153 matches found
Reduce SaaS App Risks with Cloud Security Broker & Zero Trust
Responsibility for protecting users and critical data in cloud applications falls to the organizations that use them. Discover how to maintain data control with Cloud Application Security Broker CASB technology and a zero trust strategy...
Stop! Are you putting sensitive company data into ChatGPT?
Helping to reduce costs and enhance productivity are both things that your employer will look kindly upon. But what if you use an external tool for those tasks and the tasks involve confidential data that ended up on a server outside of the control of your company? Thats a problem. As a news writ...
SUSE CVE-2022-4170
The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set...
CVE-2022-4170
The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set...
CVE-2022-4170
The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set...
CVE-2022-4170
The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set...
Simplify privacy protection with Microsoft Priva Subject Rights Requests
The General Data Protection Regulation GDPR came into effect in 2018 and set a new standard for the level of control individuals in the European Union had on the personal data they shared online. Since then, the number of privacy regulations around the world has flourished and impacted the privac...
How a Cloud Security Broker Reduces SaaS App Risks - SASE Part 4
Responsibility for protecting users and critical data in cloud applications falls to the organizations that use them. Discover how to maintain data control with Cloud Application Security Broker CASB technology...
Fedora: Security Advisory for syncthing (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-45910
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main function. It allows an attacker to write data outside of the allocated buffer. The attacker has control over a part of the address that data is written to, control over the written data, and to some...
UBUNTU-CVE-2021-45910
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main function. It allows an attacker to write data outside of the allocated buffer. The attacker has control over a part of the address that data is written to, control over the written data, and to some...
CVE-2021-45101
The CVE-2021-45101 issue affects HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. A user with only READ access to an HTCondor SchedD or Collector daemon can use standard command-line tools to discover secrets, potentially allowing them to control other users’ jobs and/or read t...
Advantech WebAccess Cross-Site Scripting Vulnerability (CNVD-2021-42395)
Advantech WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech, Taiwan, China. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A security vulnerability exists in Advantec...
Worried About SaaS Misconfigurations? Check These 5 Settings Everybody Misses
Enterprises depend on SaaS applications for countless functions, like collaboration, marketing, file sharing, and more. But problematically, they often lack the resources to configure those apps to prevent cyberattacks, data exfiltration, and other risks. Catastrophic and costly data breaches...
Android 11 — 5 New Security and Privacy Features You Need to Know
After a long wait and months of beta testing, Google last week finally released Android 11, the latest version of the Android mobile operating system—with features offering billions of its users more control over their data security and privacy. Android security is always a hot topic and almost...
New Privacy Features Added to the Upcoming Apple iOS 14 and macOS Big Sur
Unprecedented times call for unprecedented measures. No, we're not talking about 'coronavirus,' the current global pandemic because of which Apple—for the very first time in history—organized its Worldwide Developer Conference WWDC virtually. Here we're talking about a world in which we are all...
freerdp: Out-of-bounds write in planar.c
A flaw was found in freerdp in versions between 1.0 and 2.0.0. An out-of-bounds memory write was found in the planar.c function which could allow an attacker to control data sent from the RDP server to the client. The highest threat from this vulnerability is to data confidentiality and integrity...
CVE-2020-2001 PAN-OS: Panorama External control of file vulnerability leads to privilege escalation
An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. This issue affects: All...
Contact Tracing COVID-19 Infections via Smartphone Apps
Google and Apple have announced a joint project to create a privacy-preserving COVID-19 contact tracing app. Details, such as we have them, are here. It's similar to the app being developed at MIT, and similar to others being described and developed elsewhere. It's nice seeing the privacy...
A week in security (February 3 – 9)
Last week on Malwarebytes Labs, we looked at Washington state’s latest efforts in providing better data privacy rights for their residents, and we dove into some of the many questions regarding fintech: What is it? How secure is it? And what are some of the problems in the space? We also detailed...