Lucene search
K

1181 matches found

Imperva Blog
Imperva Blog
added 2017/06/20 3:30 p.m.17 views

Today’s File Security is So ’80s, Part 3: Dynamic Peer Groups – 3 Examples from Customer Data

In the first two parts of this series, we discussed why permissions management, the traditional approach to file security, no longer works and introduced a new approach to file security that leverages machine learning to build dynamic peer groups based on how users actually access files. In this...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2017/06/19 5:27 a.m.17 views

Database of Over 198 Million U.S. Voters Left Exposed On Unsecured Server

Information on more than 198 Million United States citizens, that's over 60% of the US population, was exposed in what's believed to be the largest ever known exposure of voter-related to date. This blunder was caused by Deep Root Analytics DRA, a data analytics firm employed by the US Republican...

6.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/06/14 3:30 p.m.20 views

5 Questions to Ask Your CISO about the GDPR

The European General Data Protection Regulation GDPR comes into force on May 25, 2018, and it will have a huge impact on the way businesses store and collect personal information belonging to those located in the European Union EU. The regulation applies to all businesses that hold and process da...

6.3AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/05/25 1:48 p.m.19 views

WannaCry Highlights Major Security Shortcomings Ahead of GDPR D-Day

For all the panic it caused, WannaCry looks finally to have been contained by organisations round the globe. But this isn’t the time to forget about it and move on. There are valuable lessons to be learned about this attack, why it was so successful and what can be done to prevent it happening...

6.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/05/18 4:29 p.m.42 views

Top 5 GDPR Myths: Get the Facts

The General Data Protection Regulation GDPR has been garnering much attention since its formal adoption in April 2016. With the effective date of May 25, 2018 fast approaching, some popular myths have emerged surrounding the regulation. In this blog post, we’ll examine and debunk a few of the mos...

6.3AI score
Exploits0
CNVD
CNVD
added 2017/05/16 12:0 a.m.1 views

China Construction Bank's Android app suffers from weak certificate validation vulnerability

China Construction Bank Android APP is the mobile application product of China Construction Bank. China Construction Bank Android APP suffers from a weak certificate validation vulnerability, as the X509TrustManager validation function does not validate the server-side certificate. An attacker ca...

6.6AI score
Exploits0
CNVD
CNVD
added 2017/05/05 12:0 a.m.3 views

Brave Status Bar Obfuscation Vulnerability

Brave is a Web browser product from Brave Software, Inc. in the United States. A status bar obfuscation vulnerability exists in Brave version 0.12.4, which may unintentionally redirect to a malicious website. An attacker can exploit this vulnerability to redirect users to malicious websites,...

6.5CVSS6.4AI score0.0066EPSS
Exploits1References1
CNVD
CNVD
added 2017/04/20 12:0 a.m.4 views

AIO AIO in-car Android App CAPTCHA has design flaws

Shenzhen Dudu Intelligent Technology Co., Ltd. is an innovative technology enterprise focusing on intelligent in-vehicle systems, high-end in-vehicle wearable devices and the construction of car networking ecosystem. AIO AIO in-vehicle Android App verification code has design flaws, attackers can...

7.1AI score
Exploits0
OSV
OSV
added 2017/04/03 9:59 p.m.3 views

CVE-2017-5685

The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may allow may allow an attacker with physical access to the system to gain access to personal information...

3.9CVSS5.8AI score0.00319EPSS
Exploits0References2
OSV
OSV
added 2017/04/03 9:59 p.m.4 views

CVE-2017-5684

The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version CC047 may allow an attacker with physical access to the system to gain access to personal information...

3.9CVSS5.8AI score0.00303EPSS
Exploits0References1
OSV
OSV
added 2017/04/03 9:59 p.m.5 views

CVE-2017-5686

The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may allow may allow an attacker with physical access to the system to gain access to personal information...

3.9CVSS5.8AI score0.00303EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/27 12:0 a.m.1 views

Arbitrary Password Reset Vulnerability in Chickie's Travel Android App

Chickie Mobility Android App is an app that provides public bike rental services. There is an arbitrary password reset vulnerability in Qiqi Travel Android APP. It allows an attacker to reset another person's password simply by knowing their cell phone number, and can view any other person's...

7.1AI score
Exploits0
CISA
CISA
added 2017/03/09 12:0 a.m.11 views

IRS Releases Tax-Time Guide

The Internal Revenue Service IRS has released tax-time advice intended to help the public protect their personal and financial data and computers. Recommendations include using strong passwords, backing up files, and using robust security software to help block malware and viruses. Users and...

6.9AI score
Exploits0References2
Hacker One
Hacker One
added 2017/03/05 6:29 p.m.19 views

LocalTapiola: XSS on 3rd party service Localtapiola is using

Basic report information Summary: Localtapiola is using careers.fi service to job applicants at http://www.lahitapiola.fi/tietoa-lahitapiolasta/toihin-meille/avoimet-tyopaikat/haemme-juuri-nyt Description: XSS on 3rd party careers.fi job service which may lead loss of personal data for the...

Exploits0
NVD
NVD
added 2017/02/01 8:59 p.m.14 views

CVE-2016-6090

IBM WebSphere Commerce contains an unspecified vulnerability that could allow disclosure of user personal data, performing of unauthorized administrative operations, and potentially causing a denial of service...

9.8CVSS9.2AI score0.01982EPSS
Exploits0References3
Prion
Prion
added 2017/02/01 8:59 p.m.16 views

Design/Logic Flaw

IBM WebSphere Commerce contains an unspecified vulnerability that could allow disclosure of user personal data, performing of unauthorized administrative operations, and potentially causing a denial of service...

7.5CVSS6.9AI score0.01982EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/02/01 8:0 p.m.15 views

CVE-2016-6090

IBM WebSphere Commerce contains an unspecified vulnerability that could allow disclosure of user personal data, performing of unauthorized administrative operations, and potentially causing a denial of service...

9.3AI score0.01982EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2017/01/05 12:7 a.m.19 views

Update — Hacker Claims to Have Hacked the FBI, But It Wasn't

Update: A hacker yesterday claimed to have hacked the FBI's website running on Plone CMS, but it seems it wasn't hacked using any zero-day vulnerability in Plone. We contacted Plone security team and updated this story see below with official statements. A hacker, using Twitter handle CyberZeist,...

6.5AI score
Exploits0
NVD
NVD
added 2016/12/23 4:59 p.m.20 views

CVE-2016-6910

The non-existent notification listener vulnerability was introduced in the initial Android 5.0.2 builds for the Samsung Galaxy S6 Edge devices, but the vulnerability can persist on the device even after the device has been upgraded to an Android 5.1.1 or 6.0.1 build. The vulnerable system app giv...

5.5CVSS5.2AI score0.00342EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2016/11/04 6:58 p.m.16 views

Over 1 Billion Mobile App Accounts can be Hijacked Remotely with this Simple Hack

Security researchers have discovered a way to target a huge number of Android and iOS apps that could allow them to remotely sign into any victim's mobile app account without any knowledge of the victim. A group of three researchers – Ronghai Yang, Wing Cheong Lau, and Tianyu Liu – from the Chine...

6.8AI score
Exploits0
Rows per page
Query Builder