Mobile threat defense and intelligence are a core part of cyber defense

The modern workplace is a mobile workplace. Today’s organizations rely on mobility to increase productivity and improve the customer experience. But the proliferation of smartphones and other mobile devices has also expanded the attack surface of roughly 5 billion mobile devices in the world, man...

The vulnerability of the Microsoft Authentication Library (MSAL), which stems from the lack of protection for service data, allows attackers to disclose the protected information.

The vulnerability of the Microsoft Authentication Library MSAL is related to the lack of protection for service data. Exploiting this vulnerability could allow a perpetrator to disclose the protected information...

The vulnerability of Microsoft Excel spreadsheet editors, as well as Microsoft Office and Office 365 products, allows attackers to gain unauthorized access to protected information.

The vulnerability of Microsoft Excel spreadsheet editors, as well as Microsoft Office and Office 365 products, is related to the lack of protection for operational data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information through a specially...

The vulnerability of the win32k component of the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of the win32k component in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information through a specially created application...

The vulnerability in the Firefox web browser, related to the lack of protection for service data, allows a hacker to gain unauthorized access to protected information.

The vulnerability in the Firefox web browser is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the process for creating management certificates, which involves identifying and accessing the server for service providers of Juniper Networks’ SBR Carrier, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the process for creating certificates that manage identity and access to servers for Juniper Networks SBR Carrier service providers is related to deficiencies in the protection of registration data. Exploiting this vulnerability could allow a perpetrator to gain unauthorized...

The vulnerability of the web interface of the Cisco HyperFlex hyper-converged infrastructure allows a attacker to execute a cross-site scripting attack.

The vulnerability of the web interface of the Cisco HyperFlex hyper-converged infrastructure is related to a breach in the data protection mechanism. Exploiting this vulnerability allows an attacker, operating remotely, to execute a cross-site scripting attack...

Understanding the Risk of Zero-Day Exploits

To protect your home from thieves, the easiest thing you can do is lock your windows and doors every time you leave the house. Similarly, in cybersecurity, the easiest way to protect your network is to keep your hardware and applications up to date with the latest security patches. But how do you...

The vulnerability of the Intel Platform Trust Technology (PTT) platform for storing account data and managing keys, along with the microsoftware Intel Trusted Execution Engine (TXE) and Intel Server Platform Services, arises from the lack of protection for operational data. This allows attackers to gain access to the cryptographic keys stored in the Trusted Platform Module (TPM).

The vulnerability of the Intel Platform Trust Technology-based data storage and key management platform, along with the Intel Trusted Execution Engine software and Intel Server Platform Services, is related to the lack of protection for sensitive data. Exploiting this vulnerability could allow a...

‘Tis the Season for Holiday Cyber Heists

‘Tis the season for cyberattacks, particularly when it comes to the retail industry. According to the VMware Carbon Black Threat Analysis Unit TAU, retail organizations may see a noticeable spike in attempted cyberattacks during the holiday season. Click here to download the full report TAU’s...

SYS.2.2.2.A9

Ziel des Bausteins SYS.2.2.2 ist der Schutz von Informationen, die durch und auf Windows 8.1-Clients verarbeiten werden. Die Standard-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify...

The vulnerability of the Google Chrome browser, related to the lack of protection for service data, allows attackers to disclose protected information.

The vulnerability of the Google Chrome browser is related to the lack of protection for service data. Exploiting this vulnerability can allow a hacker to disclose the protected information...

The vulnerability in the implementation of the API technology used by CSS Paint in the Google Chrome browser allows attackers to disclose protected information.

The vulnerability of the API implementation in Google Chrome’s CSS Paint technology lies in the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information through a specially created HTML page...

EFF Talks the Corporate Surveillance of Consumers

You can’t protect your privacy if you don’t know how it’s being violated. That’s the essence of a report by the Electronic Frontier Foundation that shines a bright disinfecting light on how corporations are collecting data on consumers. Think Facebook-like data collection on steroids and you begi...

The vulnerability of the Win32k component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Win32k component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Web page rendering module in WebKitGTK+ lies in the lack of protection for service data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the WebPage rendering module in WebKitGTK+ relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information through a specially created web page...

The vulnerability of Eclipse Jetty servlet containers, related to the lack of protection for service data, allows attackers to exploit the protected information.

The vulnerability of Eclipse Jetty servlet containers is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

ThreatList: Healthcare Breaches Spike in October

October experienced a 44.44 percent month-over-month increase in healthcare data breaches, resulting in 661,830 healthcare records exposed or stolen during the month. That’s according to the Health and Human Services HHS Office for Civil Rights’ monthly report reported via HIPAA Journal. The...

Christmas socialising. Goodwill to all, and keep your devices safe

It’s that time of year again. Christmas parties, socialising, travelling, and time spent away from home. Seasonal socialising generally involves eating, drinking, and making merry, and there’s nothing wrong with that. The downside is that a “goodwill to all” attitude and an excess of alcohol caus...

The vulnerability of the Jackson-databind library, related to the lack of protection for service data, allows a hacker to read arbitrary files on the server.

The vulnerability of the Jackson-databind library is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to read arbitrary files on the server using a specially created JSON message...