About Prophecy

This author has not written his bio yet.
But we are proud to say that Prophecy contributed 33 entries already.

Entries by Prophecy

PCI DDS Compliance v 3.0

If you’re dealing with any form of payment card data, starting on January 2015, security audits will need to prove PCI 3.0 compliance. Banks, card brands and regulators are stepping up action in the face of recent significant breaches in name brand companies. If you are running the unsupported open source agent for event logging, […]

Fear not, Snare is not affected by POODLE

The POODLE attack (which stands for “Padding Oracle On Downgraded Legacy Encryption”) is a man-in-the-middle exploit which takes advantage of Internet and security software clients’ fallback to SSL 3.0. The Snare Agents are not affected by POODLE as it requires a cookie injection from the client and Snare does not use cookies for our connections. […]

The Bash vulnerability and how it affects the Snare product suite

All versions of the Snare Server prior to v6.3.5 are running a vulnerable version of Bash, known as the Shellshock vulnerability (CVE-2014-6271, CVE-2014-7169, CVE-2014-7187, CVE-2014-7186) (http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-7169.html). If you are running a previous version, it is recommended that you upgrade your Snare Server to version 6.3.5 (released 29-SEP-2014) as soon as possible to ensure that your […]