Novell SUSE Linux Enterprise Server/SUSE Linux Enterprise Desktop Code Injection Vulnerability

SuSE Linux Enterprise Server and SUSE Linux Enterprise Desktop are both enterprise server versions of the Linux operating system from the American company Novell. A code injection vulnerability exists in the supportconfig data collection tool in supportutils in Novell SUSE Linux Enterprise Server...

Microsoft Finally Reveals What Data Windows 10 Collects From Your PC

Since the launch of Windows 10, there has been widespread concern about its data collection practices, mostly because Microsoft has been very secretive about the telemetry data it collects. Now, this is going to be changed, as Microsoft wants to be more transparent on its diagnostics data...

Verizon Rebuts Critics of Data-Collecting App

Verizon broke its silence today on what many believed would be a controversial rollout of an app made by Evie Labs called AppFlash, that had been identified by privacy advocates as spyware. The wireless carrier and broadband ISP defended itself Friday saying its critics were flat-out wrong. Veriz...

Verizon to pre-install a 'Spyware' app on its Android phones to collect user data

If the death of online privacy rules wasn't enough for Internet Service Providers and advertisers to celebrate, Verizon has planned to pre-install spyware on customers' Android devices in order to collect their personal data. The telecom giant has partnered with Evie Launcher to bring a new...

CVE-2016-1602

A code injection in the supportconfig data collection tool in supportutils in SUSE Linux Enterprise Server 12 and 12-SP1 and SUSE Linux Enterprise Desktop 12 and 12-SP1 could be used by local attackers to execute code as the user running supportconfig usually root...

Google Kicks Out Largest Android Adware Family From The Play Store

With the rise in the mobile market, Adware has become one of the most prevalent mobile threats in the world. Adware has traditionally been used to aggressively push ads like banners or pop-ups on mobile screens to make money. The troublesome part is that Adware is now becoming trojanized and more...

Senator Demands Answers About CloudPets Breach

A U.S. senator has called Spiral Toys onto the carpet for its data security practices in light of the recent CloudPets breach. Sen. Bill Nelson D-FL, a ranking member of the Committee on Commerce, Science and Transportation and backer of a 2016 report on security and privacy concerns related to...

Smart TV Maker Fined $2.2 Million For Spying on Its 11 Million Users

Your government is spying on you! Businesses are spying on you! Your phone and browser are constantly spying on you! Even your TV is spying on you! Yes, you should also worry about your "smart" TV, as one of the world's biggest smart TV makers Vizio has been caught secretly collecting its...

VeeamONE SQL Database Log File (ldf) Growth

Challenge The transaction log file .ldf for the Veeam ONE configuration database VeeamONE consumes an unexpectedly large amount of disk space. Cause This occurs when the Recovery Model of the VeeamONE configuration database is set to Full or Bulk-Logged. Note: By deafult, Veeam ONE expects and...

Multiple Locus Energy LGate Products OS Command Injection Vulnerabilities

Locus Energy LGate is a web-based data collection system from Locus Energy, Inc. An input validation vulnerability exists in multiple Locus Energy LGate products, which allows remote attackers to submit a special request, inject and execute arbitrary commands...

How to Change Veeam ONE Data Collection Mode

Purpose This article documents how to change the Data Collection Mode used by Veeam ONE. Solution Change Data Collection Mode after Installation 1. Open the Veeam ONE Setting Utility. 2. In the Veeam ONE Settings Utility , select Scalability. 3. Choose the desitred Data Collection Mode and click...

WhatsApp Blasted by EU Data Protection Group Over Facebook Sharing

Yet another privacy coalition is urging WhatsApp to clarify that user information shared between the company and Facebook is compliant with data protection laws on the books in Europe. The Article 29 Working Party, comprised of representatives from data protection authorities from each EU member...

The YAWAST Antecedent Web Application Security Toolkit

The YAWAST Antecedent Web Application Security Toolkit YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL – Versions and cipher suites supported; common issues...

Windows Forensic Data Collection: IR-rescue

Windows Forensic Data Collection ir-rescue is a Windows Batch script that collects a myriad of forensic data from 32-bit and 64-bit Windows systems while respecting the order of volatility. It is intended for incident response use at different stages in the analysis and investigation process. It...

How to Collect SSR for Citrix Insight Services (CIS) Using the CLI in Citrix Hypervisor 8.2 CU1

How to Collect Data for Citrix Insight Service CIS using the CLI in Citrix Hypervisor 8.2 CU1 and later without the use of XenCenter...

France warns Microsoft to Stop Collecting Windows 10 Users' Personal Data

We have heard a lot about privacy concerns surrounding Windows 10 and accusations on Microsoft of collecting too much data about users without their consent. Now, the French data protection authority has ordered Microsoft to stop it. France's National Data Protection Commission CNIL issued a form...

MaaS360 Data Collection

Binary data maas360collect.nbin...

CVE-2016-2889

Cross-site request forgery CSRF vulnerability in the Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016, 6.0 and 6.0.1 before 6.0.1 ifix005, and 6.0.2 before ifix002 allows remote authenticated users to hijack the authentication of arbitrar...

CVE-2016-2889

Cross-site request forgery CSRF vulnerability in the Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016, 6.0 and 6.0.1 before 6.0.1 ifix005, and 6.0.2 before ifix002 allows remote authenticated users to hijack the authentication of arbitrar...

CVE-2016-2888

Cross-site scripting XSS vulnerability in the Report Builder and Data Collection Component DCC in IBM Jazz Reporting Service JRS 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different...