Lucene search
+L

77 matches found

ThreatPost
ThreatPost
added 2019/05/08 12:1 p.m.64 views

Cynet Provides Security Responders with Free IR Tool to Validate and Respond to Active Threats

Organizations that suspect an active threat or breach have two options: calling an external incident response provider to manage the investigation and response or trying to handle it internally with their own resources. Cynet is now introducing a free IR offering that caters to both scenarios – a...

1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2019/05/06 1:0 p.m.57 views

Amid Bug Bounty Hype, Sometimes Security is Left in the Dust

In January, the European Union kicked-off over a dozen new bug bounty programs targeting a bevy of popular open-source programs used by its members. The effort was supposed to be met with cheers. But instead, the launch sparked an unexpected backlash from the security community. The EU’s program...

7AI score
Exploits0References14
HackRead
HackRead
added 2018/11/30 6:10 p.m.85 views

Marriott hotel data breach: Sensitive data of 500 million guests stolen

By Waqas Marriott has announced that it has suffered a massive data breach after attackers hacked its guest reservation system at Starwood hotels, a group of hotels the company took over in 2016 - These hotels include Sheraton, St. Regis, Westin and W Hotels. The breach was discovered last week...

1.5AI score
Exploits0
Prion
Prion
added 2017/11/30 9:29 a.m.18 views

Improper access control

A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The vulnerability is due t...

4.6CVSS5.5AI score0.00345EPSS
Exploits0References3Affected Software1
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2017/09/05 12:0 a.m.374 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 61 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 61.0.3163.79 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...

8.8CVSS8.3AI score0.26331EPSS
Exploits0Affected Software1
CVE
CVE
added 2017/07/14 2:0 p.m.63 views

CVE-2017-2343

CVE-2017-2343 affects Juniper Junos SRX Series with the Integrated User Firewall (UserFW) authentication API. The root cause is hardcoded credentials in UserFW, enabling an unauthenticated, remote attacker to potentially gain administrative access to the SRX device and compromise connected servic...

10CVSS9.8AI score0.02697EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2017/07/13 12:0 a.m.23 views

Juniper Networks Junos OS SRX Series: Hardcoded Credentials Vulnerability

Junos OS on SRX series contain hardcoded credentials. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if...

10CVSS8.7AI score0.02697EPSS
Exploits0References1
seebug.org
seebug.org
added 2016/05/27 12:0 a.m.48 views

用友账户体系控制不严导致大量内部敏感数据泄露(涉及总裁个人资料/可深入)

简要描述: 泄露公司大量敏感数据 故评高 详细说明: 一日闲逛 发现一个用友的信息泄露地址: https://github.com/tianjlj/TJL/blob/b2019f75eae34ee4ed3512974b9a9a8b3cd1087f/Ltest/sendmail.py 轻松拿到某个内部员工的账号密码 成功登录企业内部邮箱 密码信息 利用一号多用 成功登录用友云盘系统 大量公司敏感数据 例如92页的员工手册...

7.1AI score
Exploits0
myhack58
myhack58
added 2016/01/14 12:0 a.m.18 views

Fortinet(FortiGate)suspected the presence of the SSH Backdoor influence 4. 0 to 5.0.7 version-bug warning-the black bar safety net

Overview 1 On 1 2 May, twitter user@esizkur published information that the Fortigate exist ssh back door, the impact of the version from 4. 0 to 5. 0. 7, and in the link given in the attached full attack using the code. According to the disclosure of information display, the attacker can use this...

6.9AI score
Exploits0
myhack58
myhack58
added 2015/07/04 12:0 a.m.13 views

At least one into the subject of mobile software vulnerabilities, some companies to grab the market does not consider security 9 0 after hacks said the hand tour“9 9% has a vulnerability” insiders suggested that the state of mobile software development of a unified standard of review-vulnerability warning-the black bar safety net

“It is a problem of the APP.” Xuhui Public Security Bureau network security detachment Bob Sergeant, record this phone the name of the software and is the“Black”of the symptoms. This is Bob the police officer and his colleagues made an experiment: they selected a certain influence of mobile phone...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2014/02/20 2:13 p.m.40 views

Google Fixes 28 Security Flaws in Chrome 33

Google Chrome 33 is out, and the new version of the browser includes fixes for 28 security vulnerabilities, including a number of high-severity bugs. The company paid out more than $13,000 in rewards to researchers who reported vulnerabilities that were fixed in this release. One of the...

7.5CVSS0.3AI score0.02074EPSS
Exploits1References10
ThreatPost
ThreatPost
added 2014/01/14 2:27 p.m.35 views

Google Blocks Malicious File Downloads Automatically in Chome

Google has fixed five vulnerabilities in its Chrome browser and also has activated a feature that will block malicious file downloads automatically. The change is a major security upgrade for Chrome and will help prevent users from unwittingly downloading harmful files, an attack vector that...

7.5CVSS0.01575EPSS
Exploits4References9
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2013/08/20 12:0 a.m.33 views

Stable Channel Update

The Chrome team is excited to announce the promotion of Chrome 29 to the Stable channel for Windows, Mac, Linux and Chrome Frame. Chrome 29.0.1547.57 contains a number of fixes and improvements, including: Improved Omnibox suggestions based on the recency of sites you have visited Ability to rese...

7.5CVSS6.5AI score0.01627EPSS
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2011/11/04 8:35 p.m.9 views

Another Dutch CA, KPN, Stops Issuing Certificates After Finding DDoS Tool On Server

Another Dutch certificate authority, KPN, has stopped issuing digital certificates after finding attack tools on a server in its Web infrastructures. The CA said that while it doesn’t have evidence right now that it’s CA infrastructure was compromised, it is taking the actions as a precaution. Th...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2011/01/24 4:24 p.m.8 views

Apple Hires New Security Chief

Apple has hired a software security expert to head up its growing internal security group. The company has hired David Rice, a former National Security Agency analyst and consultant on security issues, according to reports. Rice is currently the director of policy reform at the U.S. Cyber...

6.8AI score
Exploits0References7
ThreatPost
ThreatPost
added 2010/11/19 8:55 p.m.10 views

The Problem With Bug Counts

It’s getting to be that time of year again, when everyone starts looking for ways to do something with all of the data that they’ve accumulated during the last 12 months. That means reports and top tens and lists and rankings and controversy. And, inevitably, it also means more examples of why...

7.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2009/11/02 5:5 p.m.7 views

Congress Calls for Internal Security Review

After a former Congressional staffer exposed some sensitive data on a file-sharing network recently, some lawmakers are calling for the Congress to start an internal review of its own data security policies immediately. The situation, which is linked to an ethics investigation in the House of...

0.5AI score
Exploits0References2
Rows per page
Query Builder