CVE-2020-25169 Reolink P2P Cameras

The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds...

The vulnerability of the NTLM protocol implemented by the Windows operating system lies in the lack of protection for service data, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the NTLM protocol implemented by the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Bot Framework SDK, related to the lack of protection for service data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Bot Framework SDK is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the components of the audit log system for Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Emergency Responder, Cisco Message Exchange System Cisco Unity Connection, and the software for managing license issuance called Cisco Prime License Manager (PLM) allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the components of the audit system for Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Emergency Responder, Cisco Message Exchange Syst...

How companies are securing devices with Zero Trust practices

Organizations are seeing a substantial increase in the diversity of devices accessing their networks. With employees using personal devices and accessing corporate resources from new locations in record numbers, IT leaders are seeing an increase in their attack surface area. They’re turning to Ze...

IBM Security Guardium Command Injection Vulnerability

IBM Security Guardium is a comprehensive data protection solution that provides comprehensive data security capabilities from compliance support to dynamic data shielding. A command injection vulnerability exists in IBM Security Guardium 10.6, 11.2. A local attacker could exploit this vulnerabili...

Principles for personal information security legislation

It goes without saying that the 117th US Congress has a lot to get done and many legitimate priorities are competing for finite legislative attention. Cybersecurity will be in this mix. In the wake of the SolarWinds attack, President-elect Biden issued a statement emphasizing that his...

Importance of Application Security and Customer Data Protection to a Startup

When you are a startup, there are umpteen things that demand your attention. You must give your hundred percent probably even more! to work effectively and efficiently with the limited resources. Understandably, the application security importance may be pushed at the bottom of your things-to-do...

CVE-2020-27858

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CA Arcserve D2D 16.5. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getNews method. Due to the improper restriction of XML External Entity...

The vulnerability of the Mozilla Firefox browser, related to the lack of protection for service data, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Mozilla Firefox browser is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

Umbrella_android - Digital And Physical Security Advice App

Umbrella is an Android mobile app developed by Security First that provides human rights defenders with the information on what to do in any given security situation and the tools to do it. It allows the user to choose what they want to do, such as: protect data; securely make a call/email;...

The vulnerability of the software development package for Azure SDK for C lies in a flaw related to data protection mechanisms. This flaw allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Azure SDK for C development software package is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the confidentiality and integrity of the protected information...

The vulnerability of the Kerberos protocol implemented in Windows operating systems allows attackers to compromise the integrity of protected information.

The vulnerability of the Kerberos protocol in the Windows operating system is related to a breach of the data protection mechanism. Exploiting this vulnerability allows an attacker, acting remotely, to compromise the integrity of the protected information...

The vulnerability of the Azure SDK for Java development software package lies in a data protection mechanism flaw, which allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Azure SDK for Java development software package is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the confidentiality and integrity of the protected information...

PT-2021-1599 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a lack of protection for service data in the TPM device driver of the Windows operating system. This can allow an attacker to gain unauthorized access to protected...

IBM Spectrum Protect Plus Information Disclosure Vulnerability (CNVD-2021-03028)

IBM Spectrum Protect Plus is a data protection and availability solution for virtualized environments that can be deployed in minutes and protect your environment in less than an hour. An information disclosure vulnerability exists in IBM Spectrum Protect Plus 10.1.0-10.1.6. An attacker could...

Forcepoint and Microsoft: Risk-based access control for the remote workforce

This blog post is part of the Microsoft Intelligence Security Association MISA guest blog series. Learn more about MISA here. Adopting cloud-based services as part of an organization’s digital transformation strategy is no longer optional, its a necessity. Last year, only 18 percent of the...

The vulnerability of the integrated enterprise management system of Microsoft Dynamics NAV, related to the lack of protection for operational data, allows a perpetrator to gain access to protected information.

The vulnerability of the integrated Microsoft Dynamics NAV enterprise management system is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to gain access to protected information...

The vulnerability of the “Basic HTTP Authentication” method used by the CmtViewer application for controlling programmable panels arises from the lack of protection for the transmitted data. This allows a hacker to gain access to the system.

The vulnerability of the “Basic HTTP Authentication” method used by the CmtViewer application for controlling programmable panels is related to the lack of protection for the transmitted data. Exploiting this vulnerability could allow a remote attacker to gain access to the system...

Third-Party APIs: How to Prevent Enumeration Attacks

When organizations use APIs – the next frontier in cybercrime – to engage with third parties, it’s crucial they understand the associated security exposure they’re introducing. To do so, they must think like a hacker to evaluate whether or not they are introducing a problem or a solution for thei...