Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

The Irish Data Protection Commission DPC has announced that it has commenced a "Cross-Border statutory inquiry" into Google's foundational artificial intelligence AI model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal dat...

The vulnerability of Microsoft Publisher software lies in its data protection mechanisms being breached, allowing attackers to circumvent existing security restrictions.

The vulnerability of Microsoft Publisher software is related to a flaw in the data protection mechanism. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...

The vulnerability of the Mark of the Web mechanism in Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of the Mark of the Web mechanism in Windows operating systems is related to the breach of data protection mechanisms. Exploiting this vulnerability allows a remote attacker to circumvent existing security restrictions...

The vulnerability of the software platforms for developing and managing Magento Open Source and Adobe Commerce online stores lies in the insufficient protection of sensitive data. This allows attackers to circumvent security restrictions.

The vulnerability of the software platforms for developing and managing Magento Open Source and Adobe Commerce online stores is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions remotely...

ROS-20240911-06

A vulnerability in the stack protection feature of the GNU Compiler Collection GCC for different programming languages is due to a data protection mechanism violation. Collection GCC is related to a breach of the data protection mechanism. Exploitation of the vulnerability could allow an attacker...

Our 4 Essential Strategy Takeaways from the Gartner® 2024 Report – How to Prepare for Ransomware Attacks

As ransomware threats continue to evolve, security and risk management leaders must stay ahead by adopting comprehensive strategies to protect their organizations. The 2024 Gartner report, “How to Prepare for Ransomware Attacks”, provides critical insights into the latest tactics used by bad acto...

What You Need to Know About Grok AI and Your Privacy

xAI’s generative AI tool, Grok AI, is unhinged compared to its competitors. It’s also scooping up a ton of data that people post on X. Here’s how to keep your posts out of Grok—and why you should...

The vulnerability of the Python interpreter of the Cisco NX-OS operating system for Cisco Nexus switches allows a hacker to execute arbitrary commands.

The vulnerability of the Python interpreter in the Cisco NX-OS operating system of Cisco Nexus switches is related to a breach in the data protection mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database

The Dutch Data Protection Authority Dutch DPA has imposed a fine of €30.5 million $33.7 million against facial recognition firm Clearview AI for violating the General Data Protection Regulation GDPR in the European Union E.U. by building an "illegal database with billions of photos of faces,"...

PT-2024-6472 · Veeam · Veeam Reporter Service +1

Name of the Vulnerable Software and Affected Versions: Veeam Reporter Service affected versions not specified Description: A vulnerability exists in Veeam Reporter Service that allows an attacker to access the NTLM hash of the service account. This attack requires user interaction and data...

The vulnerability of the Hotspot component in Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform allows a malicious individual to gain unauthorized access to read or modify data.

The vulnerability of the Hotspot component in Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized acce...

ROS-20240829-01

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to resource release errors. resource release errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the Core component of the Oracle V...

The vulnerability of the SCADA system MasterSCADA, related to deficiencies in data protection, allows a intruder to gain access to the project’s web server.

The vulnerability of the SCADA system MasterSCADA is related to deficiencies in data protection. Exploiting this vulnerability can allow an intruder to gain unauthorized access to the project’s web server by reverting the password hash value...

The vulnerability of the SCADA system MasterSCADA, related to deficiencies in data protection, allows a intruder to gain access to the project configuration file.

The vulnerability of the SCADA system MasterSCADA is related to deficiencies in data protection. Exploiting this vulnerability can allow an intruder to gain unauthorized access to the project configuration file by rewriting the password hash value...

Dutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S.

The Dutch Data Protection Authority DPA has fined Uber a record €290 million $324 million for allegedly failing to comply with European Union E.U. data protection standards when sending sensitive driver data to the U.S. "The Dutch DPA found that Uber transferred personal data of European taxi...

Unpacking Slack Hacks: 6 Ways to Protect Sensitive Data with Secure Collaboration

Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point: Disney suffered a devastating data leak by a hacktivist group known as NullBulge that got ho...

The vulnerability of Zoom’s video conferencing software lies in the insufficient protection of registration data, allowing attackers to disclose sensitive information.

The vulnerability of Zoom’s video conferencing software relates to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that is protected by the system...

The vulnerability of the application software interface of the CloudStack software platform for managing virtual machine environments allows a attacker to compromise the confidentiality of the protected information.

The vulnerability of the application software interface of the CloudStack software platform for managing virtual machine environments is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of the protected...

ROS-20240822-01

The vulnerability of the hubportinit function of the core component of the Linux operating system kernel is related to reading outside the memory boundaries. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity and availability of protected informatio...

CVE-2024-43403

Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The "edit" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate...