Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-23849PUBLISHED: 2023-02-06
Versions of Coverity Connect prior to 2022.12.0 are vulnerable to an unauthenticated Cross-Site Scripting vulnerability. Any web service hosted on the same sub domain can set a cookie for the whole subdomain which can be used to bypass other mitigations in place for malicious purposes. CVSS:3.1/AV:N...
CVE-2022-28923PUBLISHED: 2023-02-06Caddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs.
CVE-2022-3229PUBLISHED: 2023-02-06
Because the web management interface for Unified Intents' Unified Remote solution does not itself require authentication, a remote, unauthenticated attacker can change or disable authentication requirements for the Unified Remote protocol, and leverage this now-unauthenticated access to run code of ...
CVE-2022-44617PUBLISHED: 2023-02-06A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.
CVE-2022-46496PUBLISHED: 2023-02-06BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate.
User Rank: Apprentice
1/13/2014 | 9:15:02 AM
Protecting your patterns
Hopefully, it won't come to the point of a breach in the first place. IBM and its partners are layering in "always aware" intelligence. You can't be in two places at once. So, if the smartphone you accidentally left at a restaurant is being fondled by fraudulent fingers, the pervasive system will recognize the offender's different touch pattern (even if your phone is unlocked) and lock your account.
In another example, imagine two purchases: $40 at a gas station, and $4,000 at Tiffany & Co. Today's fraud monitoring might see the diamond purchase as highly suspicious, and ignore the charge at the pump. But your digital guardian will know that your car has a near-full tank of fuel; that you don't usually re-fuel until you're down to about one quarter tank; not to mention that you're at the office when this charge appears. It will also know that you've been shopping for an engagement ring and have been spending your lunch hour window shopping outside the store.
This and other emerging learning systems will know you, help you, and protect you as we continue to generate more and more data, and put more and more of our lives online.