The Facebook Pixel Hunt aims to unravel Facebook’s tracking methods. Will you join?

Browser developer Mozilla has announced a research project to provide insights into, and data about, a space that’s opaque to policymakers, researchers and users themselves. Tracking the trackers is the name of the game. Give up some of your data voluntarily to stop the involuntary collection by...

Europol Ordered to Delete Data of Individuals With No Proven Links to Crimes

The European Union's data protection watchdog on Monday ordered Europol to delete a vast trove of personal data it obtained pertaining to individuals with no proven links to criminal activity. "Datasets older than six months that have not undergone this Data Subject Categorisation must be erased,...

PT-2022-1686 · Microsoft · Windows Gdi +1

Name of the Vulnerable Software and Affected Versions: Windows GDI+ affected versions not specified Description: The issue is related to a lack of protection for internal data in the Windows GDI+ component, which can be exploited by a remote attacker to gain unauthorized access to a device. This...

The vulnerability of the GDI+ graphic library in Microsoft Windows operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the GDI+ graphics library in Microsoft Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Google and Facebook fined $240 million for making cookies hard to refuse

French privacy watchdog, the Commission Nationale de lInformatique et des Libertés CNIL, has hit Google with a 150 million euro fine and Facebook with a 60 million euro fine, because their websites—google.fr, youtube.com, and facebook.com—dont make refusing cookies as easy as accepting them. The...

France Fines Google, Facebook €210 Million Over Privacy Violating Tracking Cookies

The Commission nationale de l'informatique et des libertés CNIL, France's data protection watchdog, has slapped Facebook now Meta Platforms and Google with fines of €150 million $170 million and €60 million $68 million for violating E.U. privacy rules by failing to provide users with an easy opti...

Security Bulletin: Vulnerabilities in Apache Log4j impacts IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments (CVE-2021-45105, CVE-2021-45046)

Summary Vulnerabilities in Apache Log4j could result in a denial of service or remote code execution. These vulnerabilities may impact the IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments due to their uses of Apache Log4j for logging of messages and...

What you need to know about how cryptography impacts your security strategy

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest post of our Voice of the Community blog series post, Microsoft Security Product Marketing Manager Natalia Godyla talks with Taurus SA Co-founder...

PT-2022-6902 · Ibm · Ibm Aspera Faspex

Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex version 5.0.5 Description: The issue is related to an insecure configuration in the application, which may allow a remote attacker to gather sensitive information about the web application. This is due to insufficient...

PECB Certified Lead Ethical Hacker: Take Your Career to the Next Level

Cybercrime is increasing exponentially and presents devastating risks for most organizations. According to Cybercrime Magazine, global cybercrime damage is predicted to hit $10.5 trillion annually as of 2025. One of the more recent and increasingly popular forms of tackling such issues by...

Why I’m Proud to Protect Billions of People Worldwide

I decided to pursue a career in IT after working as a support engineer for internal employees as part of my very first job. It immediately opened my eyes to something that I found as interesting as I did shocking: Lots of people don’t understand information security — and what’s more, they don’t...

The vulnerability of the Ceph storage system, related to insufficient protection of registration data, allows attackers to gain access to confidential data and compromise its integrity.

The vulnerability of the Ceph storage system lies in the rehydration of user data. Exploiting this vulnerability allows an attacker to gain access to confidential data and compromise its integrity...

The vulnerability of the Application Control Block in FortiOS operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Application Control Block in FortiOS operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

How to Prevent Customer Support Help Desk Fraud Using VPN and Other Tools

It's no secret that the internet isn't a very safe place. And it's not hard to understand why. It's a medium that connects billions of people around the world that affords bad actors enough anonymity to wreak havoc without getting caught. It's almost as if the internet's tailor-made to enable sca...

The vulnerability of the FSLogix automated control software lies in the lack of protection for service data, allowing a malicious individual to gain unauthorized access to the device.

The vulnerability of the FSLogix automated desktop virtualization control software lies in the lack of protection for service data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to the device...

The vulnerability of HP LaserJet, PageWide, Scanjet Enterprise, and LaserJet Managed printer microprogramming software lies in the insufficient protection of operational data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of HP LaserJet, PageWide, Scanjet Enterprise, and LaserJet Managed printer microprogramming software is related to insufficient protection of operational data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

IBM Spectrum Protect Client Buffer Overflow Vulnerability (CNVD-2021-103663)

IBM Spectrum Protect formerly known as Tivoli Storage Manager is a data protection platform from IBM of America. The platform provides enterprises with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes. IBM Spectrum...

The vulnerability of the D-Link DIR-2640-US router’s microprogramming software lies in the insufficient protection of registration data, allowing attackers to elevate their privileges to the root level.

The vulnerability of the D-Link DIR-2640-US router’s microprogramming software is related to insufficient protection for registration data. Exploiting this vulnerability can allow attackers to elevate their privileges to the root level...

The vulnerability of the Jenkins automation server relates to a breach of data protection mechanisms, allowing attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Jenkins automation server relates to a breach of data protection mechanisms. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected information...

IBM Spectrum Protect Plus server-side request forgery vulnerability

IBM Spectrum Protect Plus is a data protection platform from IBM Corporation. The platform provides enterprises with a single point of control and management and supports backup and recovery for virtual, physical and cloud environments of all sizes.A security vulnerability exists in IBM Spectrum...