HackDig : Dig high-quality web security articles for hackers

Shared memory flaw in IBM Db2 can lead to Information Disclosure

IBM addressed a shared memory vulnerability in its Db2 data management solutions that could lead to information disclosure. IBM fixed a shared memory vulnerability in its Db2 data management products that can be exploited by malicious local users to access sensitive data. The vulnerability, which is tracked as CVE-2020-4414, was discovered by researche
Publish At:2020-08-20 15:30 | Read:377 | Comments:0 | Tags:Breaking News Hacking Security DB2 hacking news IBM informat

A week in security (June 22 – 28)

Last week on Malwarebytes Labs, we provided a zero-day guide for 2020 featuring recent attacks and advanced preventive techniques, and we learned how to cough in the face of scammers, offering security tips for the 2020 tax season. We also looked at a web skimmer hiding within EXIF metadata that was exfiltrating credit cards via image files. In the most r
Publish At:2020-06-29 13:21 | Read:563 | Comments:0 | Tags:A week in security BlueLeaks Google IBM image files Lucifer

Facial recognition: tech giants take a step back

Last week, a few major tech companies informed the public that they will not provide facial recognition software to law enforcement. These companies are concerned about the way in which their technology might be used. What happens when software that threatens our privacy falls into the hands of organization which we no longer trust? In general, being awar
Publish At:2020-06-18 13:50 | Read:544 | Comments:0 | Tags:Artificial Intelligence Privacy ACLU AI amazon biometrics EF

Tech firms suspend use of ‘biased’ facial recognition technology

Amazon, IBM and now Microsoft ban the sale of facial recognition technology to police departments and are urging for federal laws to regulate its use. Microsoft has joined Amazon and IBM in banning the sale of facial recognition technology to police departments, the tech giants are also urging for federal laws to regulate the use of these solutions. Mi
Publish At:2020-06-14 15:48 | Read:660 | Comments:0 | Tags:Breaking News Digital ID Amazon IBM information security new

Two Critical Remote Code Execution flaws fixed in IBM WebSphere

IBM has addressed two critical vulnerabilities in IBM WebSphere Application Server that could allow a remote attacker to execute arbitrary code. In April, a security researcher who goes online with the moniker ‘tint0’ discovered three serious deserialization issues affecting the IBM WebSphere Application Server. Two of the vulnerabilities (
Publish At:2020-06-09 12:10 | Read:403 | Comments:0 | Tags:Breaking News Security Hacking IBM IBM WebSphere information

Attacks Targeting ICS & OT Assets Grew 2000% Since 2018, Report Reveals

The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out that 58% of IT security professionals were more concerned about the security of their employees’ home networks than they were before the outbreak of coronavirus 2019 (COVID-19). Slightly fewer percenta
Publish At:2020-05-24 09:52 | Read:478 | Comments:0 | Tags:IT Security and Data Protection IBM ics operational technolo

Expert discloses 4 zero-days in IBM Data Risk Manager

A security researcher disclosed details of four zero-day flaws impacting an IBM security product after the IT giant refused to address them. The security researcher Pedro Ribeiro, Director of Research at Agile Information Security, has published details about four zero-day vulnerabilities affecting the IBM Data Risk Manager (IDRM) after the company refuse
Publish At:2020-04-21 10:49 | Read:741 | Comments:0 | Tags:Breaking News Hacking hacking news IBM information security

The Power and Versatility of Pervasive Encryption

As cyberthreats make headlines, companies across the globe are working hard to develop efficient IT infrastructures capable of protecting sensitive data and maintaining compliance with privacy regulations. Although it checks both of these boxes, many organizations have been hesitant to adopt encryption due to cost, operational impact, the complexity of key m
Publish At:2017-11-04 02:00 | Read:5232 | Comments:0 | Tags:Data Protection Mainframe Application Security Encryption En

Nine More NCSAM Tips for Cybersecurity Professionals: Week Four

What have you learned during National Cybersecurity Awareness Month (NCSAM) that could help drive change in your organization? We’ve featured 22 tips so far, so there should be at least a few things for you to work on. Maybe your company needs to revamp its cybersecurity training or do a better job managing data. As with anything in life, there is alwa
Publish At:2017-11-01 00:20 | Read:5562 | Comments:0 | Tags:Risk Management Cybersecurity IBM IBM Security National Cybe

IBM Experts Weigh In on the Value of an Industry-Focused Approach to Security

To more closely align with the way clients think about security, IBM Security is focused on providing an open security immune system that enables organizations to integrate and leverage the investments they have already made within their specific industry. Experts Discuss the Benefits of an Industry-Focused Security Strategy We consulted six experts from the
Publish At:2017-08-30 20:10 | Read:5921 | Comments:0 | Tags:Industries Automotive Industry Cloud Cloud Security Energy a

IDaaS Vendors: IBM Cloud Identity Service Named Market Leader in Six Recent Analyst Reports

Not one, not two, but six of the most recent analyst reports evaluating the major Identity and Access Management-as-a-Service (IDaaS) vendors positioned IBM Cloud Identity Service as an overall market leader in cloud-based identity and access management (IAM). The market is crowded with both startups and large IDaaS vendors, making this is a big win for IBM
Publish At:2017-08-16 09:00 | Read:4103 | Comments:0 | Tags:Cloud Security Identity & Access Security Services Cloud Ide

Pervasive Encryption Simplifies Mainframe Security

On July 17, IBM unveiled its z14 mainframe server, which combines the traditional mainframe hardware with new capabilities in areas such as cloud, cognitive, analytics, application management, blockchain, machine learning and more. Most importantly, z14 includes enhanced security features — namely, pervasive encryption — to help clients stay one step ahead
Publish At:2017-08-04 20:10 | Read:7180 | Comments:0 | Tags:Data Protection Mainframe Application Security Encryption En

Accelerate Response With Orchestration

Organizations today are battling three compounding challenges: complex cyberattacks that shift as they unfold, complicated technology environments and a fast-growing skills gap. As a result, technologies and processes that enable a dynamic, fast and orchestrated response are becoming vital. IBM Resilient has many enterprise deployments around the world spa
Publish At:2017-07-28 03:30 | Read:3869 | Comments:0 | Tags:Incident Response IBM IBM Security Incident Response (IR) Re

Hello, My Name Is Space Rogue

IBM X-Force Red marked its first-year anniversary with the addition of security specialists, including Space Rogue, who increases the team’s impressive roster of talent. Hello, my name is Space Rogue. Well, actually, it’s Cris Thomas, but the security community is most likely to recognize my work over the past two decades under my pseudonym. The
Publish At:2017-07-28 03:30 | Read:8486 | Comments:0 | Tags:Application Security Security Services X-Force Research IBM

IBM X-Force Red Turns 1, Expands Into Auto and IoT Practice Areas

Earlier this year, I gave a talk at the RSA Conference about the privacy and security flaws in many of today’s connected cars. The response was nothing short of astounding. As it turns out, people get very nervous when you talk about finding and controlling their cars from a mobile phone. While I didn’t initially set out to find vulnerabilities i
Publish At:2017-07-24 17:25 | Read:4163 | Comments:0 | Tags:Application Security Industries Software & App Vulnerabiliti

Tools

Tag Cloud