TSEC NEWS: 16.04.21 - mehr Fenster öffnen sich im neuen Tab ||| cooming soon - 1. TSec-Accounts 2.comments 3. personalized feed... if i have the time

❈ Integrity: How It’s More than Just Data Security and FIM

IT Security Nachrichten tripwire.com

Integrity is a word thrown around a lot in the cybersecurity space. That’s not surprising. It is one of the three components that make up the CIA Triad, after all. However, the meaning and use of the word has been relatively limited in many security circles up until now. Let’s take a look at the […]… Read More

The post Integrity: How It’s More than Just Data Security and FIM appeared first on The State of Security.

...


Kompletten Artikel lesen (externe Quelle: https://www.tripwire.com/state-of-security/security-data-protection/integrity-how-its-more-than-just-data-security-and-fim/)

Zur Team IT Security IT Sicherheit Nachrichtenportal Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

Diving Deep Into a Pwn2Own Winning WebKit Bug

vom 421.77 Punkte
Pwn2Own Tokyo just completed, and it got me thinking about a WebKit bug used by the team of Fluoroacetate (Amat Cama and Richard Zhu) at this year’s Pwn2Own in Vancouver. It was a part of the chain that earned them $55,000 and was a nifty piece of

CVE-2020-0932: Remote Code Execution on Microsoft SharePoint Using TypeConverters

vom 318.81 Punkte
In April 2020, Microsoft released four Critical and two Important-rated patches to fix remote code execution bugs in Microsoft SharePoint. All these are deserialization bugs. Two came through the ZDI program from an anonymous researcher: CVE-2020-0931

CVE-2020-0729: Remote Code Execution Through .LNK Files

vom 290.63 Punkte
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, John Simpson and Pengsu Cheng of the Trend Micro Research Team detail a recent remote code execution bug in Microsoft Windows .LNK files. The following is a portion of

ConstraintLayout 2.0.0 beta 7

vom 258.15 Punkte
We are happy to announce the release of ConstraintLayout 2.0 beta 7. It’s available from the google maven repository:dependencies {    implementation 'androidx.constraintlayout:constraintlayout:2.0.0-beta7'}or if using the android.support packages:dependencies {    implementation 'com.android.support.constraint:constraint

Deobfuscating/REversing Remcos - AutoIt, Shellcode, and RunPE

vom 230.94 Punkte
Remcos is a robust RAT actively being used in the wild. This multi-staged/evasive RAT provides powerful functionality to an attacker. Each stage is written in a different language: AutoIt -> Shellcode -> C++. I wanted to explore both the evasiven

Local Privilege Escalation in Win32k.sys Through Indexed Color Palettes

vom 228.44 Punkte
This is the second in our series of Top 5 interesting cases from 2019. Each of these bugs has some element that sets them apart from the more than 1,000 advisories released by the program this year. Today’s blog looks a local privilege escalation in t

ConstraintLayout 2.0.0 beta 2

vom 218.61 Punkte
We are happy to announce the release of ConstraintLayout 2.0 beta 2. It’s available from the google maven repository: dependencies {    implementation 'com.android.support.constraint:constraint-layout:2.0.0-beta2'} or if using the AndroidX packages: dependencies {    implementation 'androidx.con

Celebrating International Women’s Day with 21 tech trailblazers

vom 216.78 Punkte
Posted by The Google Developers Team Today we are celebrating International Women’s Day by highlighting a series of 21 tech trailblazers who are making significant strides in the developer community. Many of the women we interviewed are directly involved with our educational outreach and inclusivity programs like Google Developer Groups and Women Techmakers while others are Google Developers

Privilege Escalation Via the Core Shell COM Registrar Object

vom 210.86 Punkte
This final post in our series on interesting vulnerabilities from 2019 highlights an elegant local escalation of privilege (LPE) bug affecting Windows 10. It was submitted to us by an anonymous researcher and has the identifier CVE-2019-1184. Exploiting this vulnerability allows a sandboxed process running at low integrity

MindShaRE: Hardware Reversing with the TP-Link TL-WR841N Router

vom 205.97 Punkte
In early 2019, we received a bug submission from a new researcher affecting the TP-Link TL-WR841N Router. While this vulnerability is still in disclosure phase, we would like to share lessons learned when we were vetting this submission. TL-WR841N

ConstraintLayout 2.0.0 beta 5

vom 199.58 Punkte
We are happy to announce the release of ConstraintLayout 2.0 beta 5. It’s available from the google maven repository:dependencies {    implementation 'androidx.constraintlayout:constraintlayout:2.0.0-beta5'}or if using the android.support packages:dependencies {    implementation 'com.android.support.constraint:constraint

Towards ML Engineering: A Brief History Of TensorFlow Extended (TFX)

vom 196.97 Punkte
Posted by Konstantinos (Gus) Katsiapis on behalf of the TFX TeamTable of ContentsAbstractWhere We Are Coming FromLessons From Our 10+ Year Journey Of ML Platform EvolutionWhere We Are GoingA Joint JourneyAbstractSoftware Engineering, as a discipline, has matured over the past 5+ decades. The mod

Team Security Diskussion über Integrity: How It’s More than Just Data Security and FIM