Aggregator

这是非常典型的云上软件供应链安全漏洞导致的严重数据泄漏风险

这是非常典型的云上软件供应链安全漏洞导致的严重数据泄漏风险

CEO Satya Nadella Highlights DeepSeek-R1 Model, AI Cost Reductions, Future Growth
Microsoft CEO Satya Nadella said AI scaling laws, compounded by Moore’s Law, are accelerating efficiency gains, with a 10x improvement per model generation. He revealed Microsoft’s strategy for optimizing AI costs and highlights DeepSeek-R1’s availability on Azure AI Foundry and GitHub.

Tips on Relationships and Empathy That CISOs Should Know Before the Next Crisis
Emotional Intelligence is the ability to recognize, understand, manage and influence both your own emotions and those of others. It encompasses five key areas: self-awareness, self-regulation, motivation, empathy and social skills that enable leaders to build trust and manage teams effectively.

7 Proposed Class Actions Filed Against Allegheny Health Network and IntraSystems
A Pittsburgh-based healthcare system and its Massachusetts-based IT services firm are facing at least seven proposed federal class action lawsuits involving a data theft - reported on Jan. 17 - affecting about 293,000 people. The hack is the latest major breach involving a business associate.

Deal Brings Third-Party Data Ingestion, Risk Prioritization, Automated Workflows
Tenable has acquired Vulcan Cyber to bolster its exposure management strategy, integrating third-party asset data, AI-powered risk prioritization, and automated remediation workflows into Tenable One. The $150 million purchase aims to provide enterprises with a unified risk management platform.

Data Storage in China Sparks Privacy Concerns
Italian data regulator Garante launched an inquiry into data storage and processing practices of Chinese generative AI model DeepSeek following the Friday public debut of its R1 reasoning model. The DeepSeek app is no longer available in the Apple and Google app stores in Italy.

CEO Satya Nadella Highlights DeepSeek-R1 Model, AI Cost Reductions, Future Growth
Microsoft CEO Satya Nadella said AI scaling laws, compounded by Moore’s Law, are accelerating efficiency gains, with a 10x improvement per model generation. He revealed Microsoft’s strategy for optimizing AI costs and highlights DeepSeek-R1’s availability on Azure AI Foundry and GitHub.

A CVSS score 5.5 AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L severity vulnerability discovered by 'Alain Rodel, Daniel Kilimnik, Kolja Grassmann (Neodyme AG)' was reported to the affected vendor on: 2025-01-30, 5 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2025-01-30, 34 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 6.3 AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L severity vulnerability discovered by 'Alain Rodel, Daniel Kilimnik, Kolja Grassmann (Neodyme AG)' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'anonymous' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.0 AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Aliakbar Zahravi' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Nikolai Skliarenko and Alex Williams of Trend Micro Security Research' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 8.8 AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H severity vulnerability discovered by 'Micky Thongam - HackSys Inc' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Alex Williams of Trend Micro Security Research' was reported to the affected vendor on: 2025-01-30, 35 days ago. The vendor is given until 2025-05-30 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.