Remove Access Remove Definition Remove Manufacturing
article thumbnail

U.S. CISA adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog

Security Affairs

Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don’t explicitly check user’s permissions because they rely on the configuration of their endpoints).” addressed the flaw. reads the advisory.

IT 103
article thumbnail

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Security Affairs

North Korea-linked APT group Lazarus was spotted exploiting Log4j vulnerabilities to deploy previously undocumented remote access trojans. The North Korea-linked APT group Lazarus is behind a new hacking campaign that exploits Log4j vulnerabilities to deploy previously undocumented remote access trojans (RATs).

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

California Enacts Amendments to the CCPA and Other New Laws

Hunton Privacy

947 amends the California Consumer Privacy Act of 2018’s (“CCPA”) definition of “sensitive personal information” to include personal information that reveals a consumer’s “citizenship or immigration status,” while A.B.

article thumbnail

Researchers warn of a new critical Apache OFBiz flaw

Security Affairs

“Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don’t explicitly check user’s permissions because they rely on the configuration of their endpoints).” addressed the flaw. ” reads the advisory.

article thumbnail

The proposed EU Cyber Resilience Act: what it is and how it may impact the supply chain

Data Protection Report

The CRA introduces common cybersecurity rules for manufacturers, developers and distributors of products with digital elements, covering both hardware and software. Manufacturers of products must also comply with various requirements relating to the handling of vulnerabilities which are set out in section 2 of Annex I of the CRA.

article thumbnail

Autonomous Vehicles – Canada’s Current Legal Framework: Privacy (Part 4)

Data Protection Report

Across the globe, the race is already underway among vehicle manufacturers to develop fully autonomous vehicles (AVs). In this post, we will describe some of the risks introduced by personal information collection, and some of the legal obligations of vehicle manufacturers in protecting their customers’ privacy.

Privacy 85
article thumbnail

Don’t trust links with known domains: BMW affected by redirect vulnerability

Security Affairs

They were used to access the internal workplace systems for BMW dealers and could have been useful to attackers for spear-phishing campaigns or malware distribution. If you open the link and enter your credentials, attackers suddenly gain access to deploy ransomware or for other deeds.

Phishing 126