Aggregator

Крупные компании, использующие платформу, могут стать мишенью атак.

《加州消费者隐私法案》（CCPA）赋予消费者对企业收集的个人信息的更多控制权，CCPA 条例则为如何实施该法律提供了指导。

Businesses face increasing pressure to maintain compliance across regions, mitigate risks and improve consumer protection and stakeholder trust. 

The post Spotlight on Regulatory Compliance: The Challenges Your IT and Security Teams May Face  appeared first on Security Boulevard.

Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report

A vulnerability, which was classified as critical, has been found in Microsoft Edge. This issue affects some unknown processing of the component Scripting Engine. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2016-3386. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in Kriesi Enfold Plugin up to 6.0.9 on WordPress. This affects an unknown part. The manipulation of the argument attachment_id leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2024-13695. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in Kriesi Enfold Plugin up to 6.0.9 on WordPress. This vulnerability affects unknown code of the file avia-export-class.php of the component Setting Handler. The manipulation leads to improper access controls. This vulnerability was named CVE-2024-13693. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Blackmagic Design DaVinci Resolve up to 19.1.2 on macOS. It has been classified as problematic. Affected is an unknown function of the component File Permission Handler. The manipulation leads to incorrect privilege assignment. This vulnerability is traded as CVE-2025-1413. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in yawaveadmin Yawave Plugin up to 2.9.1 on WordPress and classified as critical. This vulnerability affects unknown code. The manipulation of the argument lbid leads to sql injection. This vulnerability was named CVE-2025-1648. The attack can be initiated remotely. There is no exploit available.