WhatsApp hit with €225 million fine for GDPR violations

WhatsApp was hit with a €225 million fine for violating the General Data Protection Regulation GDPR, the European Union’s sweeping data protection law that has been in effect for more than three years. The fine represents the highest ever penalty levied by the Irish Data Protection Commission,...

PT-2021-7634 · Microsoft · Edge For Android

Name of the Vulnerable Software and Affected Versions: Microsoft Edge for Android affected versions not specified Description: The issue is related to a lack of protection for internal data in Microsoft Edge for Android. Exploitation of this issue could allow a remote attacker to elevate their...

Affirm: IDOR to view order information of users and personal information

Summary: Broken access control is the method of controlling which users can perform a certain type of action or view set of data. Broken access control is a vulnerability that allows an attacker to circumvent those controls and perform more actions than they are allowed to, or view content they...

The vulnerability of the SAML-based authentication and access control implementation in NetIQ Access Manager allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SAML-based authentication and access control implementation of NetIQ Access Manager is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

A week in security (August 16 – August 22)

Last week on Malwarebytes Labs: Podcast: Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks. How to troubleshoot hardware problems that look like malware problems. Analysts “strongly believe” the Russian state colludes with ransomware gangs. macOS 11’s hidden security...

Empowering T-Mobile Consumers

Here's how the T-Mobile breach may affect you, and what you can do to protect your data...

The vulnerability of services for the NFS ONCRPC XDR driver on Windows operating systems allows a intruder to gain unauthorized access to protected information.

The vulnerability of services for the NFS ONCRPC XDR driver on Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of Azure Sphere operating systems, related to insufficient protection of sensitive data, allows attackers to gain unauthorized access to protected information.

The vulnerability of Azure Sphere operating systems is related to insufficient protection for service data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

Does a VPN Protect You from Hackers?

A virtual private network VPN is the perfect solution for a lot of issues you might experience online- accessing blocked sites, hiding your browsing activity, getting rid of internet throttling, finding better deals, and much more. But does a VPN protect you from hackers? Is your private...

IBM Security Guardium Information Disclosure Vulnerability (CNVD-2021-65731)

IBM Security Guardium is a suite of platforms from IBM USA that provides data protection capabilities. The platform includes features such as customizable UI, report management and streamlined audit process building. IBM Security Guardium has a security vulnerability that stems from the use of...

IBM Security Guardium Information Disclosure Vulnerability (CNVD-2021-61952)

IBM Security Guardium is a comprehensive data protection solution that provides comprehensive data security capabilities from compliance support to dynamic data shielding. An information disclosure vulnerability exists in IBM Security Guardium version 11.2. The vulnerability stems from a dependen...

CVE-2021-21601

Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be ab...

Design/Logic Flaw

Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be ab...

CVE-2021-21601

Dell EMC Data Protection Search, 19.4 and prior, and IDPA, 2.6.1 and prior, contain an Information Exposure in Log File Vulnerability in CIS. A local low privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be ab...

CVE-2021-21601

CVE-2021-21601 concerns Dell EMC Data Protection Search (19.4 and earlier) and IDPA (2.6.1 and earlier). The vulnerability is described as an information exposure in a log file vulnerability within the CIS, enabling a local, low-privileged attacker to disclose certain user credentials and use the...

DELL EMC Data Protection Search 日志信息泄露漏洞

DELL EMC Data Protection Search is a scalable indexing and search appliance from Dell USA that integrates with Avamar and NetWorker. A log information disclosure vulnerability exists in Dell EMC Data Protection Search that stems from an information exposure vulnerability in a log file included in...

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as customizable UI, report management and streamlined audit process building. IBM Security Guardium suffers from a security vulnerability that...

IBM Security Guardium 安全漏洞

IBM Security Guardium is a comprehensive data protection solution that provides comprehensive data security capabilities from compliance support to dynamic data shielding. An information disclosure vulnerability exists in IBM Security Guardium version 11.2. The vulnerability stems from a dependen...

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from IBM USA that provides data protection capabilities. The platform includes features such as customizable UI, report management and streamlined audit process building. IBM Security Guardium has a security vulnerability that stems from the use of...

PT-2021-3832 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to insufficient protection of service data in Azure Sphere operating systems, which could allow an attacker to gain unauthorized access to protected information...