disclosure – Page 19 – Experimental News Clipping Site

Hacker News: Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History

Jan 29, 2025

—

by

Source URL: https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak Source: Hacker News Title: Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses a critical security vulnerability identified in DeepSeek’s publicly accessible ClickHouse database, which exposed sensitive information related to AI operations. Wiz Research’s responsible disclosure of an unprotected database…

Cisco Talos Blog: Whatsup Gold, Observium and Offis vulnerabilities

Jan 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/whatsup-gold-observium-offis-vulnerabilities/ Source: Cisco Talos Blog Title: Whatsup Gold, Observium and Offis vulnerabilities Feedly Summary: Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold. These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries and applications…

Hacker News: New Apple CPU side-channel attacks steals data from browsers

Jan 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/ Source: Hacker News Title: New Apple CPU side-channel attacks steals data from browsers Feedly Summary: Comments AI Summary and Description: Yes Summary: A recent disclosure by security researchers reveals critical side-channel vulnerabilities in modern Apple processors, specifically regarding the FLOP and SLAP attacks. These flaws exploit speculative execution mechanisms to leak sensitive…

Bulletins: Vulnerability Summary for the Week of December 16, 2024

Jan 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb24-358 Source: Bulletins Title: Vulnerability Summary for the Week of December 16, 2024 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Attendance Tracking Management System A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical. Affected by this vulnerability is…

Bulletins: Vulnerability Summary for the Week of January 20, 2025

Jan 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-026 Source: Bulletins Title: Vulnerability Summary for the Week of January 20, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info aEnrich Technology–a+HRD The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database…

Bulletins: Vulnerability Summary for the Week of December 2, 2024

Jan 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb24-344 Source: Bulletins Title: Vulnerability Summary for the Week of December 2, 2024 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description8 Published CVSS Score Source Info SailPoint Technologies–IdentityIQ IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2…

Hacker News: Texas Is Enforcing Its State Data Privacy Law. So Should Other States

Jan 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.eff.org/deeplinks/2025/01/texas-enforcing-its-state-data-privacy-law-so-should-other-states Source: Hacker News Title: Texas Is Enforcing Its State Data Privacy Law. So Should Other States Feedly Summary: Comments AI Summary and Description: Yes Summary: The provided text discusses the Texas Attorney General’s lawsuit against Allstate Corporation for alleged violations of the Texas Data Privacy and Security Act (TDPSA), specifically regarding the…

The Register: One of Salt Typhoon’s favorite flaws still wide open on 91% of at-risk Exchange Servers

Jan 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/23/proxylogon_flaw_salt_typhoons_open/ Source: The Register Title: One of Salt Typhoon’s favorite flaws still wide open on 91% of at-risk Exchange Servers Feedly Summary: But we mean, you’ve had nearly four years to patch One of the critical security flaws exploited by China’s Salt Typhoon to breach US telecom and government networks has had a…

The Register: Asus lets processor security fix slip out early, AMD confirms patch in progress

Jan 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/23/asus_amd_processor_fix/ Source: The Register Title: Asus lets processor security fix slip out early, AMD confirms patch in progress Feedly Summary: Answers on a postcard to what ‘Microcode Signature Verification Vulnerability’ might mean AMD has confirmed at least some of its microprocessors suffer a microcode-related security vulnerability, the existence of which accidentally emerged this…

Slashdot: Microsoft’s LinkedIn Sued For Disclosing Customer Information To Train AI Models

Jan 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://yro.slashdot.org/story/25/01/22/236253/microsofts-linkedin-sued-for-disclosing-customer-information-to-train-ai-models?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Microsoft’s LinkedIn Sued For Disclosing Customer Information To Train AI Models Feedly Summary: AI Summary and Description: Yes **Summary:** The lawsuit against LinkedIn alleges unauthorized disclosure of private messages for generative AI training, raising significant concerns around privacy violations and improper handling of user data. This case underlines the…

Tag: disclosure