Threat hunting in large datasets by clustering security events

By Tiago Pereira. Security tools can produce very large amounts of data that even the most sophisticated organizations may struggle to manage. Big data processing tools, such as spark, can be a powerful tool in the arsenal of security teams.This post walks through threat hunting on large...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company that provides a microkernel-based distributed operating system. Huawei HarmonyOS is vulnerable to a data processing error type vulnerability that could be exploited by an attacker to cause an application to crash...

Rapid7 Statement on the New Standard Contractual Clauses for International Transfers of Personal Data

Context: On June 4, 2021, the European Commission published new standard contractual clauses “New SCCs". Under the General Data Protection Regulation “GDPR", transfers of personal data to countries outside of the European Economic Area EEA must meet certain conditions. The New SCCs are an approve...

SAP ERP 安全漏洞

SAP ERP is a series of software for ERP management from SAP, a German company. SAP ERP has a security vulnerability that allows an attacker to register calls to certain functions that would otherwise be restricted to specific users. These functions are usually exposed over the network, and once...

CVE-2021-38555 An XML external entity (XXE) injection vulnerability exists in Apache Any23 StreamUtils.java

An XML external entity XXE injection vulnerability was discovered in the Any23 StreamUtils.java file and is known to affect Any23 versions 2.5. XML external entity injection also known as XXE is a web security vulnerability that allows an attacker to interfere with an application's processing of...

ROS-2-796

2.796 Vulnerability in GNU C Library glibc 2.32 CVE-2016-10228,CVE-2020-10029. 1. Vulnerability Description: CVE-2016-10228 Looping in iconv utility, manifested when run with "-c" option, in case of incorrect multibyte data processing. CVE-2020-10029 Stack corruption when trigonometric functions...

Design/Logic Flaw

An issue was discovered in tcppulloutofband in tcpin.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap...

Huawei HarmonyOS Data Processing Error Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a microkernel-based, distributed operating system. Huawei HarmonyOS has a security vulnerability that can be exploited by local attackers to cause kernel code execution...

CVE-2021-22417

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage...

CVE-2021-22417

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage...

CVE-2021-22416

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution...

CVE-2021-22416

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution...

Code injection

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage...

Code injection

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution...

CVE-2021-22416

CVE-2021-22416 affects HarmonyOS with a Data Processing Error that enables local attackers to achieve Kernel Code Execution. The vulnerability concerns a component of HarmonyOS and is described across multiple feeds (e.g., Red Hat and CNVD mirrors) as allowing local exploitation to run code in th...

CVE-2021-22416

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution...

CVE-2021-22417

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage...

CVE-2021-33629

The CVE-2021-33629 entry affects isula-build. The root cause is that certain functions for processing external data do not remove spaces, which can lead to a program crash during container image builds. Reported affected ranges include isula-build versions prior to 0.9.5-6 (Red Hat) and prior to ...

Clarification Of Terms MTU and MSS❗️

Discover What MTU and MSS are We now live in an advanced age where a ton of data is shared over short and significant distances by sharing over a dependable connection. The web has become an extremely helpful association network that upholds various frameworks, yet various boundaries engaged with...

Managed Detection and Response in Q4 2020

Download full report PDF As cyberattacks become more sophisticated, and security solutions require more resources to analyze the huge amount of data gathered every day, many organizations feel the need for advanced security services that can deal with this growing complexity in real time, 24/7...