Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

The Value of AI-Powered Identity

Introduction Artificial intelligence (AI) deepfakes and misinformation may cause worry in the world of technology and investment, but this powerful, foundational technology has the potential to benefit organizations of all kinds when harnessed appropriately. In the world of cybersecurity, one of the most important areas of application of AI is augmenting and enhancing identity management

The Hacker News
#mac#git#intel#auth#The Hacker News
Salt Typhoon APT Subverts Law Enforcement Wiretapping: Report

The Chinese state-sponsored cyberattack threat managed to infiltrate the "lawful intercept" network connections that police use in criminal investigations.

ABB Cylon Aspect 3.08.00 syslogSwitch.php Remote Code Execution

ABB Cylon Aspect versions 3.08.00 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the SYSLOG HTTP POST parameter called by the syslogSwitch.php script.

ABB Cylon Aspect 3.08.01 caldavUtil.php Remote Code Execution

ABB Cylon Aspect versions 3.08.01 and below suffer from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the Footer HTTP POST parameter called by the caldavUtil.php script.

What the White House Should Do Next for Cyber Regulation

Creating a new office of cyber-regulation strategy is the government's best opportunity to improve security and to protect Americans in an increasingly dangerous world.

ABB Cylon Aspect 3.08.00 setTimeServer.php Remote Code Execution

ABB Cylon Aspect versions 3.08.00 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the timeserver HTTP POST parameter called by the setTimeServer.php script.

ABB Cylon Aspect 3.08.01 logYumLookup.php Unauthenticated File Disclosure

ABB Cylon Aspect versions 3.08.01 and below suffer from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the logFile GET parameter via the logYumLookup.php script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

China’s Salt Typhoon Hacks AT&T and Verizon, Accessing Wiretap Data: Report

China’s Salt Typhoon hacked AT&T, Verizon, and Lumen, compromising wiretap systems used in criminal investigations. The breach, linked…

Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually

Organizations are losing between $94 - $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlights that these security threats account for up to 11.8% of global cyber events and losses, emphasizing the escalating