1071 matches found
Trellix Global Defenders: LAPSUS$ Data Breaches and Proactive Protections
Trellix Global Defenders: LAPSUS$ Data Breaches and Proactive Protections By Taylor Mullins · March 23, 2022 Trellix is continuing to monitor the threat activity related to the LAPSUS$ threat group and their recent breaches of large organizations such as NVIDIA, Samsung, Microsoft, and Okta. This...
Trellix Global Defenders: LAPSUS$ Data Breaches and Proactive Protections
Trellix Global Defenders: LAPSUS$ Data Breaches and Proactive Protections By Taylor Mullins · March 23, 2022 Trellix is continuing to monitor the threat activity related to the LAPSUS$ threat group and their recent breaches of large organizations such as NVIDIA, Samsung, Microsoft, and Okta. This...
Russia under Attack from New RURansom Wiper
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A series of Wiper Malware attacks have been launched in the continuing cyber war between Russia and Ukraine. Researchers have discovered the RURansom wiper malware, which adds to the current collection of harmful malware. The...
Pandora Ransomware Targets Multiple Plants around the Globe
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Pandora ransomware is a new operation that targets business networks and obtains data for double-extortion assaults and active since March 2022. DENSO, a Japanese auto parts manufacturers plant in Germany, and Global Wafers...
IBM Guardium Data Encryption has an unspecified vulnerability (CNVD-2022-20154)
IBM Guardium Data Encryption GDE is an application from IBM of America, Inc. IBM Guardium Data Encryption versions 4.0.0.0 and 5.0.0.0 contain a security vulnerability that stems from the fact that the software saves user information in a CSV form file with a comma as the separator symbol, but it...
Security Bulletin: IBM Guardium Data Encryption (GDE) has an information exposure vulnerability (CVE-2021-39025)
Summary An information Exposure was addressed in IBM Guardium Data Encryption GDE. Please apply the latest version for the fixes. Vulnerability Details CVEID: CVE-2021-39025 DESCRIPTION: IBM Guardium Data Encryption GDE could disclose internal IP address information when the web backend is down...
Security Bulletin: IBM Guardium Data Encryption (GDE) has a vulnerability (CVE-2021-39022), related to hazardous input.
Summary Vulnerability identified in IBM Guardium Data Encryption GDE, related to hazardous input. Please apply the latest version for the fixes. Vulnerability Details CVEID: CVE-2021-39022 DESCRIPTION: IBM Guardium Data Encryption GDE saves user-provided information into a Comma-Separated Value C...
CVE-2021-39022
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 saves user-provided information into a Comma-Separated Value CSV file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. IBM X-Force ID...
CVE-2021-39025
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863...
CVE-2021-39025
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863...
Code injection
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863...
Command injection
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 saves user-provided information into a Comma-Separated Value CSV file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. IBM X-Force ID...
CVE-2021-39025
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 could disclose internal IP address information when the web backend is down. IBM X-Force 213863...
CVE-2021-39025
CVE-2021-39025 affects IBM Guardium Data Encryption (GDE) components when the web backend is down, allowing disclosure of internal IP address information. Affected products/versions include GDE: DSM 4.0.0.0 to 4.0.0.7 (and 4.0.0.7 specifically), GCKM 1.10.1 and lower, and CT-VL 2.6.3 and lower; o...
CVE-2021-39022
IBM Guardium Data Encryption GDE 4.0.0.0 and 5.0.0.0 saves user-provided information into a Comma-Separated Value CSV file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software. IBM X-Force ID...
CVE-2021-39022
CVE-2021-39022 affects IBM Guardium Data Encryption (GDE) versions 4.0.0.0 and 5.0.0.0. The vulnerability arises because GDE saves user-provided information in a CSV file without proper escaping, enabling special elements to be interpreted as commands when the file is opened by spreadsheet softwa...
IBM Guardium Data Encryption 信息泄露漏洞
IBM Guardium Data Encryption GDE is a software application from IBM, USA. It provides a data security and compliance solution. A security vulnerability exists in IBM Guardium Data Encryption GDE versions 4.0.0.0 and 5.0.0.0, which stems from the ability to publicize internal IP address informatio...
IBM Guardium Data Encryption 安全漏洞
IBM Guardium Data Encryption GDE is an application from IBM of America, Inc. IBM Guardium Data Encryption versions 4.0.0.0 and 5.0.0.0 contain a security vulnerability that stems from the fact that the software saves user information in a CSV form file with a comma as the separator symbol, but it...
Security Bulletin: IBM Guardium Data Encryption is vulnerable to cross-site scripting (CVE-2020-7676)
Summary A vulnerability to cross-site scripting exists in angular.js which is used in IBM Guardium Data Encryption GDE. Please apply the latest version for the fixes. Vulnerability Details CVEID: CVE-2020-7676 DESCRIPTION: angular.js is vulnerable to cross-site scripting, caused by improper...
Security Bulletin: Vulnerability in IBM Guardium Data Encryption (GDE) (CVE-2021-20414)
Summary Vulnerabilities identified in IBM Guardium Data Encryption GDE. These vulnerability have been fixed in GDE - Guardium Tokenization Server 2.6.0.205. Please apply the latest version to obtain the fixes. Vulnerability Details CVEID: CVE-2021-20414 DESCRIPTION: IBM Guardium Data Encryption G...