A better cloud access security broker: Securing your SaaS cloud apps and services with Microsoft Cloud App Security

Today’s business uses an average of 1,180 cloud apps¹, with many of those organizations securing their apps through cloud access security brokers CASB. The organizational need for a CASB has grown alongside the use of cloud apps to enable remote work and greater user productivity. When security...

A better cloud access security broker: Securing your SaaS cloud apps and services with Microsoft Cloud App Security

Today’s business uses an average of 1,180 cloud apps¹, with many of those organizations securing their apps through cloud access security brokers CASB. The organizational need for a CASB has grown alongside the use of cloud apps to enable remote work and greater user productivity. When security...

Malaysia Air Downplays Frequent-Flyer Data Breach

Malaysia Airlines sent out an email to frequent flyer program members assuring them that there’s “no evidence” their personal data has been misused in the wake of a supply-chain attack via a third-party vendor. However, experts think that’s unlikely. And, they say the repercussions could be...

Compliance joins Microsoft Intelligent Security Association (MISA)

Like many of you, I’m thrilled to have my 2020 calendar safely in the recycling pile. During that time though, you too might have noticed how, perhaps unknowingly, you were able to turn some of last year’s lemons into lemonade. Maybe you developed a deeper appreciation for everyday moments and th...

The vulnerability of the JUnit4 library, related to the lack of protection for service data, allows attackers to disclose protected information.

The vulnerability of the JUnit4 library is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose the protected information...

Why do companies fail to stop breaches despite soaring IT security investment?

Let's first take a look back at 2020! Adding to the list of difficulties that surfaced last year, 2020 was also grim for personal data protection, as it has marked a new record number of leaked credentials and PI data. A whopping 20 billion records were stolen in a single year, increasing 66% fro...

The vulnerability of the implementation of the PFX (PKCS#12 – Public-Key Cryptography Standards) cryptography technology in Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the PFX PKCS12 – Public-Key Cryptography Standards cryptographic technology implementation in Microsoft Windows operating systems is related to the lack of protection for confidential data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to...

The vulnerability of the WebView component in Google Chrome web browsers allows a hacker to gain unauthorized access to protected information.

The vulnerability of the WebView component in Google Chrome browsers relates to the lack of protection for transmitted data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the DevTools set of tools in the Google Chrome web browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the DevTools set of tools in the Google Chrome web browser is related to the lack of protection for service data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the Performance API component in the Google Chrome web browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Performance API component in the Google Chrome web browser is related to the lack of protection for the transmitted data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of Skype for Business Server (Microsoft Lync Server) in corporate communication servers, related to the lack of protection for operational data, allows attackers to carry out spoofing attacks.

The vulnerability of Skype for Business Server Microsoft Lync Server corporate communication servers is related to errors in information representation by the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks remotely...

The vulnerability of Microsoft Teams for iOS, related to the lack of protection for sensitive data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Teams corporate platform for iOS is related to the lack of protection for sensitive data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to the lack of protection for service data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Windows operating system’s kernel, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system’s kernel is related to the lack of protection for privileged data. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of Microsoft Edge browser for Android, related to the lack of protection for service data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Microsoft Edge browser for Android is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Microsoft Windows Graphics Component on Windows operating systems, allowing a hacker to execute arbitrary code.

The vulnerability of the Microsoft Windows Graphics Component in Windows operating systems is related to the lack of protection for service data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Apache ActiveMQ software platform lies in the lack of protection for service data, which allows attackers to execute arbitrary code.

The vulnerability of the Apache ActiveMQ software platform lies in the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The Weakest Link in Your Security Posture: Misconfigured SaaS Settings

In the era of hacking and malicious actors, a company's cloud security posture is a concern that preoccupies most, if not all, organizations. Yet even more than that, it is the SaaS Security Posture Management SSPM that is critical to today's company security. Recently Malwarebytes released a...

The vulnerability of the software platform for conducting marketing campaigns, both online and offline, in Adobe Campaign Classic, arises from insufficient verification of incoming requests. This allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the software platform used for conducting marketing campaigns, both online and offline, in Adobe Campaign Classic is related to insufficient verification of incoming requests. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected...

PT-2021-2085 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint affected versions not specified Description: The issue is related to a lack of protection for service data in Microsoft SharePoint. This allows a remote attacker to gain unauthorized access to protected information. The...