CVE-2019-3741

Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a plain-text password storage vulnerability. A Unisphere user’s including the admin privilege user password is stored in a plain text in Unity Data Collection bundle logs files for troubleshooting. A local authenticated attacker...

CVE-2019-3741

Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a plain-text password storage vulnerability. A Unisphere user’s including the admin privilege user password is stored in a plain text in Unity Data Collection bundle logs files for troubleshooting. A local authenticated attacker...

CVE-2019-3741

Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a plain-text password storage vulnerability. A Unisphere user’s including the admin privilege user password is stored in a plain text in Unity Data Collection bundle logs files for troubleshooting. A local authenticated attacker...

The vulnerability of the PowerSCADA Expert system for data collection and process control allows a perpetrator to gain access to user account information due to insufficient protection of registration data.

The vulnerability of the PowerSCADA Expert system for data collection and process control is related to insufficient protection of registration data. Exploiting this vulnerability can allow attackers to gain access to user account information...

1,300 Popular Android Apps Access Data Without Proper Permissions

Over 1,300 popular Android apps defy user permissions and gather sensitive data with no consent, according to a study by a coalition of academics from the International Computer Science Institute. The report examined popular mobile apps available through the U.S. version of the Google Play store,...

Cynet Launches Free Offering For Incident Response Service Providers

More and more, organizations take the route of outsourcing incident response to Managed Security Service Providers. This trend is distinct regardless of the organization's cyber maturity level and can be found across a wide range of cyber maturity, from small companies with no dedicated security...

Cynet Launches Free Offering For Incident Response Service Providers

More and more, organizations take the route of outsourcing incident response to Managed Security Service Providers. This trend is distinct regardless of the organization's cyber maturity level and can be found across a wide range of cyber maturity, from small companies with no dedicated security...

The vulnerability of the GPS logger data collection program, related to initialization errors, allows a violator to trigger a service failure.

The vulnerability of the GPS logger data collection program is related to initialization errors. Exploiting this vulnerability can allow a hacker to cause the program to terminate abnormally...

Podcast: Dating App Privacy and NASA Cyberattack

Beyond the regular drumbeat of security vulnerabilities and patches this week, a slew of stories covered varying topics ranging from NASA to Tinder. The Threatpost team broke down the most interesting stories of the week, including: A ransomware webinar hosted by Threatpost editor Tara Seals, whi...

Data, Surveillance, and the AI Arms Race

According to foreign policy experts and the defense establishment, the United States is caught in an artificial intelligence arms race with China -- one with serious implications for national security. The conventional version of this story suggests that the United States is at a disadvantage...

Microsoft Intune Data Collection

This plugin collects all data from Microsoft Intune. Binary data intunecollect.nbin...

Blackberry UEM Data Collection

This plugin collects all data from Blackberry UEM. Binary data blackberryuemcollect.nbin...

Mitsubishi QD81DL96 Communications Adapter Detection

Binary data 752144.prm...

The top six takeaways for corporate data privacy compliance

For nearly two months, Malwarebytes Labs has led readers on a journey through data privacy laws around the world, exploring the nuances between “personal information” and “personal data,” as well as between data breach notification laws in Florida, Utah, California, and Iowa. We explored the risk...

Low: Red Hat Security Advisory: openstack-ceilometer security update

An update for openstack-ceilometer is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Apple Defends Parental Control App Removal Amid Backlash

Apple is defending its decision to take down several highly popular parental control apps amidst a firestorm of backlash, saying it did so for “privacy and security” reasons. Apple came under scrutiny this weekend after a New York Times article alleged that the phone giant had unfairly removed or...

Consumers have few legal options for protecting privacy

There are no promises in the words, “We care about user privacy.” Yet, these words appear on privacy policy after privacy policy, serving as disingenuous banners to hide potentially invasive corporate practices, including clandestine data collection, sharing, and selling. This is no accident. It ...

Never Forget That You Are Being Watched

By David Balaban What data do Facebook, Google, and mobile apps collect, do mobile carriers listen to your calls? Read this post and find answers to these and other privacy questions as well as get tips on how to protect your personal data. It has become known that information about 257,000...

What is personal information? In legal terms, it depends

In early March, cybersecurity professionals around the world filled the San Francisco Moscone Convention Center’s sprawling exhibition halls to discuss and learn about everything infosec, from public key encryption to incident response, and from machine learning to domestic abuse. It was RSA...

Podcast: Chris Vickery on UpGuard's Discovery of Millions of Facebook Records

Data collection and security was thrust to the forefront this week after researchers with UpGuard disclosed that hundreds of millions of Facebook records were found in two separate publicly-exposed app datasets. The two publicly-exposed datasets included one controlled by Mexican media company...