Lucene search
K

2354 matches found

Akamai Blog
Akamai Blog
added 2018/01/04 8:40 p.m.22 views

Impact of Meltdown and Spectre on Akamai

Overview On Wednesday, January 3rd, researchers from Google Project Zero, Cyberus Technology, Graz University of Technology, and other organizations released details about a pair of related vulnerabilities, dubbed Meltdown and Spectre. These vulnerabilities appear to affect all modern processors...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/01/03 4:30 p.m.33 views

Three Reasons Why GDPR Encourages Pseudonymization

The General Data Protection Regulation GDPR is the European Union’s new data regulation designed to provide individuals with rights and protections over their personal data that is collected or created by businesses or government entities. It unifies data protection regulation across all member...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2018/01/01 1:13 a.m.22 views

Forever 21 Confirms Security Breach Exposed Customer Credit Card Details

First notified in November of a data breach incident, popular clothing retailer Forever 21 has now confirmed that hackers stole credit card information from its stores throughout the country for several months during 2017. Although the company did not yet specify the total number of its customers...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2017/12/29 1:25 a.m.31 views

Critical "Same Origin Policy" Bypass Flaw Found in Samsung Android Browser

A critical vulnerability has been discovered in the browser app comes pre-installed on hundreds of millions of Samsung Android devices that could allow an attacker to steal data from browser tabs if the user visits an attacker-controlled site. Identified as CVE-2017-17692, the vulnerability is Sa...

5CVSS7.3AI score0.78843EPSS
Exploits7
The Hacker News
The Hacker News
added 2017/12/21 7:7 p.m.17 views

Nissan Finance Canada Suffers Data Breach — Notifies 1.13 Million Customers

It's the last month of this year, but possibly not the last data breach report. Nissan warns of a possible data breach of personal information on its customers who financed their vehicles through Nissan Canada Finance and INFINITI Financial Services Canada. Although the company says it does not...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/12/18 5:43 p.m.749 views

Imperva’s Top 10 Blogs of 2017

I recently took a step back to review all the content we shared in 2017 on the Imperva blog. We covered a broad range of topics including data security, cloud migration, application and API security, AI and machine learning, cybersecurity research, GDPR, insider threats and more. We were busy!...

10CVSS9.9AI score0.99999EPSS
Exploits85
Imperva Blog
Imperva Blog
added 2017/12/11 4:38 p.m.10 views

Women in Tech and Career Spotlight: Shiri Margel

This month we’ll be closing out our series featuring women in tech at Imperva. While I work closely with many of the women we’ve spotlighted, I’ve found learning more about their backgrounds so interesting—I hope you have too! Continuing in the series, I spoke with Shiri Margel, team lead in the...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/12/04 7:2 p.m.14 views

Database Security at Cloud Scale

The biggest challenge to data security is the sheer volume and pace of data growth. More so even than the shift from relational data to unstructured or the migration of data to the cloud. “Cloud scale” is usually used to refer to technical items like data center size and operations or networks an...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2017/12/04 2:5 a.m.21 views

Is Your DJI Drone a Chinese Spy? Leaked DHS Memo Suggests

The United States Department of Homeland Security DHS has recently accused Da-Jiang Innovations DJI, one of the largest drone manufacturers, of sending sensitive information about U.S. infrastructure to China through its commercial drones and software. A copy memo from the Los Angeles office of t...

6.4AI score
Exploits0
Hacker One
Hacker One
added 2017/11/29 10:39 p.m.36 views

Open-Xchange: [IDOR] Deleting other people's tasks

Description When creating tasks each task is assigned with an id value. Using this id it's possible to delete any task created in the same instance even if you don't actually have access to viewing or editing the task. Steps to Reproduce 1 Login to https://sandbox.open-xchange.com/ with user1 2...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/11/21 4:30 p.m.21 views

Build-Your-Own Data Masking. Yes or No?

A lot of organizations are taking great strides to protect their sensitive data with a multi-layered strategy—one that includes data masking. We’ve even seen many tackling this critical data security component in DIY fashion, often tasking one resource with developing and implementing scripts to...

6.7AI score
Exploits0
NVD
NVD
added 2017/11/17 4:29 a.m.25 views

CVE-2017-1000246

Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data...

5.3CVSS5.2AI score0.00905EPSS
Exploits0References1
Prion
Prion
added 2017/11/14 11:29 p.m.13 views

Code injection

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware subcomponent: Core. Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo...

5CVSS6.6AI score0.02142EPSS
Exploits0References2Affected Software1
Carbon Black Blog
Carbon Black Blog
added 2017/11/13 2:40 p.m.43 views

GDPR Talk Dominates Barcelona’s  PCI DSS Community Conference

Recently, I returned from the European PCI DSS community conference in Barcelona. As always, the conference featured analysis of current hot topics within the PCI community and was helpful for any security professional looking to learn about the latest advancements in data security and protection...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2017/11/10 12:6 p.m.35 views

New Research in Invisible Inks

It's a lot more chemistry than I understand: Invisible inks based on "smart" fluorescent materials have been shining brightly if only you could see them in the data-encryption/decryption arena lately.... But some of the materials are costly or difficult to prepare, and many of these inks remain...

7AI score
Exploits0
CNVD
CNVD
added 2017/10/31 12:0 a.m.3 views

NQ Contacts Backup&Restore Access Gain Vulnerability

NQ Contacts Backup&Restore application for Android is a set of data backup and recovery software based on Android platform. A security vulnerability exists in version 1.1 of the NQ Contacts Backup&Restore application for Android, which originates from the program's use of an RC4 static key. The...

7.8CVSS7AI score0.00133EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/10/30 1:45 p.m.18 views

Malicious Chrome Extension Steals Data Posted to Any Website

Malicious browser extensions continue to bear fruit for hackers who have been using them to spread banking malware and adware, and hijacking popular add-ons to spread other nasty code. The latest abuse involves a Google Chrome extension being spread in phishing emails that steals any data posted...

0.1AI score
Exploits0References4
CNVD
CNVD
added 2017/10/30 12:0 a.m.2 views

dll hijacking vulnerability in Yisetron Data Security Guard

Yisetong Data Security Guard is a security product that specializes in preventing your private data assets from being illegally stolen or used by others in the process of sharing and storing. A dll hijacking vulnerability exists in Yisetone Data Safeguard. The vulnerability is due to an unsafe...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/10/23 4:1 p.m.23 views

Monitor More, Worry Less. Outpace Threats With Machine Learning.

In the past two years, enterprises have created more data than has been created in the entire history of humankind. At scale, securing this amount of data requires a re-think of how we grant and revoke access to sensitive files and, more importantly, how we identify and track the inevitable acces...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2017/10/18 12:0 a.m.49 views

Oracle Java SE Security Updates (oct2017-3236626) 02 - Linux

Oracle Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS7.2AI score0.16181EPSS
Exploits2References15
Rows per page
Query Builder