PT-2021-1959 · Microsoft · Edge For Android

Name of the Vulnerable Software and Affected Versions: Microsoft Edge for Android affected versions not specified Description: The issue is related to a lack of protection for service data in Microsoft Edge for Android. Exploitation of this issue may allow an attacker to gain unauthorized access ...

PT-2021-1924 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a lack of protection for service data in the Windows Local Print Spooler Service. This allows a remote attacker to execute arbitrary code on the system...

PT-2021-2077

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to the implementation of PFX encryption technology in Microsoft Windows, specifically concerning the lack of protection for service data. This could allow an...

The vulnerability of the software platform for conducting marketing campaigns, both online and offline, in Adobe Campaign Classic, arises from insufficient verification of incoming requests. This allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the software platform used for conducting marketing campaigns, both online and offline, in Adobe Campaign Classic is related to insufficient verification of incoming requests. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected...

PT-2021-1925 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a lack of protection for service data in the implementation of the TCP/IP protocol in Windows operating systems. This allows a remote attacker to execute arbitrary...

NCIJTF Releases Ransomware Factsheet

The National Cyber Investigative Joint Task Force NCIJTF has released a joint-sealed ransomware factsheet to address current ransomware threats and provide information on prevention and mitigation techniques. The Ransomware Factsheet was developed by an interagency group of subject matter experts...

Automating and operationalizing data protection with Dataguise and Microsoft Information Protection

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. In technical literature, the terms data discovery, classification, and tagging are sometimes used interchangeably, but there are real differences in what they actually mean—and each...

Automating and operationalizing data protection with Dataguise and Microsoft Information Protection

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. In technical literature, the terms data discovery, classification, and tagging are sometimes used interchangeably, but there are real differences in what they actually mean—and each...

Security Bulletin: Vulnerability in IBM WebSphere Application Server Liberty affects IBM Spectrum Protect Backup-Archive Client web user interface, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments

Summary A vulnerability IBM WebSphere Application Server Liberty could allow an attacker to obtain sensitive information. This vulnerability may affect the IBM Spectrum Protect Backup-Archive Client web user interface, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtua...

2021 KuppingerCole Leadership Compass names Imperva an overall leader for Database and Big Data Security

It is my pleasure to report that in their 2021 overview of the market for Database and Big Data Security solutions, leading technology analyst KuppingerCole has identified Imperva as an Overall Leader for the first time. Imperva scored five out of five for product security, functionality,...

Why Data Security and Privacy in the digital age are crucial

Privacy is considered a basic human right but, with so much of our personal data now ‘out there’ in cyberspace, how private can it really be? Data is everywhere, and with rising internet usage, an increase in cloud technologies, and our growing reliance on IoT devices, it continues to grow...

3 tips to top up your privacy

Its Data Privacy Day—the perennial event that many internet users may have never heard of, but have strong feelings and opinions about the very things that birthed it in the first place. Originally created to help businesses learn about why online privacy matters, its reach has since extended to...

Why Data Privacy Day matters

Our Lock and Code special episode on Data Privacy Day, featuring guests from Mozilla, DuckDuckGo, and Electronic Frontier Foundation can be listened to here. Today, January 28, is Data Privacy Day, the annual, multinational event in which governments, companies, and schools can inform the public...

IBM Security Guardium Improper Access Control Vulnerability

IBM Security Guardium is a comprehensive data protection solution that offers a full range of data security features from compliance support to dynamic data shielding. An improper access control vulnerability exists in IBM Security Guardium 11.2. An attacker could exploit the vulnerability to gai...

IBM Security Guardium Information Disclosure Vulnerability

IBM Security Guardium is a comprehensive data protection solution that offers a full range of data security features from compliance support to dynamic data shielding. An information disclosure vulnerability exists in IBM Security Guardium 11.2. An attacker could exploit this vulnerability to...

Data Privacy Day

January 28 is Data Privacy Day DPD, an annual effort promoting data privacy awareness and education. This year’s DPD events, sponsored by the National Cyber Security Alliance NCSA, focus on how to Own Your Privacy. The NCSA teaches users how to protect valuable data online, while encouraging...

The vulnerability in the implementation of the “moz-icon:“ protocol of the Mozilla Firefox browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the “moz-icon:“ protocol implementation in Mozilla Firefox is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability in the loading of Mozilla Firefox browser extensions allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Mozilla Firefox browser extensions relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information by loading a specially created script...

Information disclosure

The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds...

CVE-2020-25169

The CVE-2020-25169 issue affects Reolink P2P cameras, where data transferred between the local device and Reolink servers may be exposed due to cleartext transmission of sensitive information. The advisory notes a high risk with CVSS v3 base score up to 9.1 (ATT&CK context not explicitly listed i...