PT-2023-6698 · Ibm · Ibm Spectrum Virtualize

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Virtualize versions 8.2 through 8.5 Description: The issue is related to insufficient protection of internal data in the graphical user interface of the software, which can be exploited by an authenticated user to execute arbitra...

The Definitive Browser Security Checklist

Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it ...

The vulnerability of Windows Event Tracing service allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Windows Event Tracing in operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability

Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation. The issue, tracked as CVE-2022-42856, is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code execution when...

PT-2023-1367 · Vmware · Vmware Vrealize Log Insight

Name of the Vulnerable Software and Affected Versions: VMware vRealize Log Insight affected versions not specified Description: The issue is related to an information disclosure vulnerability. A malicious actor can remotely collect sensitive session and application information without...

Microsoft Security innovations from 2022 to help you create a safer world today

The start of a new year is always a great time for reflection—to be grateful for all we have and the progress security teams have made as well as look ahead to how we can reshape the security landscape. I use this time to think about goals for the future, and to reflect on the highlights,...

Microsoft Security innovations from 2022 to help you create a safer world today

The start of a new year is always a great time for reflection—to be grateful for all we have and the progress security teams have made as well as look ahead to how we can reshape the security landscape. I use this time to think about goals for the future, and to reflect on the highlights,...

Digital event highlights new features in Microsoft Purview

Keeping your company and customer data secure has never been more complex. With multiple clouds, legacy on-premises systems, and numerous devices, it can be hard to keep track of what data you have and where it lives. On top of that, ever-changing employee roles make managing who has access to wh...

Digital event highlights new features in Microsoft Purview

Keeping your company and customer data secure has never been more complex. With multiple clouds, legacy on-premises systems, and numerous devices, it can be hard to keep track of what data you have and where it lives. On top of that, ever-changing employee roles make managing who has access to wh...

TikTok CEO told to "step up efforts to comply" with digital laws

EU Commissioner Thierry Breton, the EU's digital policy chief, "explicitly conveyed" to TikTok CEO Shou Zi Chew that the company must "step up efforts to comply" with the European Union's rules on copyright, data protection, and the Digital Services Act DSA--an EU regulation setting out "an...

PT-2023-5814 · Apple · Ios +4

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 16.3 iOS versions prior to 16.3 tvOS versions prior to 16.3 watchOS versions prior to 9.3 Description: The issue is related to the AppleMobileFileIntegrity component and is caused by a lack of protection for service...

WordPress plugin EU Cookie Law for GDPR/CCPA 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

The vulnerability of the Windows operating system’s kernel allows a hacker to gain unauthorized access to the device.

The vulnerability of the Windows operating system’s kernel is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the device...

WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws

The Irish Data Protection Commission DPC on Thursday imposed fresh fines of €5.5 million against Meta's WhatsApp for violating data protection laws when processing users' personal information. At the heart of the ruling is an update to the messaging platform's Terms of Service that was imposed in...

WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws

The Irish Data Protection Commission DPC on Thursday imposed fresh fines of €5.5 million against Meta's WhatsApp for violating data protection laws when processing users' personal information. At the heart of the ruling is an update to the messaging platform's Terms of Service that was imposed in...

The vulnerability of Microsoft Exchange Server servers, related to the lack of protection for service data, allows attackers to disclose protected information.

The vulnerability of Microsoft Exchange Server lies in the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of Windows operating system’s Cryptographic Services allows attackers to enhance their privileges.

The vulnerability of Windows operating system’s Cryptographic Services is related to insufficient protection of service data. Exploiting this vulnerability can allow attackers to enhance their privileges...

Introducing Proactive API Leak Management

Read the press release announcing the early release of Wallarm API Leak Management The recent surge in hacks involving leaked API Keys and other API secrets such as credentials, passwords, certificates, tokens and encryption keys has put everyone involved on notice – organizations need a way to...

Wallarm Releases New End-to-End Solution to Reduce Risk and Time-to-Remediate Leaked API Keys and Secrets

Advancement to API Security Technology Will Combat Recent Surge in Hacks Leveraging Leaked API; Early Release Now Available San Francisco, CA –BUSINESS WIRE– January 19, 2023 – Wallarm, the end-to-end API security company, today announced the early release of the Wallarm API Leak Management...

The vulnerability of Microsoft Visio graphic editors, Microsoft Office programs, and 365 Apps for Enterprise, related to insufficient protection of sensitive data, allows attackers to gain unauthorized access to protected information.

The vulnerability of Microsoft Visio graphic editors, Microsoft Office programs, and 365 Apps for Enterprise is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected information...