160 matches found
CVE-2017-14651
WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...
Challenges of Big Data Security – Whiteboard Wednesday [Video]
Database security best practices are also applicable for big data environments. The question is how to achieve security and compliance for big data environments given the challenges they present. Issues of volume, scale, and multiple layers/technologies/instances make for a uniquely complex...
Database of Over 198 Million U.S. Voters Left Exposed On Unsecured Server
Information on more than 198 Million United States citizens, that's over 60% of the US population, was exposed in what's believed to be the largest ever known exposure of voter-related to date. This blunder was caused by Deep Root Analytics DRA, a data analytics firm employed by the US Republican...
InsightVM: Analytics-driven Vulnerability Management, All The Way To The End(point)
In 2015 Rapid7 introduced the Insight platform, built to reduce the complexity inherent in security analytics. This reality was introduced first to our InsightIDR users, who now had the capabilities of a SIEM, powered by user behavior analytics UBA and endpoint detection. Soon we started to roll...
CVE-2017-5682
Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...
Code injection
Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography for Intel Integrated Performance Primitives,...
Intel PSET Application Install wrapper contains an escalation of privilege vulnerability.
Summary: Intel PSET Application Install wrapper contains an escalation of privilege vulnerability. Description: Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer a...
Consortium Publishes Manifesto on Autonomous Vehicle Security
Intel, Uber and IoT company Aeris have joined forces in an effort aimed at fostering industry cooperation when it comes to building safety features into autonomous vehicles and the systems that support them. Today the group, which goes by the name Future of Automotive Security Technology Research...
Incident Detection and Investigation - How Math Helps But Is Not Enough
I love math. I am even going to own up to having been a "mathlete" and looking forward to the annual UVM Math Contest in high school. I pursued a degree in engineering, so I can now more accurately say that I love applied mathematics, which have a much different goal than pure mathematics. Taking...
SAP HANA Remote Security Bypass Vulnerability
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions, users can directly query and analyze a large amount of real-time business data. A remote security bypass vulnerability exists in SAP HANA. An attacker could exploit this issue to...
WSO2 Carbon Products Detection (HTTP)
HTTP based detection of WSO2 Carbon products. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
SAP HANA Security Bypass Vulnerability
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions, users can directly query and analyze a large amount of real-time business data. A security bypass vulnerability exists in SAP HANA. An attacker could exploit this vulnerability t...
Multiple Cross-Site Scripting Vulnerabilities in HP Smart Profile Server Data Analytics Layer
HP Smart Profile Server Data Analytics Layer is a product from Hewlett-Packard HP designed for communications service providers to manage and analyze customer data for telecom business needs. Multiple cross-site scripting vulnerabilities exist in HP Smart Profile Server Data Analytics Layer versi...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in HP Smart Profile Server Data Analytics Layer SPS DAL 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-5444
Multiple cross-site scripting XSS vulnerabilities in HP Smart Profile Server Data Analytics Layer SPS DAL 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-5444
Multiple cross-site scripting XSS vulnerabilities in HP Smart Profile Server Data Analytics Layer SPS DAL 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Avoiding Data Breaches: Context Aware Behavioral Analytics
RESTON, VA – Security, it turns out, is all about layers, where if one layer fails, there are secondary and tertiary and a long line of backup defenses. This is neither new nor revolutionary. It’s why castles had moats, drawbridges and parapets; it’s also why prisons have cells, walls and gates...
Use VoIP – or Copper
Google Voice is a free VOIP service that can be used to create “throw away” voice accounts for travelers. Having your conversations handled on Google’s infrastructure also provides a measure of security over foreign telecommunications networks, which – depending on the country – could cooperating...
In UK Analytics Software Provides Enhanced (Online) Interrogation For Fraud Suspects
A recent report by the UK’s Serious Organized Crime Agency SOCA shows that the Agency is full speed ahead with plans to use powerful data analytics tools to help find and prosecute everything from money laundering to illegal gambling to 419 scams. The 2011 Annual Report on Suspicious Activity...
Legal Threat Pushes Former HBGary Federal CEO Out Of DEFCON
Former HBGary Federal CEO Aaron Barr says he will withdraw from a planned appearance at the DEFCON conference in the face of threatened legal action over his plans to take part in a panel discussion there. Barr notified DEFCON organizers on Wednesday that he was withdrawing from the Aug. 6 panel...