13 matches found
CVE-2024-37959
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Atlas Public Policy Power BI Embedded for WordPress allows Stored XSS.This issue affects Power BI Embedded for WordPress: from n/a through 1.1.7...
CVE-2024-37959 WordPress Power BI Embedded for WordPress plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Atlas Public Policy Power BI Embedded for WordPress allows Stored XSS.This issue affects Power BI Embedded for WordPress: from n/a through 1.1.7...
CVE-2024-37959
CVE-2024-37959 is a stored XSS vulnerability in the Power BI Embedded for WordPress plugin, affecting WordPress installations using Power BI Embedded for WordPress up to version 1.1.7. The issue is described as an authenticated Stored XSS vulnerability during web page generation. Exploitation req...
AI as Sensemaking for Public Comments
Its become fashionable to think of artificial intelligence as an inherently dehumanizing technology, a ruthless force of automation that has unleashed legions of virtual skilled laborers in faceless form. But what if AI turns out to be the one tool able to identify what makes your ideas special,...
Incident Reporting Regulations Summary and Chart
A growing number of regulations require organizations to report significant cybersecurity incidents. We've created a chart that summarizes 11 proposed and current cyber incident reporting regulations and breaks down their common elements, such as who must report, what cyber incidents must be...
How a senior product manager is leading the passwordless movement at Microsoft
May 5, 2022, is World Password Day, a day we all use to create awareness around password security. At Microsoft, we choose to celebrate replacing passwords with better and more secure ways to sign in. I can’t think of a better person at Microsoft to represent this journey than Libby Brown, a seni...
How a senior product manager is leading the passwordless movement at Microsoft
May 5, 2022, is World Password Day, a day we all use to create awareness around password security. At Microsoft, we choose to celebrate replacing passwords with better and more secure ways to sign in. I can’t think of a better person at Microsoft to represent this journey than Libby Brown, a seni...
Why is Cybersecurity Failing Against Ransomware?
Yes, security is hard – no one is ever 100 percent safe from the threats lurking out there. But how is it that time and time again, companies – big companies – are continuing to fall for ransomware attacks? Why aren’t we getting any better at preventing them? Let’s explore the main reasons why,...
Akamai's Climate Leadership
Guest blogger Jim Boyle is CEO and Founder of Sustainability Roundtable, Inc. His views are his own and do not necessarily reflect those of Akamai. The business world has moved much further online in 2020 and showed up as never before at NYC's Climate Week September 21-27. HRH The Prince of Wales...
New Relic: Bypassing Protection Mechanism: Change of Account Name after Session Log out
The researcher illustrated a delay in session invalidation. This has not been added to our public policy to help prevent confusion...
Why Technologists Need to Get Involved in Public Policy
Last month, I gave a 15-minute talk in London titled: "Why technologists need to get involved in public policy." In it, I try to make the case for public-interest technologists. I also maintain a public-interest tech resources page, which has pretty much everything I can find in this space. If I'...
Microsoft: Russia's Fancy Bear Working to Influence EU Elections
As the May elections for European Parliament loom, Russia-linked APT groups are amping up their efforts to target journalists, think-tanks, non-governmental organizations and other members of civil society, according to Microsoft. The tech giant said on Tuesday that it has observed a recent serie...
Emergency Adobe Flash Update Handles Zero Day Under Attack
Adobe rushed out an unscheduled Flash Player update today to counter exploits of a zero-day vulnerability in the software. A number of national security, foreign policy and public policy websites are hosting exploits that redirect to espionage malware, including the Peter G. Peterson Institute fo...