A Starter Guide to Protecting Your Data From Hackers and Corporations

Hackers. AI data scrapes. Government surveillance. Thinking about where to start when it comes to protecting your online privacy can be overwhelming. Here’s a simple guide for you—and anyone who claims they have nothing to hide...

The vulnerability of the configuration @EnableMethodSecurity(mode=ASPECTJ) or spring-security-aspects in the Java framework for securing Spring-based industrial applications allows attackers to bypass the authentication process.

The vulnerability of the @EnableMethodSecurity'mode=ASPECTJ configuration or the spring-security-aspects Java framework for securing Spring-based industrial applications is related to a flaw in the data protection mechanism. Exploiting this vulnerability could allow an attacker to bypass...

Anonymity-Washing

Anonymization is a foundational principle of data privacy regulation, yet its practical application remains riddled with ambiguity and inconsistency. This paper introduces the concept of anonymity-washing -- the misrepresentation of the anonymity level of sanitized'' personal data -- as a critica...

Securing Credit Inquiries: the Role of Real-Time User Approval in Preventing SSN Identity Theft

Unauthorized credit inquiries are also a central entry point for identity theft, with Social Security Numbers SSNs being widely utilized in fraudulent cases. Traditional credit inquiry systems do not usually possess strict user authentication, making them vulnerable to unauthorized access. This...

CVE-2025-24108

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data...

CVE-2025-24092

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information...

CVE-2024-23275

A race condition was addressed with additional validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to access protected user data...

CVE-2024-23292

This issue was addressed with improved data protection. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An app may be able to access information about a user's contacts...

CVE-2024-27887

A path handling issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.4. An app may be able to access user-sensitive data...

CVE-2024-40795

This issue was addressed with improved data protection. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to read sensitive location information...

CVE-2024-49501

Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function...

CVE-2024-54547

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to access protected user data...

CVE-2024-54484

The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data...

CVE-2024-40830

This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps...

CVE-2024-40863

This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to leak sensitive user information...

CVE-2024-44149

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data...

CVE-2024-44130

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15. An app with root privileges may be able to access private information...

CVE-2024-37526

IBM Watson Query on Cloud Pak for Data IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0 could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism...

CVE-2024-39925

An issue was discovered in Vaultwarden formerly BitwardenRS 1.30.3. It lacks an offboarding process for members who leave an organization. As a result, the shared organization key is not rotated when a member departs. Consequently, the departing member, whose access should be revoked, retains a...

CVE-2024-38320

IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...