Lucene search
K

14 matches found

The Hacker News
The Hacker News
added 2024/07/17 11:9 a.m.13 views

Navigating Insider Risks: Are your Employees Enabling External Threats?

Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable challenge, and the attack requires assistance from the inside to succeed. For example, in 2022, the FBI issued a warning1 that SIM swap...

7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/10/25 4:0 p.m.17 views

Top insights and best practices from the new Microsoft Data Security Index report

A whopping 74 percent of organizations recently surveyed experienced at least one data security incident with their business data exposed in the previous year. That’s just one of our interesting insights from Microsoft’s new Data Security Index: Trends, insights, and strategies to secure data...

6.6AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/10/25 4:0 p.m.21 views

Top insights and best practices from the new Microsoft Data Security Index report

A whopping 74 percent of organizations recently surveyed experienced at least one data security incident with their business data exposed in the previous year. That’s just one of our interesting insights from Microsoft’s new Data Security Index: Trends, insights, and strategies to secure data...

6.3AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/04/24 5:0 p.m.19 views

Stay compliant and protect sensitive data with Zero Trust security

Regulatory standards frequently shift and tighten, especially with the rise of hybrid work environments. And with the explosion of data growth, organizations have seen a massive uptick in cybersecurity issues and needs. According to IBM’s 2022 Cost of a Data Breach Report, 83 percent of...

6.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/04/06 4:0 p.m.19 views

Secure hybrid and remote workplaces with a Zero Trust approach

Productivity and innovation have become critical goals in many hybrid and remote work environments. Ensuring preventative and strong security, in turn, must be at the heart of that. In this blog series, we’ll discuss two Zero Trust business scenarios: enabling a more productive hybrid or remote...

6.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/02/06 5:0 p.m.18 views

Introducing Adaptive Protection in Microsoft Purview—People-centric data protection for a multiplatform world

At Microsoft, we never stop working to protect you and your data. If the evolving cyberattacks over the past three years have taught us anything, it’s that threat actors are both cunning and committed. At every level of your enterprise, attackers never stop looking for a way in. The massive...

0.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/02/06 5:0 p.m.20 views

Introducing Adaptive Protection in Microsoft Purview—People-centric data protection for a multiplatform world

At Microsoft, we never stop working to protect you and your data. If the evolving cyberattacks over the past three years have taught us anything, it’s that threat actors are both cunning and committed. At every level of your enterprise, attackers never stop looking for a way in. The massive...

0.2AI score
Exploits0
OSV
OSV
added 2022/07/13 12:0 a.m.67 views

GHSA-64X4-9HC6-R2H6 Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library

Summary The Azure Storage Encryption library in Java and other languages is vulnerable to a CBC Padding Oracle attack, similar to CVE-2020-8911. The library is not vulnerable to the equivalent of CVE-2020-8912, but only because it currently only supports AES-CBC as encryption mode. Severity...

4.7CVSS4.9AI score0.00521EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/07/13 12:0 a.m.48 views

Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library

Summary The Azure Storage Encryption library in Java and other languages is vulnerable to a CBC Padding Oracle attack, similar to CVE-2020-8911. The library is not vulnerable to the equivalent of CVE-2020-8912, but only because it currently only supports AES-CBC as encryption mode. Severity...

4.7CVSS5.6AI score0.00521EPSS
Exploits0References5Affected Software5
OSV
OSV
added 2022/02/11 11:23 p.m.44 views

GHSA-7F33-F4F5-XWGW In-band key negotiation issue in AWS S3 Crypto SDK for golang

Summary The golang AWS S3 Crypto SDK is impacted by an issue that can result in loss of confidentiality and message forgery. The attack requires write access to the bucket in question, and that the attacker has access to an endpoint that reveals decryption failures without revealing the plaintext...

2.5CVSS5AI score0.00231EPSS
Exploits1References10
Microsoft Secure
Microsoft Secure
added 2022/01/27 5:0 p.m.17 views

Discover 3 ways to take a holistic approach to data protection

The risk landscape for organizations has changed significantly in the past few years. Traditional ways of identifying and mitigating risks simply don’t work. While traditionally, organizations have focused on external threats, risks from within the organization are just as prevalent and harmful...

0.9AI score
Exploits0
ThreatPost
ThreatPost
added 2021/06/15 2:47 p.m.30 views

Insider Risks In the Work-From-Home World

The employee who exfiltrated data after being fired. The employees who exposed 250 million customer records. The employee who stole trade secrets to get a leg up in his next job because hey, after all, it’s “his” work that he’s taking, right? Those are our traditional notions of insider risk and...

7.1AI score
Exploits0References1
The Hacker News
The Hacker News
added 2021/05/13 11:47 a.m.51 views

Can Data Protection Systems Prevent Data At Rest Leakage?

Protection against insider risks works when the process involves controlling the data transfer channels or examining data sources. One approach involves preventing USB flash drives from being copied or sending them over email. The second one concerns preventing leakage or fraud in which an inside...

6.7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/03/03 2:0 p.m.22 views

Compliance joins Microsoft Intelligent Security Association (MISA)

Like many of you, I’m thrilled to have my 2020 calendar safely in the recycling pile. During that time though, you too might have noticed how, perhaps unknowingly, you were able to turn some of last year’s lemons into lemonade. Maybe you developed a deeper appreciation for everyday moments and th...

0.5AI score
Exploits0
Rows per page
Query Builder