Lucene search
K

157 matches found

Malwarebytes
Malwarebytes
added 2022/08/09 4:0 p.m.48 views

Education hammered by exploits and backdoors in 2021 and 2022

In May of 2021, education underwent a siege of exploit attempts using the vulnerability CVE-2021-21551, which exploits a Dell system driver bug and helps attackers to gain access to a network. Considering that many schools across the United States use Dell hardware, its understandable to see such...

4.6CVSS0.5AI score0.58132EPSS
Exploits17
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/05 10:43 p.m.166 views

Security Bulletin: Multiple vulnerabilities in Jquery-Ui, highcharts, and datatables are affecting QRadar User Behavior Analytics (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184, CVE-2021-23445, CVE-2021-29489)

Summary There are vulnerabilities in third party packages JQuery-UI, Highcharts, datatables.net affecting User Behavior AnayticsUBA. UBA has been updated to the latest versions of these packages to address these vulnerabilities. Vulnerability Details CVEID:CVE-2021-41182 DESCRIPTION: jQuery...

7.6CVSS6.5AI score0.44515EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/05 10:39 p.m.74 views

Security Bulletin: Apache log4j vulnerabilities in Spark and Zookeeper affect QRadar User Behavior Analytics(CVE-2021-4104)

Summary There is a vulnerability in Apache log4j used by Spark and Zookeeper that is affecting QRadar User Behavior AnalyticsUBA. This has been addressed in both dependencies and UBA has been updated to the patched versions. Vulnerability Details CVEID:CVE-2021-4104 DESCRIPTION: Apache Log4j coul...

7.5CVSS8.7AI score0.81147EPSS
Exploits9Affected Software1
Imperva Blog
Imperva Blog
added 2022/06/15 1:3 p.m.16 views

Imperva Introduces New Features to Help Prevent Online Fraud

As we move more of our daily activities and the services we consume online, the threat of fraud grows, and the risks become greater. Data suggests the majority of organizations are already detecting a rise in online fraud. In a recent survey of senior risk executives, 67 percent said that their...

0.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/05/03 4:17 p.m.17 views

Using Pupil Reflection in Smartphone Camera Selfies

Researchers are using the reflection of the smartphone in the pupils of faces taken as selfies to infer information about how the phone is being used: For now, the research is focusing on six different ways a user can hold a device like a smartphone: with both hands, just the left, or just the...

0.3AI score
Exploits0
Code423n4
Code423n4
added 2022/02/06 12:0 a.m.8 views

Option to have setTokenOutPrice, will impact Token sale and user behavior

Lines of code Vulnerability details There is no loss of funds, but there is a possibility that the current code will dictate user behavior which is not intended. Hence setting the risk rating as medium. Impact There is an option to setTokenOutPrice by the owner. There can be two cases. case-1. th...

6.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/01/10 2:2 p.m.40 views

Security Bulletin: Log4j as used in IBM® QRadar User Behavior Analytics add on to IBM® QRadar SIEM is vulnerable to denial of service. (CVE-2021-45105)

Summary Log4j is used by IBM® QRadar User Behavior Analytics add on to IBM® QRadar SIEM to log system events. This bulletin provides a remediation to address the Log4j vulnerability CVE-2021-45105 by upgrading IBM® QRadar User Behavior Analytics add on to IBM® QRadar SIEM Vulnerability Details...

5.9CVSS1.3AI score0.99999EPSS
Exploits20Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/21 1:37 p.m.58 views

Security Bulletin: A vulnerability in Apache Log4j (CVE-2021-45046) impacts IBM® QRadar User Behavior Analytics add on to IBM® QRadar SIEM.

Summary There is a vulnerability in Apache Log4j which is used by IBM® QRadar User Behavior AnalyticsUBA to log system events. Vulnerability Details CVEID: CVE-2021-45046 DESCRIPTION: Apache Log4j could result in remote code execution, caused by an incomplete fix of CVE-2021-44228 in certain...

10CVSS1.2AI score0.99999EPSS
Exploits353Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/17 8:50 p.m.223 views

Security Bulletin: Log4j as used in IBM® QRadar User Behavior Analytics application add on to IBM® QRadar SIEM is vulnerable to remote code execution (RCE) (CVE-2021-44228)

Summary Log4j is used by IBM® QRadar User Behavior Analytics application to log system events. This bulletin provides a remediation for the vulnerability, CVE-2021-44228 by upgrading IBM® QRadar User Behavior Analytics application add on to IBM® QRadar SIEM and thus addressing the exposure to the...

10CVSS1.1AI score0.99999EPSS
Exploits351Affected Software1
ThreatPost
ThreatPost
added 2021/10/20 5:53 p.m.85 views

VPN Exposes Data for 1M Users, Leading to Researcher Questioning

Free virtual private network VPN service Quickfox, which provides access to Chinese websites from outside the country, exposed the personally identifiable information PII of more than a million users in just the latest high-profile VPN security failure. The incident has some security practitioner...

7.1AI score
Exploits0References5
The Hacker News
The Hacker News
added 2021/09/08 12:38 p.m.17 views

3 Ways to Secure SAP SuccessFactors and Stay Compliant

The work-from-anywhere economy has opened up the possibility for your human resources team to source the best talent from anywhere. To scale their operations, organizations are leveraging the cloud to accelerate essential HR functions such as recruiting, onboarding, evaluating, and more. SAP is...

6.1AI score
Exploits0
NVD
NVD
added 2021/08/02 4:15 p.m.14 views

CVE-2021-29757

IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168...

8.8CVSS0.00397EPSS
Exploits0References2
OSV
OSV
added 2021/08/02 4:15 p.m.5 views

CVE-2021-29757

IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168...

8.8CVSS5.7AI score0.00397EPSS
Exploits0References2
Prion
Prion
added 2021/08/02 4:15 p.m.16 views

Cross site request forgery (csrf)

IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168...

6.8CVSS8.2AI score0.00397EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/08/02 4:0 p.m.43 views

CVE-2021-29757

CVE-2021-29757 affects IBM QRadar User Behavior Analytics (UBA) add-on for QRadar SIEM. A cross-site request forgery (CSRF) vulnerability exists due to improper CSRF checking in some components, enabling attackers to perform malicious, authorized actions from a trusted user’s session. The IBM bul...

8.8CVSS8.4AI score0.00397EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/08/02 4:0 p.m.17 views

CVE-2021-29757

IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168...

4.3CVSS8.4AI score0.00397EPSS
Exploits0References2
CNVD
CNVD
added 2021/08/02 12:0 a.m.7 views

IBM QRadar User Behavior Analytics Cross-Site Request Forgery Vulnerability

IBM QRadar User Behavior Analytics UBA is a user behavior analysis software from IBM, USA. User activity can be analyzed to detect suspicious insiders and determine if user credentials have been stolen. Security analysts can easily view at-risk users, examine their anomalous activity, and drill...

8.8CVSS6.5AI score0.00397EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/07/31 12:13 a.m.20 views

Security Bulletin: User Behavior Analytics application add on to IBM QRadar SIEM performs improper CSRF checking for some components ( CVE-2021-29757)

Summary User Behavior Analytics application add on to IBM QRadar SIEM performs improper CSRF checking for some components. Vulnerability Details CVEID: CVE-2021-29757 DESCRIPTION: IBM QRadar User Behavior Analytics is vulnerable to cross-site request forgery which could allow an attacker to execu...

8.8CVSS1.6AI score0.00397EPSS
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2021/07/07 12:53 p.m.30 views

[Whitepaper] XDR vs. NDR/NTA – What do Organizations Truly Need to Stay Safe?

Security teams whose organizations are outside the Fortune 500 are faced with a dilemma. Most teams will have to choose between deploying either a network traffic analysis NTA or network detection and response NDR tool or an endpoint detection and response EDR tool to supplement their existing...

1AI score
Exploits0
CNVD
CNVD
added 2021/06/28 12:0 a.m.19 views

SQL Injection Vulnerability in NetGuard Network Audit System of Beijing NetGuard Nebula Information Technology Co.

Netnifty Network Security Audit System is a compliance management system for fine-grained auditing of users' operational behavior on core IT assets and servers within the network in a business environment. A SQL injection vulnerability exists in the Netnifty Network Audit System of Beijing Netnif...

7.8AI score
Exploits0
Rows per page
Query Builder