Tag
#auth
Guy Tytunovich, founder and CEO of CHEQ, says the days of a one-size-fits-all consent strategy are gone. Consider a two-pronged approach and use smart consent management technology to adapt to differing regulations.
In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a privilege escalation path associated with group administrators has been identified. It is possible for a group administrator to elevate a group members permissions to the role of an organization administrator.
Organizations from the Middle East and Africa have typically escaped public ransoms, but that's changing amid heightened geopolitical conflicts and digitalization initiatives.
In a rare instance of an overseas arrest of ransomware perpetrators, four other high-profile gang members were also seized.
Okta upped its original estimate of customer support users affected by a recent breach from 1 percent to 100 percent, citing a “discrepancy.”
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it's responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack has been attributed to an Iranian-backed hacktivist collective known as Cyber Av3ngers. "Cyber threat
WordPress Royal Elementor Addons and Templates plugin versions prior to 1.3.79 suffer from a remote shell upload vulnerability.
Red Hat Security Advisory 2023-7540-01 - An update for curl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.
A server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary content, potentially altering configuration. This is possible through the certificate validation functionality where the API accepts uploaded content and doesn't parse for invalid data