access control (RBAC) restrictions. Source
February 25, SecurityWeek – (International) Palo Alto Networks fixes PAN-OS vulnerabilities. Palo Alto Networks released updates for its PAN-OS, the operating system (OS) for its enterprise security platform, which fixed several vulnerabilities including a high severity flaw that can allow a remote, unauthenticated attacker, with access to the device to execute arbitrary OS commands, and a critical buffer overflow flaw in the GlobalProtect portal that can be exploited to cause a denial-of-service (DoS) condition, crash a device, and potentially cause a remote code execution. Source