Why Imperva is a Cybersecurity Awareness Month Champion

This is our second consecutive year as a champion of Cybersecurity Awareness Month. Nowadays, IT security is everyone’s responsibility, and that’s something we take very seriously. Cybersecurity Awareness Month raises awareness of the core principles behind cybersecurity and highlights the key...

The 5-Question Test to Assess Your Readiness to Manage Insider Threats

An insider threat is a cyber security risk that originates from within any organization that is being targeted by attackers. Often, insider threats involve a current or former employee, or business associate, who has access to sensitive information or privileged accounts, and who misuses this...

CSO perspective: Why a strong IAM strategy is key to an organization’s cybersecurity approach

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Alissa “Dr. Jay”...

CVE-2021-28052

CVE-2021-28052 – Hitachi Content Platform (HCP) multi-tenant access control flaw. A tenant administrator can modify configurations in another tenant, potentially exposing data; a non‑admin tenant user may view configurations in another tenant. Affected products/versions: Hitachi Vantara HCP prior...

SaaS Eliminates Barriers to Applying Security Controls to Your Entire AWS and Azure Data Repository

Businesses today widely regard data as “the new oil,” the most valuable resource on earth. At the same time, we are in the midst of the most dynamic IT landscape in history which is increasing the risk to this most valuable asset. Organizations, without sufficiently skilled staff to effectively...

Top 3 data security risks facing businesses

By Owais Sultan There are many ways that data security risks can occur, and it is important to be aware of them in order to protect our information. This is a post from HackRead.com Read the original post: Top 3 data security risks facing businesses...

7 Ways Good Data Security Practices Drive Data Governance

As more organizations continue with digital transformation plans, their ability to be good stewards of the data for which they are responsible becomes more difficult. They are generating more data, more data types, in more repositories, in more and different architectures. Every day, organization...

Information leakage vulnerability in Netnifty Security Gateway System of Beijing Netnifty Information Technology Co.

Ltd. covers network boundary security protection, application and data security protection, network-wide security risk management, professional security solutions and professional security services. Ltd. has an information leakage vulnerability in its security gateway system, which can be exploit...

CVE-2022-38770

The CVE relates to Transtek Mojodat FAM (Fixed Asset Management) v2.4.6, where a vulnerability allows remote attackers to fetch other users’ data after a successful login. The connected sources confirm the affected product and version and describe the impact as exposure of other users’ data, but ...

Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED)

Rapid7, Inc. Rapid7 discovered vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare. The affected products are: SIGMA Spectrum Infusion Pump Firmware Version 8.00.01 SIGMA Wi-Fi Battery Firmware Versions 16, 17, 20 D29 Rapid7 initially reported these issues to Baxte...

Five Steps to Integrating a Data Repository Vulnerability Assessment Into A WAF–Driven Vulnerability Management Program

A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed. There are...

Critical RCE Vulnerability Affects Zyxel NAS Devices — Firmware Patch Released

Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage NAS devices. Tracked as CVE-2022-34747 CVSS score: 9.8, the issue relates to a "format string vulnerability" affecting NAS326, NAS540, and NAS542 models. Zyxel credited...

Are you getting the most out of your security platform investment?

In the last few years, most organizations had to accelerate their digital transformation to continue operations during the pandemic. However, as more software, applications, and data architectures were added to the technology stack, the number of tools implemented to secure these assets became...

Two New Trends Make Early Breach Detection and Prevention a Security Imperative

Key signs to look for in today’s complex data threat landscape Introduction The most vulnerable data repositories are the ones deep in your organization’s infrastructure. Everyone assumes they are safe, but as with your home, organizations must invest in security at entry points. Otherwise, the...

Cyber Signals: 3 strategies for protection against ransomware

The “as a service” business model has gained widespread popularity as growing cloud adoption has made it possible for people to access important services through third-party providers. Given the convenience and agility of service offerings, perhaps it shouldn’t be surprising that the “as a servic...

Data governance: 5 tips for holistic data protection

Your data is a strategic asset. To benefit your business, data requires strict controls around structure, access, and lifecycle. However, most security leaders have doubts about data security—nearly 70 percent of chief information security officers CISOs expect to have their data compromised in a...

Calculate Splunk Ingestion Costs Savings when Pre-Processing Data Repository Logs with Imperva DSF

If you use Splunk to ingest all your data for security analytics, you likely recognize it as one of the greatest indexing tools ever created. With Splunk, your security teams get a real-time view of machine data from the network, data center, or IT environments. Many enterprises also use Splunk t...

CVE-2020-35509

A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity...

Imperva Data Security Fabric Wins 2022 SC Media Trust Award for Data Security

SC Media has announced the winners of their 2022 SC Awards, with 38 companies, executives, and security solutions selected by their panel of judges as the best of the year. We are thrilled to report that ​Imperva Data Security Fabric has earned the 2022 SC Media Trust Award for Data Security. For...

Enable Security Teams to Leverage Machine Learning Technologies

As on-premises and cloud-hosted data repositories get larger, they are outstripping the ability of traditional data-crunching methods to efficiently analyze the information. As a result, more enterprises have turned to data science and machine learning platforms to create business value. The...