16 matches found
Operationalising Information Security Management: A Procedural Framework Analysis of ISO/IEC 27001:2022 Implementation in a Financial-Technology Organisation
Organisations operating within information-intensive environments face intensifying pressure to formalise the governance of information security. The ISO/IEC 27001:2022 standard provides a globally recognised framework for establishing, implementing, maintaining, and continually improving an...
EUVD-2025-15683
Malicious code in bioql PyPI...
EUVD-2025-15189
Malicious code in bioql PyPI...
Hive Pro Achieves ISO/IEC 27001: 2022 Certification
Hive Pro has achieved ISO 27001: 2022 Certification, Demonstrating A Continuous Commitment to Excellence in Information Security August 8th, 2023 - HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market, is thrilled to announce that they have successfully attained ISO 27001:202...
ISO 27001 Certification: What it is and why it matters
Did you know that Rapid7 information security management system ISMS is ISO 27001 certified? This certification validates that our security strategy and processes meet very high standards. It underscores our commitment to corporate and customer data security. What is ISO 27001? ISO 27001 is an...
Microsoft best practices for managing IoT security concerns
The Internet of Things, or IoT, has expanded beyond the mere concept that it was when first introduced. IoT is now part of most individuals’ daily activities, from smart speakers and thermostats to smartwatches and vehicles. IoT devices and systems bring massive convenience and functionality. IoT...
IBM Security Access Manager path traversal vulnerability
IBM Security Access Manager is a product of IBM Corporation for information security management. The product enables access management control through integrated Web-, mobile-, and cloud-oriented devices.IBM Security Access Manager Docker is vulnerable to a path traversal vulnerability that...
SQL Injection Vulnerability in Zhongxin Golden Shield Information Security Management System
Zhongxin Network Information Security Co., Ltd. is a high-tech company integrating network security products, software and hardware development. There is a SQL injection vulnerability in the Zhongxin Golden Shield information security management system, which can be exploited by attackers to obta...
Weak Password Vulnerability in Zhongxin Golden Shield Information Security Management System
Zhongxin Golden Shield information security management system realizes the collection, monitoring, analysis, early warning and control of all kinds of resource information such as network traffic, IP address, domain name, information content, application and so on in the IDC server room. Weak...
Weak Password Vulnerability in Zhongxin Golden Shield Information Security Management System
Zhongxin Golden Shield Information Security Management System adopts distributed data collection, intelligent packet reorganization and flow reorganization, adaptive in-depth protocol analysis, real-time network protocol blocking, massive data storage, in-depth data mining and other advanced...
NEC ISM Client Trust Management Issue Vulnerability
NEC ISM Client is a client software from NEC Corporation that is used to manage NEC storage systems. NEC ISM Client has a trust management issue vulnerability that stems from the vulnerability of NEC ISM Client running on NEC Storage Manager or NEC Storage Manager Express to incorrect server...
Building a Security Risk Management Program
The frequency of data breaches today highlights the need to peel back the onion on security programs and identify a laser-focused mission and ultimate goal. As a compliance manager, I know the horror stories first hand. Let’s take a deeper dive into security and risk management basics to enable...
Nationwide information security management system suffers from st2_045 remote command execution vulnerability
Information security management system is a set of organizations in the overall or specific scope of the establishment of information security policy and objectives, as well as the methods used to complete these objectives. The nationwide information security management system uses Apache as the...
FAA Civil Aviation Registry Vulnerable to Data Breach
The Federal Aviation Administration’s FAA Civil Aviation Registry lacks proper security controls to prevent unauthorized access to its systems, according to a report based on a recent audit undertaken by the Office of the Inspector General OIG for the United States Department of Transportation Do...
Veterans Affairs breaches
The Department of Veterans Affairs was hit on two separate occasions by breaches in 2006. 26.5 million Veterans and their families had their names, Social Security numbers and dates of birth lifted after a laptop was swiped from an employee’s home in May. The laptop was retrieved in August and tw...
White House Unveils Cybersecurity Legislative Agenda
The White House proposed Thursday reforming the Federal Information Security Management Act by formalizing the Department of Homeland Security role in managing cybersecurity for the federal government's civilian computers and networks. What the Obama administration does not propose is the...