5460 matches found
CVE-2021-40825
nLight ECLYPSE nECY system Controllers running software prior to 1.17.21245.754 contain a default key vulnerability. The nECY does not force a change to the key upon the initial configuration of an affected device. nECY system controllers utilize an encrypted channel to secure SensorViewTM...
Ditch the Alert Cannon: Modernizing IDS is a Security Must-Do
After more than 20 years of underwhelming results, security leaders have accepted their intrusion detection system IDS programs as no more than a compliance checkoff. It’s no secret that IDS’s reliance on bi-modal signatures is brittle, easily evaded and often referred to as an “alert cannon.” Ti...
SAP Business One Information Disclosure Vulnerability (CNVD-2022-58472)
SAP Business One is a suite of enterprise management software from SAP, a German company. SAP Business One version 10.0 contains an information disclosure vulnerability that could be exploited by unauthorized attackers to access some encrypted sensitive information...
What are SSL certificates?
Secure Sockets Layer SSL certificates are what cause your browser to display a padlock icon, indicating that your connection to a websites is secure. Although the padlock may soon be hidden from view, certificates arent going anywhere. Lets start with some definitions and explain some of the...
CVE-2021-33686
Under certain conditions, SAP Business One version - 10.0, allows an unauthorized attacker to get access to some encrypted sensitive information, but does not have control over kind or degree...
CVE-2021-33686
Under certain conditions, SAP Business One version - 10.0, allows an unauthorized attacker to get access to some encrypted sensitive information, but does not have control over kind or degree...
Information disclosure
Under certain conditions, SAP Business One version - 10.0, allows an unauthorized attacker to get access to some encrypted sensitive information, but does not have control over kind or degree...
CVE-2021-33686
Under certain conditions, SAP Business One version - 10.0, allows an unauthorized attacker to get access to some encrypted sensitive information, but does not have control over kind or degree...
SAP Business One 信息泄露漏洞
SAP Business One is a suite of enterprise management software from SAP, a German company. SAP Business One version 10.0 contains an information disclosure vulnerability that could be exploited by unauthorized attackers to access some encrypted sensitive information...
DEBIAN-CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
Code injection
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
UBUNTU-CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
CVE-2021-40824
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 aka Matrix SDK for Android before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were...
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
What Ragnar Locker Got Wrong About Ransomware Negotiators – Podcast
The Ragnar Locker ransomware gang just put its victims on notice: Call for help – be it from investigators, the FBI or ransomware negotiators – and the punishment will be the publication of encrypted files. Bryce Webster-Jacobsen, director of intelligence operations at digital risk...
Authentication flaw
Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...
LockBit Jumps Its Own Countdown, Publishes Bangkok Air Files
After Bangkok Airways disclosed that it had been clobbered by a cyberattack last week, the LockBit 2.0 ransomware gang tossed its own countdown clock in the trash and went ahead and published what it claims are the airline’s encrypted files on its leak site. BleepingComputer posted an image shown...