Google to delete location data of trips to abortion clinics

The historical overturning of Roe v. Wade in June prompted lawmakers and technology companies to respond with deep concern over the future of data. Google is one of those companies. In a post to "The Keyword" blog last week, Google said it will act further in protecting its users privacy by...

The vulnerability of the administrator.cfc component in the ColdFusio software interface allows a hacker to bypass security restrictions or execute arbitrary code.

The vulnerability of the administrator.cfc component in the ColdFusion software interface is related to insufficient protection of sensitive data. Exploiting this vulnerability allows an attacker to bypass security restrictions or execute arbitrary code...

The vulnerability of the Scripting component of the Java Runtime Environment and the Java Development Kit, which allows attackers to influence the integrity, accessibility, and confidentiality of protected information.

The vulnerability of the Scripting component of the Java Runtime Environment and the Java Development Kit application development tools is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to influence the integrity, accessibility, and...

The vulnerability in the implementation of the “info-get” configuration module for the “guestinfo.ignition.config.data” library in the Ignition library allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the info-get guestinfo.ignition.config.data configuration implementation in the Ignition library is related to insufficient protection for service data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

IBM Spectrum Protect Server Information Disclosure Vulnerability (CNVD-2022-60413)

IBM Spectrum Protect is a suite of data protection platforms from IBM Corporation in the United States. The platform provides enterprises with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. IBM Spectrum Protect...

IBM Spectrum Protect Denial of Service Vulnerability (CNVD-2022-60417)

IBM Spectrum Protect formerly known as Tivoli Storage Manager is a data protection platform from IBM USA. The platform provides enterprises with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. IBM Spectrum Protec...

IBM Spectrum Protect Plus Container Backup and Restore权限提升漏洞

IBM Spectrum Protect Plus is a suite of data protection platforms from IBM Corporation in the United States. The platform provides enterprises with a single point of control and management, and supports backup and recovery for virtual, physical and cloud environments of all sizes. IBM Spectrum...

The vulnerability of the MediaError message in the Mozilla Firefox browser, which allows a violator to disclose protected information

The vulnerability of the MediaError message in the Mozilla Firefox browser is related to insufficient protection of service data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Enterprise Server, Microsoft Office Web Apps Server, and Microsoft Office Online Server lies in the insufficient protection of operational data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Enterprise Server, Microsoft Office Web Apps Server, and Microsoft Office Online Server relates to insufficient protection of operational data. Exploiting this vulnerability can allow attackers to gain unauthorized access to...

The vulnerability of the PingID software for multi-factor authentication of applications in Windows, related to insufficient protection of registration data, allows a perpetrator to access confidential information.

The vulnerability of the PingID software for multi-factor authentication of applications involves insufficient protection of registration data. Exploiting this vulnerability can allow attackers to access confidential information...

CVE-2022-31112 Protected fields exposed via LiveQuery in parse-server

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions parse Server LiveQuery does not remove protected fields in classes, passing them to the client. The LiveQueryController now removes protected fields from the client respons...

The vulnerability of the Authenticated Code Module (ACM) in Intel microprogramming system BIOS allows a hacker to enhance their privileges.

The vulnerability of the Authenticated Code Module ACM in Intel microprogramming system BIOS is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow attackers to enhance their privileges...

IBM Security Guardium 跨站脚本漏洞

IBM Security Guardium is a suite of data protection features from IBM. The platform includes features such as custom UI, report management, and streamlined audit process building. IBM Security Guardium version 11.4 has a cross-site scripting vulnerability that stems from allowing users to embed...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s kernel is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Why a “Lift-and-shift” Cloud Migration Strategy Doesn’t Support Data Security

The classic 1982 Steven Spielberg horror film “Poltergeist” chronicles disturbing, unexplained paranormal activity happening in a suburban family’s idyllic home. As the activity becomes more sinister and terrifying, the family learns that their neighborhood was built on an old burial ground. It...

Italy Data Protection Authority Warns Websites Against Use of Google Analytics

Following the footsteps of Austria and France, the Italian Data Protection Authority has become the latest regulator to find the use of Google Analytics to be non-compliant with E.U. data protection regulations. The Garante per la Protezione dei Dati Personali, in a press release published last...

MGASA-2022-0239 Updated 389-ds-base packages fix security vulnerability

An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a filter that allows...

How the Evolution of Agents has Been Essential for Modern Database Security

In today’s data driven world, every organization’s most important asset is their data. Accordingly and similarly to other protected components like applications, web and peripheral gateways, databases require a dedicated security solution as well. An essential database security solution must...

5 Tips for Protecting Your Phone from Malware

By Deeba Ahmed Most people today depend on their phones entirely. Aside from being a portal to our social life, they… This is a post from HackRead.com Read the original post: 5 Tips for Protecting Your Phone from Malware...

The vulnerability of the Notification Configuration component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a perpetrator to gain unauthorized access to protected data or compromise the integrity of that data.

The vulnerability of the Notification Configuration component in the Oracle PeopleSoft Enterprise PeopleTools business application exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...