Archive for the Category: Security

Equifax Hired a Music Major as the Company’s Chief Security Officer

Here’s a shocking article stating that Equifax CEO Richard Smith hired Susan Mauldin as Equifax’s Chief Security Officer. She has a bachelor’s degree and a master of fine arts degree in music composition from the University of Georgia. http://www.marketwatch.com/story/equifax-ceo-hired-a-music-major-as-the-companys-chief-security-officer-2017-09-15 Many years ago, I got a Bachelor of Computer Science degree and have worked my whole […]

Also posted in General Leave a comment

IBM Broke T.Rob’s Stash!

T.Rob Wyatt has posted a blog item on how IBM broke his stash file (so to speak). You can read about it here: https://t-rob.net/2017/07/28/dude-ibm-broke-my-stash/ Regards, Roger Lacroix Capitalware Inc.

Also posted in IBM i (OS/400), Linux, MQ, Unix, Windows Comments Off on IBM Broke T.Rob’s Stash!

MQ Channel Encryption Product Advisory

It has been discovered that very small TSH segments will cause MQCEJ (Java/JMS) and MQCEDN (.NET) to throw an exception. The issue has been fixed and a product update is available. To get the latest Capitalware commercial product release, send an email to support@capitalware.com and we will send you the latest release of the product. […]

Also posted in .NET, Capitalware, Java, Linux, MQ, MQ Channel Encryption, Unix, Windows, z/OS Comments Off on MQ Channel Encryption Product Advisory

IBM MQ V9 – New CVEs

A new vulnerability has been logged: CVE-2017-1337. IBM MQ V9.0.1 and V9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. Another new vulnerability has been logged: CVE-2017-1284. IBM MQ V9.0.1 and V9.0.2 could allow a local user with ability to run or enable trace, to obtain sensitive information from WebSphere Application Server traces […]

Also posted in IBM i (OS/400), Java, JMS, Linux, MQ, Unix, Windows Comments Off on IBM MQ V9 – New CVEs

RFE – Add QM name and channel MCAUSER attribute to be passed to JAAS modules

Please review and vote for this RFE if you think it’s a good idea. The link below will take you directly there. Headline: Add queue manager name and channel MCAUSER attribute to be passed to JAAS modules URL to review the RFE and Vote for it if you like: http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=103607 Description: For MQTT and AMQP […]

Also posted in IBM i (OS/400), Java, Linux, MQ, Unix, Windows Comments Off on RFE – Add QM name and channel MCAUSER attribute to be passed to JAAS modules

Pres. Trump says gov’t agencies need better security – MQ security too?

The other day, U.S. President Donald Trump said: the government agencies need to better protect their networks. Most of the U.S. government agencies use IBM MQ for their messaging middleware. Application messages that traverse their MQ environment contain confidential and highly secure information. As many of you know, A basic setup of IBM MQ Server […]

Also posted in Capitalware, IBM i (OS/400), Linux, MQ, MQ Authenticate User Security Exit, MQ Channel Encryption, MQ Enterprise Security Suite, MQ Message Encryption, MQ Standard Security Exit, Unix, Windows, z/OS Comments Off on Pres. Trump says gov’t agencies need better security – MQ security too?

MQ Visual Edit V2 – Prompt for Password

A customer emailed me the other day saying that their security policy does not allow applications to store passwords (even in encrypted format) on their local PCs. Their security policy states that the user must be prompted for his/her password (like MQ Explorer). I thought this was a good idea, so I have made a […]

Also posted in Capitalware, Linux, Mac OS X, MQ, Windows Comments Off on MQ Visual Edit V2 – Prompt for Password

Capitalware Products 2016 Release Train

Yesterday, Capitalware Inc. released updates to all of the products that involve MQ Exits. Blog posting for product releases: MQ Auditor v2.4.0 MQ Authenticate User Security Exit v3.2.0 MQ Authenticate User Security Exit for z/OS v3.2.0 MQ Channel Encryption v3.1.2 MQ Channel Encryption for z/OS v3.1.2 MQ Channel Throttler v1.0.2 MQ Message Encryption v3.3.0 MQ […]

Also posted in Capitalware, IBM i (OS/400), Licensed As Free, MQ, MQ Auditor, MQ Authenticate User Security Exit, MQ Channel Encryption, MQ Channel Throttler, MQ Enterprise Security Suite, MQ Message Encryption, MQ Message Replication, MQ Standard Security Exit, Unix, Windows, z/OS Comments Off on Capitalware Products 2016 Release Train

New: MQ Authenticate User Security Exit v3.2.0

Capitalware Inc. would like to announce the official release of MQ Authenticate User Security Exit v3.2.0. This is a FREE upgrade for ALL licensed users of MQ Authenticate User Security Exit. MQ Authenticate User Security Exit is a solution that allows a company to fully authenticate a user who is accessing an IBM MQ resource. […]

Also posted in Capitalware, IBM i (OS/400), Linux, MQ, MQ Authenticate User Security Exit, Unix, Windows Comments Off on New: MQ Authenticate User Security Exit v3.2.0

New: MQ Authenticate User Security Exit for z/OS v3.2.0

Capitalware Inc. would like to announce the official release of MQ Authenticate User Security Exit for z/OS v3.2.0. This is a FREE upgrade for ALL licensed users of MQ Authenticate User Security Exit for z/OS. MQ Authenticate User Security Exit for z/OS is a solution that allows a company to fully authenticate a user who […]

Also posted in Capitalware, MQ, MQ Authenticate User Security Exit, z/OS Comments Off on New: MQ Authenticate User Security Exit for z/OS v3.2.0