Christmas socialising. Goodwill to all, and keep your devices safe

It’s that time of year again. Christmas parties, socialising, travelling, and time spent away from home. Seasonal socialising generally involves eating, drinking, and making merry, and there’s nothing wrong with that. The downside is that a “goodwill to all” attitude and an excess of alcohol caus...

The vulnerability of the Jackson-databind library, related to the lack of protection for service data, allows a hacker to read arbitrary files on the server.

The vulnerability of the Jackson-databind library is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to read arbitrary files on the server using a specially created JSON message...

IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments Information Disclosure Vulnerability (CNVD-2020-00252)

IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments are both products of IBM Corporation.IBM Spectrum Protect Backup-Archive Client is a set of client programs for IBM Spectrum Protect file backup, archiving. IBM Spectrum Protect Backup-Archive Client is a...

Senators Demand Amazon Disclose Ring Privacy Policies

Five U.S. Senators are demanding that Amazon disclose how it’s securing Ring home-security device footage – and who is allowed to access that footage. The demands, outlined in a Wednesday letter to Amazon CEO Jeff Bezos, come on the heels of several security vulnerabilities and privacy-related...

The vulnerability of the Segment component in Oracle Retail Customer Management and Segmentation Foundation software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Segment component of the Oracle Retail Customer Management and Segmentation Foundation software lies in the lack of protection for operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

The vulnerability of the “INSERT ... ON CONFLICT DO UPDATE” command implementation in the PostgreSQL database management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the “INSERT ... ON CONFLICT DO UPDATE” command in the PostgreSQL database management system is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Web Services sub-component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web Services sub-component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain...

SYS.2.2.3.A4

Ziel des Bausteins SYS.2.2.3 ist der Schutz von Informationen, die durch und auf Windows 10-Clients verarbeiten werden. Die Basis-Anforderung SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

4 Best Free Online Security Tools for SMEs in 2020

Cyberattacks on small and midsized companies in 2019 cost $200,000 per company on average, mercilessly putting many of them out of business, says CNBC in its analysis of a recent Accenture report. In light of the global cybersecurity skills shortage, the number is set to soar in 2020. Solely in t...

The Comprehensive Compliance Guide (Get Assessment Templates)

Complying with cyber regulations forms a significant portion of the CISO's responsibility. Compliance is, in fact, one of the major drivers in the purchase and implementation of new security products. But regulations come in multiple different colors and shapes – some are tailored to a specific...

Plugging the Data Leak in Manufacturing

More often than not, when then the internet of things IoT is brought up these days, it conjures images of Alexa, Siri and Cortana. These personal assistants can help users turn on a smart light bulb, flick on the oven and get you the day’s news, all in one fell swoop. However, IoT has evolved far...

Vital infrastructure: securing our food and agriculture

I don’t expect to hear any arguments on whether the production of our food is important or not. So why do we hardly ever hear anything about the cybersecurity in the food and agriculture sector? Depending on the country, agriculture makes up about 5 percent of the gross domestic product. That...

Microsoft to Apply California’s Privacy Law to All U.S. Users

Microsoft is extending a California law aimed at protecting users privacy to all of its users in the United States, an unexpected move supporting tougher requirements to disclose exactly how the company uses the consumer data it collects. The California Consumer Privacy Act, known as CCPA, is...

November 12, 2019—KB4523205 (OS Build 17763.864)

November 12, 2019—KB4523205 OS Build 17763.864 Note This release also contains updates for Microsoft HoloLens OS Build 17763.865 released November 12, 2019. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have...

The vulnerability of Norton Password Manager’s password manager component lies in the lack of protection for service data, which allows attackers to access and disclose the protected information.

The vulnerability of Norton Password Manager’s password manager component is related to the lack of protection for administrative data. Exploiting this vulnerability could allow a hacker to access and disclose the protected information...

Vulnerability of the Server component: Security: Encryption of the MySQL Server database management system, which allows attackers to gain unauthorized access to protected information.

The vulnerability of the MySQL Server component’s Security: Encryption module is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the MySQL network protocol...

OT Endpoint Information

This plugin returns information for an asset in an OT environment. File data ot500000.nasl...

PT-2019-5309 · Openstack +1 · Openstack-Mistral +1

Name of the Vulnerable Software and Affected Versions: openstack-mistral affected versions not specified Description: An information-exposure issue was found in openstack-mistral where undercloud log files containing clear-text information were made world readable. This could allow a malicious...

Seven Security Strategies, Summarized

This is the sort of story that starts as a comment on Twitter, then becomes a blog post when I realize I can't fit all the ideas into one or two Tweets. You know how much I hate Tweet threads, and how I encourage everyone to capture deep thoughts in blog posts! In the interest of capturing the...

Microsoft Cloud Security solutions provide comprehensive cross-cloud protection

The infrastructure, data, and apps built and run in the cloud are the foundational building blocks for a modern business. No matter where you are in your cloud journey, you likely utilize every layer of the cloud—from infrastructure as a service IaaS to platform as a service PaaS to software as a...