The vulnerability of the GraphQL API implementation of the Red Hat Advanced Cluster Security (RHACS) for Kubernetes allows a perpetrator to increase their privileges and gain unauthorized access to protected information.

The vulnerability of the GraphQL API implementation of the Red Hat Advanced Cluster Security RHACS for Kubernetes lies in the insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain unauthorized access to protected...

The vulnerability of the IBM QRadar Network Security intrusion prevention system, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM QRadar Network Security intrusion prevention system is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

CVE-2022-34367

Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contains a Cross-Site Request Forgery Vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations...

The vulnerability of the Mendix software platform for deploying and testing software applications allows a perpetrator to uncover the structure of the created project.

The vulnerability of the Mendix software deployment and application testing platform is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor to disclose the structure of the created project...

Cross site scripting

The ameostarteaucitron aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible extension before 1.2.23 for TYPO3 allows XSS...

A Privacy Panic Flares Up in India After Police Pull Payment Data

Nonprofit donors had their information given to law enforcement without consent, highlighting limited data protections in the world’s largest democracy...

TikTok Postpones Privacy Policy Update in Europe After Italy Warns of GDPR Breach

Popular video-sharing platform TikTok on Tuesday agreed to pause a controversial privacy policy update that could have allowed it to serve targeted ads based on users' activity on the social video platform without their permission to do so. The reversal, reported by TechCrunch, comes a day after...

PT-2022-3943 · Microsoft · Windows L2Tp +1

Name of the Vulnerable Software and Affected Versions: Windows Layer 2 Tunneling Protocol L2TP affected versions not specified Description: The issue is related to the implementation of the Layer 2 Tunneling Protocol L2TP in Windows, which is associated with insufficient protection of service dat...

PT-2022-4078 · Microsoft · Windows Gdi +1

Name of the Vulnerable Software and Affected Versions: Windows GDI+ affected versions not specified Description: The issue is related to insufficient protection of internal data in the Windows GDI+ component, which can be exploited to gain unauthorized access to protected information. This can...

Digital Guardian Agent Information Disclosure Vulnerability

Digital Guardian Agent is a widely used data protection platform for cloud environments from US-based Digital Guardian. Discover, categorize and control data movement across endpoints, networks and clouds. An information disclosure vulnerability exists in Digital Guardian Agent version 7.7.4.0042...

Europe threatens to ban Facebook over data transfers to the US

If regulators have their way, data transfers from Facebook and Instagram between Europe and the United States could stop this summer. WhatsApp, another Meta service, will not be affected by the decision as it has a different data controller within Meta. This could force Meta, Facebooks parent...

The vulnerabilities of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) systems, along with the integrated messaging system Cisco Unity Connection, stem from insufficient protection of operational data. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME systems, as well as the integrated messaging system Cisco Unity Connection, are related to insufficient protection of operational data. Exploiting these...

The vulnerability of Schneider Electric Data Center Expert, a monitoring software for equipment information, stems from insufficient protection of registration data. This allows attackers to gain full control over the monitoring software.

The vulnerability of the Schneider Electric Data Center Expert software monitoring tool for equipment information is related to insufficient protection of registration data. Exploiting this vulnerability could allow a malicious actor to gain full control over the software...

The vulnerability of the Node.js module and the control tools of App Connect Enterprise Certified Container allows a hacker to compromise protected information.

The vulnerability of the Node.js module related to the App Connect Enterprise Certified Container management tool is linked to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to compromise protected information...

The vulnerability of the SEPCOS Single Package software for the Secheron SEPCOS control and protection relays allows a intruder to disclose protected information.

The vulnerability of the SEPCOS Single Package control and protection relay system in Secheron SEPCOS is related to insufficient protection for registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information remotely...

A Quick Guide to GDPR (General Data Protection Requirements)

By Owais Sultan General Data Protection Regulation or GDPR is not a new data protection law by any means. It has… This is a post from HackRead.com Read the original post: A Quick Guide to GDPR General Data Protection Requirements...

How to Build and Enable a Cyber Target Operating Model

Cybersecurity is complex and ever-changing. Organisations should be able to evaluate their capabilities and identify areas where improvement is needed. In the webinar “Foundational Components to Enable a Cyber Target Operating Model,” – part two of our Cybersecurity Series – Jason Hart, Chief...

KuppingerCole rates Microsoft as outstanding in functionality for secure collaboration

We are excited to share that Microsoft has been rated "Outstanding in Functionality" in the KuppingerCole Market Compass for Secure Collaboration, May 2022. Microsoft was also the only company to be awarded the highest possible score of "Strong Positive" in all five categories: security,...

KuppingerCole rates Microsoft as outstanding in functionality for secure collaboration

We are excited to share that Microsoft has been rated "Outstanding in Functionality" in the KuppingerCole Market Compass for Secure Collaboration, May 2022. Microsoft was also the only company to be awarded the highest possible score of "Strong Positive" in all five categories: security,...

The Benefits of Including Static Data Masking in Your Security Arsenal

Static data masking SDM is defined as, “The act of permanently replacing sensitive data at rest with a realistic fictional equivalent for the purpose of protecting data from unwanted disclosure.” Industry analysts characterize SDM as a must-have data protection layer capable of protecting large...