Lucene search
K

117 matches found

The Hacker News
The Hacker News
added 2025/09/04 10:9 a.m.4 views

Google Fined $379 Million by French Regulator for Cookie Consent Violations

The French data protection authority has fined Google and Chinese e-commerce giant Shein $379 million €325 million and $175 million €150 million, respectively, for violating cookie rules. Both companies set advertising cookies on users' browsers without securing their consent, the National...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/08/10 12:0 a.m.7 views

PT-2025-32467 · Unknown · Litmuschaos

Name of the Vulnerable Software and Affected Versions: LitmusChaos Litmus versions up to 3.19.0 Description: A problematic issue exists in LitmusChaos Litmus due to improper control of resource identifiers resulting from the manipulation of the projectID argument. This issue can be exploited...

5.3CVSS7.1AI score0.00365EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.7 views

PT-2025-32445 · Vsftpd +1 · Vsftpd +1

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-822DRE version FW103B02 Description: A vulnerability exists in TRENDnet TEW-822DRE FW103B02, affecting an unknown part of the vsftpd component. The issue results in a least privilege violation. Local access is required for...

7.3CVSS6.7AI score0.00147EPSS
Exploits0References9
Packet Storm News
Packet Storm News
added 2025/07/09 12:0 a.m.8 views

Understanding Malware Propagation Dynamics through Scientific Machine Learning

Accurately modeling malware propagation is essential for designing effective cybersecurity defenses, particularly against adaptive threats that evolve in real time. While traditional epidemiological models and recent neural approaches offer useful foundations, they often fail to fully capture the...

6.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2025/06/27 5:15 p.m.5 views

CVE-2024-12364

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mavi Yeşil Software Guest Tracking Software allows SQL Injection. This issue affects Guest Tracking Software. NOTE: The vendor did not inform about the completion of the fixing process within the...

9.8CVSS5.8AI score0.00377EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.5 views

KCLNet: Physics-Informed Power Flow Prediction Via Constraints Projections

In the modern context of power systems, rapid, scalable, and physically plausible power flow predictions are essential for ensuring the grid's safe and efficient operation. While traditional numerical methods have proven robust, they require extensive computation to maintain physical fidelity und...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.6 views

AdRo-FL: Informed and Secure Client Selection for Federated Learning in the Presence of Adversarial Aggregator

Whitepaper called AdRo-FL: Informed And Secure Client Selection For Federated Learning In The Presence Of Adversarial Aggregator...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/21 12:0 a.m.6 views

Alignment under Pressure: the Case for Informed Adversaries When Evaluating LLM Defenses

Large language models LLMs are rapidly deployed in real-world applications ranging from chatbots to agentic systems. Alignment is one of the main approaches used to defend against attacks such as prompt injection and jailbreaks. Recent defenses report near-zero Attack Success Rates ASR even again...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2025-0447

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML...

8.8CVSS8AI score0.00445EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2025/01/06 2:26 p.m.6 views

India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

The Indian government has published a draft version of the Digital Personal Data Protection DPDP Rules for public consultation. "Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent," India's Press Information Bureau PIB sa...

6.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/12/17 9:17 p.m.54 views

What’s New in Qualys VMDR: 2024 Edition

Let us quickly recap the features released in Qualys Vulnerability Management, Detection & Response VMDR in 2024 and understand their use cases and benefits. Every quarter, the Qualys Product Management team collaborates with multiple customers worldwide, develops innovative solutions that addres...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/23 4:28 a.m.39 views

Google Abandons Plan to Phase Out Third-Party Cookies in Chrome

Google on Monday abandoned plans to phase out third-party tracking cookies in its Chrome web browser more than four years after it introduced the option as part of a larger set of a controversial proposal called the Privacy Sandbox. "Instead of deprecating third-party cookies, we would introduce ...

6.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/03/25 3:44 p.m.61 views

Combine Qualys TruRisk™ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk

There are so many vulnerabilities disclosed daily that no one can patch all of them. Unfortunately, attackers can exploit them while you are still in the process of reviewing, prioritizing, and patching. Effective risk-based prioritization focuses your limited resources and remediation efforts...

7.5CVSS10AI score0.99999EPSS
Exploits58
Qualys Blog
Qualys Blog
added 2024/03/12 8:45 p.m.34 views

Top MITRE ATT&CK Tactics and Techniques Leveraged in 2023

The Qualys Threat Research Unit has mapped vulnerabilities and misconfigurations to the MITRE ATT&CK framework tactics and techniques to help you get the attacker’s view. They have also analyzed vulnerabilities and misconfigurations across all our customers to find the top tactics and techniques...

9.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/07 10:51 a.m.25 views

Building a Robust Threat Intelligence with Wazuh

Threat intelligence refers to gathering, processing, and analyzing cyber threats, along with proactive defensive measures aimed at strengthening security. It enables organizations to gain a comprehensive insight into historical, present, and anticipated threats, providing context about the...

7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2023/11/09 12:31 p.m.26 views

Leveraging AI-informed Cybersecurity to Measure, Communicate, and Eliminate Cyber Risk

Dilip Bachwani, Qualys CTO, shares the Qualys AI strategy with TruRisk AI at QSC 2023. The threat landscape is constantly evolving, and so are the implications of cyber risk across any organization. As attacker tactics become more sophisticated and persistent, cybersecurity strategies must grow...

7.2AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/09/12 12:0 a.m.22 views

Azure vs. AWS Developer Tools Guide

Azure vs. AWS — which should you use for your DevOps environment? Discover the differences, similarities, and use cases to make an informed decision...

7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2023/08/17 4:59 p.m.30 views

Part III: Implementing Effective Cyber Security Metrics that Reduce Risk Realistically

We outlined some critical cybersecurity metrics in Part I of this three-part blog series. In the final blog post, we will delve into three crucial aspects outlined in Josh’s article: tactical metrics for operational teams, strategic metrics for leadership, and the metrics addressing the...

7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/05/19 12:0 a.m.9 views

Azure vs. AWS Developer Tools Guide

Azure vs. AWS — which should you use for your DevOps environment? Discover the differences, similarities, and use cases to make an informed decision...

7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2023/04/10 4:21 p.m.16 views

Threat-informed defense: The evolution of red teaming in cybersecurity

While there are several approaches to vulnerability management like pen testing and red teaming, adversary emulation is the only method that contributes to a threat-informed defense cybersecurity strategy...

6.9AI score
Exploits0
Rows per page
Query Builder