sensitive files – Page 2 – Experimental News Clipping Site

The Register: Hundreds of Dutch medical records bought for pocket change at flea market

Feb 19, 2025

—

by

Source URL: https://www.theregister.com/2025/02/19/hundreds_of_dutch_medical_records/ Source: The Register Title: Hundreds of Dutch medical records bought for pocket change at flea market Feedly Summary: 15GB of sensitive files traced back to former software biz Typically shoppers can expect to find tie-dye t-shirts, broken lamps and old disco records at flea markets, now it seems storage drives filled with…

Bulletins: Vulnerability Summary for the Week of February 3, 2025

Feb 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb25-041 Source: Bulletins Title: Vulnerability Summary for the Week of February 3, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info .TUBE gTLD–.TUBE Video Curator Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in .TUBE gTLD .TUBE Video Curator allows Reflected XSS. This issue affects…

Bulletins: Vulnerability Summary for the Week of December 16, 2024

Jan 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/bulletins/sb24-358 Source: Bulletins Title: Vulnerability Summary for the Week of December 16, 2024 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Attendance Tracking Management System A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical. Affected by this vulnerability is…

The Register: Who is DDoSing you? Rivals, probably, or cheesed-off users

Jan 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/23/who_is_ddosing_you_competitors/ Source: The Register Title: Who is DDoSing you? Rivals, probably, or cheesed-off users Feedly Summary: Plus: ‘Largest-ever’ duff traffic tsunami clocks in at 5.6 Tbps In addition to Chinese spies invading organizations’ networks and ransomware crews locking up sensitive files, botnets blasting distributed denial of service (DDoS) attacks can still cause a…

The Register: Six vulnerabilities in ubiquitous rsync tool announced and fixed in a day

Jan 17, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/17/rsync_vulnerabilities/ Source: The Register Title: Six vulnerabilities in ubiquitous rsync tool announced and fixed in a day Feedly Summary: Turns out tool does both file transfers and security fixes fast Don’t panic. Yes, there were a bunch of CVEs affecting potentially hundreds of thousands of users found in rsync in early December –…

The Register: Infoseccer: Private security biz let guard down, exposed 120K+ files

Jan 16, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/16/private_security_biz_lets_guard/ Source: The Register Title: Infoseccer: Private security biz let guard down, exposed 120K+ files Feedly Summary: Assist Security’s client list includes fashion icons, critical infrastructure orgs A London-based private security company allegedly left more than 120,000 files available online via an unsecured server, an infoseccer told The Register.… AI Summary and Description:…

The Register: FBI wipes Chinese PlugX malware from thousands of Windows PCs in America

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/14/fbi_french_cops_boot_chinas/ Source: The Register Title: FBI wipes Chinese PlugX malware from thousands of Windows PCs in America Feedly Summary: Hey, Xi: Zài jiàn! The FBI, working with French cops, obtained nine warrants to remotely wipe PlugX malware from thousands of Windows-based computers that had been infected by Chinese government-backed criminals, according to newly…

Microsoft Security Blog: Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/01/13/analyzing-cve-2024-44243-a-macos-system-integrity-protection-bypass-through-kernel-extensions/ Source: Microsoft Security Blog Title: Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions Feedly Summary: Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third party kernel extensions, which could lead to serious consequences, such as allowing attackers to install rootkits, create persistent…

The Register: PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files

Dec 6, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/12/06/mitel_micollab_0day/ Source: The Register Title: PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files Feedly Summary: Still unpatched 100+ days later, watchTowr says A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive…

Tag: sensitive files