Lucene search
K

61 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/10/06 4:59 a.m.39 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to SQL injection due to PostgreSQL (CVE-2022-31197) and obtaining sensitive information due to RESTEasy (CVE-2020-25633)

Summary IBM i Modernization Engine for Lifecycle Integration platform component is vulnerable to SQL injection and obtaining sensitive information as described in the Vulnerability Details section. These components are used in IBM i Modernization Engine for Lifecycle Integration for infrastructur...

8CVSS7.3AI score0.01662EPSS
Exploits1Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2022/07/27 1:56 p.m.15 views

5 SOAR Myths Debunked

A recently published ESG research ebook, sponsored by Rapid7, SOC Modernization and the Role of XDR, shows that organizations are increasingly leveraging security orchestration, automation, and response SOAR systems in an attempt to keep up with their security operations challenges. This makes...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/07/19 2:0 p.m.9 views

Gimme! Gimme! Gimme! (More Data): What Security Pros Are Saying

Eight in 10 organizations collect, process, and analyze security operations data from more than 10 sources, ESG identified in a new ebook SOC Modernization and the Role of XDR, sponsored by Rapid7. Security professionals believe that the most important sources are endpoint security data 24%, thre...

Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/11 4:0 p.m.76 views

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Guava, Red Hat Single Sign-On, Springfox and Spring Security could allow a remote attacker to bypass security restrictions...

9.8CVSS0.9AI score0.99677EPSS
Exploits120Affected Software1
Imperva Blog
Imperva Blog
added 2022/06/07 1:2 p.m.15 views

Three Reasons Why Unification Drives Modern Data Security Strategy

Today, the necessities of business innovation compel most organizations to have several teams with diverse priorities managing dozens of data sources, all with different structures. This makes it impossible to secure complete data repositories successfully using traditional methods. This post wil...

0.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/05/04 3:48 p.m.81 views

XSS in JSON: Old-School Attacks for Modern Applications

I recently wrote a blog post on injection-type vulnerabilities and how they were knocked down a few spots from 1 to 3 on the new OWASP Top 10 for 2022. The main focus of that article was to demonstrate how stack traces could be — and still are — used via injection attacks to gather information...

7.5CVSS9.1AI score0.99677EPSS
Exploits102
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/04/14 6:0 p.m.17 views

A clearer lens on Zero Trust security strategy: Part 1

Todays world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and what it means. This first blog will draw on the past, present, and future to bring a clear vision while keeping our feet planted firmly on the...

6.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/11/10 8:41 p.m.11 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i

Summary Vulnerabilities detected in Node.js versions before v14.16.2 that affect the Cordova platform packaged with Rational Developer for i Software. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products|...

2.9AI score
Exploits0Affected Software1
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/06/30 1:0 p.m.37 views

The critical role of Zero Trust in securing our world

We are operating in the most complex cybersecurity landscape that we’ve ever seen. While our current ability to detect and respond to attacks has matured incredibly quickly in recent years, bad actors haven’t been standing still. Large-scale attacks like those pursued by Nobelium1 and Hafnium,...

7.1AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/05/21 4:0 a.m.18 views

Digital Transformation Usain Bolt-Style: Health Care's Sprint to Modernization

In the present age, patients now use smartphone apps to schedule doctor's visits, contact insurance companies, and get prescriptions instead of picking up the phone...

1.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/05/20 7:51 p.m.19 views

Security Bulletin: Multiple vulnerabilities in Node.js affecting Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux

Summary Portions of Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i Modernization Tools, Java edition, and Rational Developer for AIX and Linux. Multiple Node.js vulnerabilities have been discovered that affect the Cordova platform...

1.5AI score
Exploits0Affected Software2
Imperva Blog
Imperva Blog
added 2021/02/24 2:39 p.m.27 views

What’s Different About Data Security in the Cloud? Almost Everything.

Well before the onset of the pandemic most organizations had a digital transformation plan in place which included migrating workloads to new modern architectures, usually a private, public, or hybrid cloud. As the challenges caused by COVID-19 became more acute, these organizations accelerated...

6.8AI score
Exploits0
Akamai Blog
Akamai Blog
added 2020/07/07 2:0 p.m.21 views

The Only Constant Is Change -- Rethinking Secure Access for a New Workforce

It seems like a long time ago now when IT teams had their annual strategy meeting, where topics related to network modernization with SASE or SD-WANs, remote access, threat prevention, and cloud adoption were likely discussed. COVID-19, however, has caused a lot of these initiatives to take a...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/12/18 4:0 p.m.34 views

How We Streamlined Infrastructure and Tooling as a Service for Development

At VMware Carbon Black, we’ve historically acquired a broad technology stack in our journey to build the premier security solution that understands cybercriminal behavior. Inheriting such a variety of tooling and storage solutions presented a challenge for us operationally. So, in order to reduce...

0.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.32 views

Security Bulletin: Multiple OpenSSL vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux

Summary Portions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i RPG and COBOL + Modernization Tools, Java and EGL editions, and Rational Developer for AIX and Linux. Multiple OpenSSL vulnerabilities in Node.js were found on May ...

7.5CVSS0.9AI score0.89058EPSS
Exploits6Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/03 4:23 a.m.26 views

Security Bulletin: Multiple vulnerabilities in modules from the IBM SDK for Node.js affect the Cordova tools packaged in Rational Developer for i Modernization Tools Java Edition and Rational Developer for AIX and Linux (CVE-2014-7191 and CVE-2014-7192)

Summary Security vulnerabilities have been discovered in the syntax-error and qs modules packaged in the IBM SDK for Node.js and Cordova platform packaged in Rational Developer for i Modernization Tools Java Edition and Rational Developer for AIX and Linux. The fix upgrades IBM SDK for Node.js to...

10CVSS0.6AI score0.13441EPSS
Exploits1Affected Software2
Qualys Blog
Qualys Blog
added 2018/06/28 4:0 p.m.59 views

GDPR Is Here: How GDPR Readiness Can Boost Your Business

Most discussions about the EU’s General Data Protection Regulation GDPR have naturally focused on best practices for achieving compliance and avoiding penalties. With GDPR now a reality for all companies that store and process personal data of EU residents, an often overlooked aspect has been the...

0.3AI score
Exploits0
Cisco Threats
Cisco Threats
added 2018/05/08 4:28 p.m.24 views

Threat Outbreak Alert RuleID32722: Email Messages Distributing Malicious Software on May 8, 2018

Medium Alert ID: 57826 First Published: 2018 May 8 16:28 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32722 may contain the following files: Name | Size ...

0.3AI score
Exploits0
Akamai Blog
Akamai Blog
added 2017/09/07 1:37 p.m.47 views

Cybersecurity Executive Order 13800: More than a Risk Assessment?

Written by Sr. Solutions Engineer, Micah Maryn. Most folks around the Washington DC beltway have heard the cybersecurity Executive Order EO 13800 - Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure referred to as a simple risk assessment. But the reality is that it i...

7AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2017/05/19 6:6 p.m.17 views

President’s Cybersecurity Executive Order

On May 11, 2017, President Trump released the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. This E.O. -- while stand alone in focus --should be seen in the context of a greater move in the Executive Branch to elevate the awareness...

4.3AI score
Exploits0
Rows per page
Query Builder