Month: August 2024

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog…

Read More

Privacy innovation is increasingly important for tech companies to balance compliance and progress, especially with regulations like the EU’s General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA). These laws require businesses to give consumers more control over their data, which means companies must prioritize privacy at every stage of development. Adopting a…

Read More

N/A — N/A   Python Pip Pandas v2.2.2 was discovered to contain an arbitrary file read vulnerability. 2024-08-23 not yet calculated CVE-2024-42992 cve@mitre.orgcve@mitre.org  Linux–Linux  In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() In zynq_qspi_exec_mem_op(), kzalloc() is directly used in memset(), which could lead to…

Read More

Iron Mountain’s InSight Digital Experience Platform, built on MongoDB Atlas, provides unified asset management services that span both digital data and physical documents. Information and document management service provider Iron Mountain has launched a new service for managing both digital information and paper documents based on the MongoDB Atlas database and MongoDB Atlas Vector Search…

Read More

While Intel moves to cut jobs and reduce spending by over $10 billion, the chipmaker unveils expanded AI PC partner benefits alongside a new AI PC contest that will award thousands of dollars in market development funds and other incentives to partners. Intel plans to give thousands of dollars in market development funds and other…

Read More

Image: MidjourneyMicrosoft is investigating an Exchange Online false positive issue causing emails containing images to be wrongly tagged as malicious and sent to quarantine. “Users’ email messages containing images may be incorrectly flagged as malware and quarantined,” Microsoft said in a service alert posted on the Microsoft 365 admin center two hours ago. “We’re reviewing…

Read More

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) has imposed a fine of  €290,000,000 ($325 million) on Uber Technologies Inc. and Uber B.V. over GDPR violations. The authority accuses Uber of transferring personal data from the European Economic Area (EEA) to servers in the United States without adequate safeguards, as defined by Chapter V of…

Read More

Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. Versa Director is a platform designed to help managed service providers simplify the design, automation, and delivery of SASE services, offering essential management, monitoring, and…

Read More

Aug 26, 2024Ravie LakshmananGDPR / Data Protection The Dutch Data Protection Authority (DPA) has fined Uber a record €290 million ($324 million) for allegedly failing to comply with European Union (E.U.) data protection standards when sending sensitive driver data to the U.S. “The Dutch DPA found that Uber transferred personal data of European taxi drivers…

Read More

Aug 26, 2024Ravie LakshmananVulnerability / Enterprise Security SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug. “An improper access control vulnerability…

Read More