The vulnerability of the audit log of the Cisco Digital Network Architecture (DNA) Center allows attackers to disclose protected information.

The vulnerability of the audit journal of the Cisco Digital Network Architecture DNA Center relates to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker to disclose protected information...

The vulnerability of the Cisco Redundancy Configuration Manager (RCM) operating system for StarOS allows a intruder to disclose protected information.

The vulnerability of the Cisco Redundancy Configuration Manager RCM operating system for StarOS is related to the lack of protection for mission-critical data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

PT-2022-2727 · Moodle +2 · Moodle +2

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: A flaw was found in Moodle where global search results could include author information on some activities where a user may not otherwise have access to it. The vulnerability is related to...

IBM Security Guardium 加密问题漏洞

IBM Security Guardium is a suite of platforms from IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building.IBM Security Guardium has a weak encryption algorithm vulnerability that stems from the fact...

A clearer lens on Zero Trust security strategy: Part 1

Todays world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and what it means. This first blog will draw on the past, present, and future to bring a clear vision while keeping our feet planted firmly on the...

The vulnerability of Puppet’s infrastructure automation tool, related to insufficient protection of registration data, allows a perpetrator to gain access to confidential information.

The vulnerability of the Puppet infrastructure automation tool is related to insufficient protection for registration data. Exploiting this vulnerability allows a remote attacker to gain access to confidential information...

The vulnerability of the PuppetDB database management system lies in the insufficient protection of registration data, allowing attackers to gain access to confidential information.

The vulnerability of the PuppetDB database management system is related to insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor to gain access to confidential information...

PT-2022-2539 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient protection of service data in the Cluster Shared Volumes CSV of Windows operating systems. This can allow an attacker to gain unauthorized access to...

PT-2022-2542 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient protection of internal data in the Windows operating system, which can be exploited to gain unauthorized access to protected information. This can allow...

PT-2022-2532 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient protection of service data in the Cluster Shared Volumes CSV file system of Windows operating systems. This can allow an attacker to gain unauthorized...

PT-2022-2902 · Microsoft · Ms Lync +1

Name of the Vulnerable Software and Affected Versions: Skype for Business Server affected versions not specified Description: The vulnerability is related to a lack of protection for service data in Skype for Business Server, which can allow a remote attacker to gain unauthorized access to...

PT-2022-2520 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient protection of service data in the Cluster Shared Volumes CSV of Windows operating systems. This can allow an attacker to gain unauthorized access to...

A week in security (April 4 – 10)

Last week on Malwarebytes Labs: Why data protection and privacy are not the same, and why that matters: Lock and Code S03E09 YouTube channels of Taylor Swift, Justin Bieber, Harry Styles, and other musicians compromised Successful operations against Russian Sandworm and Strontium groups targeting...

Why data protection and privacy are not the same, and why that matters: Lock and Code S03E09

Theres a mistake commonly made in the United States that a law that was passed to help people move their healthcare information to a new doctor or provider was actually passed to originally implement universal, wide-ranging privacy controls on that same type of information. This is the mixup with...

The vulnerability in the optimization application for Lenovo Thin Installer, related to insufficient protection of service data, allows a malicious actor to trigger a service failure.

The vulnerability of the optimization application for Lenovo Thin Installer is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker to cause service failures...

3 strategies to launch an effective data governance plan

Aware of the potential risks of sensitive data if not managed properly, you’ve undertaken a data discovery process to learn where it’s all stored. You’ve classified this sensitive data—confidential information like credit card numbers and home addresses collected from customers, prospects,...

3 strategies to launch an effective data governance plan

Aware of the potential risks of sensitive data if not managed properly, you’ve undertaken a data discovery process to learn where it’s all stored. You’ve classified this sensitive data—confidential information like credit card numbers and home addresses collected from customers, prospects,...

SUSE-SU-2022:1051-1 Security update for salt

This update for salt fixes the following issues: - CVE-2022-22935: Sign authentication replies to prevent MiTM bsc1197417 - CVE-2022-22934: Sign pillar data to prevent MiTM attacks. bsc1197417 - CVE-2022-22936: Prevent job and fileserver replays bsc1197417 - CVE-2022-22941: Fixed targeting bug,...

RAV Antivirus: How to Protect Your Data in 2022

By Owais Sultan Did you know that cybercrime has become more profitable than the global trade of all major illegal drugs… This is a post from HackRead.com Read the original post: RAV Antivirus: How to Protect Your Data in 2022...

The vulnerability of the web interface of D-Link DIR-X1860 Wi-Fi routers allows a intruder to gain unauthorized access to protected information.

The vulnerability of the web interface of D-Link DIR-X1860 Wi-Fi routers is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a specially created HTTP request...