Achieve Federal-Grade M365 Security: Governing with Qualys SSPM and SCuBA

Qualys SaaS Security Posture Management SSPM introduces native support for the Secure Cloud Business Applications SCuBA compliance framework, bringing CISA's toughest M365 security benchmarks directly into your continuous posture monitoring workflow. Key Takeaways CISA’s Secure Cloud Business...

A Survey of Security Challenges and Solutions for UAS Traffic Management (UTM) and Small Unmanned Aerial Systems (SUAS)

The rapid growth of small Unmanned Aerial Systems sUAS for civil and commercial missions has intensified concerns about their resilience to cyber-security threats. Operating within the emerging UAS Traffic Management UTM framework, these lightweight and highly networked platforms depend on secure...

CVE-2022-25089

Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEYLOCALMACHINE via UITasks.PersistentRegistryData...

Bitcoin’s Prospects in 2025: Exploring Opportunities and Mitigate Risks

Explore Bitcoin's 2025 prospects, market trends, mining, and secure methods like cloud platforms. Learn strategies to manage risks…...

Apple Unveils Homomorphic Encryption Package for Secure Cloud Computing

Apples open-source "swift-homomorphic-encryption" package revolutionizes privacy in cloud computing. It allows computations on encrypted data without decryption, safeguarding…...

CISA Develops Factsheet for Free Tools for Cloud Environments

CISA has developed and published a factsheet, Free Tools for Cloud Environments, to help businesses transitioning into a cloud environment identify proper tools and techniques necessary for the protection of critical assets and data security. Free Tools for Cloud Environments provides network...

CISA Releases SCuBA TRA and eVRF Guidance Documents

CISA has released several documents as part of the Secure Cloud Business Applications SCuBA project: The Technical Reference Architecture TRA document, previously released for public comment on April 19, 2022, is the final version of a security guide that agencies can use to adopt technology for...

Race condition

Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition...

CVE-2022-25090

Summary (CVE-2022-25090): Printix Secure Cloud Print Management (versions 1.3.1106.0 and earlier) creates a temporary file named temp.ini in a directory with insecure permissions, enabling a race-condition-based privilege escalation. The Red Hat advisory and multiple public sources corroborate th...

CVE-2022-25090

Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition...

PT-2022-17071 · Printix · Printix Secure Cloud Print Management

Name of the Vulnerable Software and Affected Versions: Printix Secure Cloud Print Management versions 1.3.1106.0 and earlier Description: The issue is related to the creation of a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation due to a race...

CVE-2022-25089

Printix Secure Cloud Print Management up to version 1.3.1106.0 is affected by an improper privilege use in UITasks.PersistentRegistryData that allows modifying HKEY_LOCAL_MACHINE, enabling unauthorized registry changes. Root cause: incorrect use of Privileged APIs; impact includes potential syste...

Parsec - Secure Cloud Framework

Homepage: https://parsec.cloud Documentation: https://parsec-cloud.readthedocs.org. Parsec is a free software AGPL v3 aiming at easily share your work and data in the cloud in total privacy thanks to cryptographic security. Key features: Works as a virtual drive on you computer. You can access an...

ICS-CERT Warns of Flaw in Innominate mGuard Secure Cloud Product

The ICS-CERT is warning users about a vulnerability in a secure public cloud product from Innominate that enables an attacker to gain valuable configuration data about a target system, information that could be used in future attacks. The vulnerability is an information disclosure bug in the...