Lucene search
+L

375 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2021/06/28 12:0 a.m.9 views

#LetsTalkSecurity: Adapt or Die

Let's Talk Security: Season 02 // Episode 02: Host, Rik Ferguson, interviews Forrester Analyst, Allie Mellen. Together they discuss to adapt or die...

0.9AI score
Exploits0
OSV
OSV
added 2021/06/11 3:15 p.m.6 views

CVE-2021-20396

IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 196009...

3.3CVSS5.8AI score0.00249EPSS
Exploits0References2
CVE
CVE
added 2021/06/11 2:25 p.m.34 views

CVE-2021-20396

CVE-2021-20396 affects IBM QRadar Analyst Workflow App versions 1.0–1.18.0 for QRadar SIEM. The root issue is cacheable SSL Pages allowing locally stored web pages to be read by another user on the same system, with a CVSSv3.0 base score of 4.0 (medium) per IBM bulletin. Affected product: IBM Sec...

4CVSS3.5AI score0.00249EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/11 2:25 p.m.15 views

CVE-2021-20396

IBM QRadar Analyst Workflow App 1.0 through 1.18.0 for IBM QRadar SIEM allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 196009...

4CVSS3.5AI score0.00249EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2021/05/24 4:23 p.m.37 views

FBI Analyst Indicted for Theft of Osama bin Laden Threat Intel

An FBI analyst with top-secret security clearance illegally squirreled away national-security documents related to Osama bin Laden, al-Qaeda, cybersecurity and more in her home for years, the feds say. Kendra Kingsbury, who was working in the FBI’s Kansas City Division until being put on leave in...

6.8AI score
Exploits0References6
The Hacker News
The Hacker News
added 2021/05/22 8:35 a.m.121 views

FBI Analyst Charged With Stealing Counterterrorism and Cyber Threat Info

The U.S. Department of Justice DoJ indicted an employee of the Federal Bureau of Investigation FBI for illegally removing numerous national security documents and willfully retaining them at her personal residence during a 13-year period from June 2004 to December 2017. The federal indictment...

0.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/05/06 7:29 p.m.215 views

MDR Vendor Must-Haves, Part 9: Assigned Analyst Pods and Security Program Advisors

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” Every organization is unique, with different goals, missions, security maturities, staffing models, technologies...

7AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/04/23 11:16 a.m.62 views

We’re Hiring!

Were growing and we need to fill these 5 UK based roles: PHP Full-Stack Developer Pen Testing Consultant Red Team Support Digital Forensic Analyst IT Support Technician You can find all the details here. We think were a good bunch and there are some really good perks. If you have the skills and...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/17 9:13 a.m.79 views

What are the different roles within cybersecurity?

People talk about the cybersecurity job market like it's a monolith, but there are a number of different roles within cybersecurity, depending not only on your skill level and experience but on what you like to do. In fact, Cybercrime Magazine came up with a list of 50 cybersecurity job titles,...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/16 4:56 p.m.200 views

MDR Vendor Must-Haves, Part 7: Managed Response Actions

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” Security teams face unprecedented challenges as the threat landscape expands in scope and complexity. More...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2021/03/24 1:0 p.m.33 views

Women in Security Part 5: Meet Lavine Oluoch, Threat Analyst

This post is part of our Women’s History Month series - follow along with us on Twitter @VMwareCarbonBlack In continued celebration of Women’s History Month, we are excited to bring you our next featured security expert as a part of our six-part Women in Security series. Throughout March, we are...

7.1AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/03/17 12:0 a.m.9 views

XDR: Up-Leveling Security Integration

A single source of attack telemetry just won’t cut it anymore. See why IDC analyst Michael Suby believes that an XDR platform is a must-have for securing your enterprise...

2AI score
Exploits0
NVD
NVD
added 2021/03/09 9:15 p.m.19 views

CVE-2021-23273

The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a...

8CVSS0.00639EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/03/09 12:0 a.m.4 views

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook lies in the fact that when an operation is performed outside the buffer in memory, it allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure or execute arbitrary code using a specially created file with...

7.8CVSS8AI score0.02766EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/03/09 12:0 a.m.4 views

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook lies in the fact that an exception can occur when data is written beyond the buffer in memory. This allows a malicious actor to trigger a service failure or execute arbitrary code.

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure or execute arbitrary code using a specially created file with...

7.8CVSS8AI score0.02766EPSS
Exploits0References5Affected Software1
Carbon Black Blog
Carbon Black Blog
added 2021/03/08 2:0 p.m.40 views

Women in Security Part 1: Meet Taree Reardon, Senior Threat Analyst

This post is part of our Women’s History Month series - follow along with us on Twitter @VMwareCarbonBlack In celebration of International Women’s Day, we are excited to kick off our six-part Women in Security series. Throughout March, we will highlight outstanding women on the VMware Security...

0.2AI score
Exploits0
OSV
OSV
added 2021/02/10 2:32 a.m.108 views

GHSA-7GGW-H8PP-R95R October CMS Session ID not invalidated after logout

Impact When logging out, the session ID was not invalidated. This is not a problem while the user is logged out, but as soon as the user logs back in the old session ID would be valid again; which means that anyone that gained access to the old session cookie would be able to act as the logged in...

9.8CVSS9.5AI score0.02903EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2021/02/09 7:25 p.m.98 views

Security Bulletin: IBM Security QRadar Analyst Workflow add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2015-9251 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...

6.9CVSS0.6AI score0.99019EPSS
Exploits9Affected Software1
NVD
NVD
added 2020/10/29 4:15 p.m.18 views

CVE-2020-4724

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system...

9.3CVSS7.8AI score0.01482EPSS
Exploits0References2
NVD
NVD
added 2020/10/29 4:15 p.m.19 views

CVE-2020-4722

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force I...

9.3CVSS7.7AI score0.01482EPSS
Exploits0References2
Rows per page
Query Builder