Microsoft misconfigurations expose millions of records globally
Monday, November 18, 2024 by Freeman Lightner
In September 2024, significant data exposure was discovered within Microsoft Power Pages, a low-code SaaS platform, due to misconfigured access controls. The exposure, which potentially affected millions of individuals, highlights the risks associated with excessive permissions granted to the platform's "Anonymous" and "Authenticated" user roles....
Open source AI chatbot privacy issues addressed by Sendbird
Tuesday, December 12, 2023 by Richard Harris
Last month Sendbird became the first communications API platform to integrate Llama2, Meta’s open source LLM. By adding support for Llama2, on top of existing ChatGPT and PaLM-2 integrations, Sendbird became the first platform of its kind to offer organizations greater flexibility for their integration of generative AI chatbots. By doing so, companies can choose t...
API security risks report exposes Netflix and Wordpress
Monday, November 27, 2023 by Richard Harris
Wallarm, the end-to-end API and app security company, announced the release of its Q3-2023 Wallarm API ThreatStats report. The quarterly report details the surge in threats centered around APIs and uncovers critical vulnerabilities, like injections and API data leaks, that have recently impacted leading firms, including Netflix, VMware, and SAP.
The new report i...
Data privacy predictions from Ground Labs
Monday, January 17, 2022 by Freeman Lightner
As Ground Labs Co-Founder, Stephen Cavey leads a global team empowering enterprise partners to discover, manage and secure sensitive data across their organizations.
Stephen has deep security domain expertise with a focus on electronic payments and data security compliance. He is a frequent speaker at industry events such as PrivSec Global, and his expert analy...
5 mistakes businesses make in application development
Friday, October 23, 2020 by Mayur S Shah
5 Mistakes Businesses Make While Prioritizing Speed Over Security in Application Development
Earlier this year, the Democratic party in Iowa announced its plans to use a smartphone app to calculate and transmit their caucus results. One would think that by using technology to improve the speed of governance, what could possibly go wrong? A lot, apparently. The a...
Detecting PII and sensitive data in motion becomes a reality
Tuesday, March 19, 2019 by Richard Harris
Io-Tahoe has released the latest version of its Smart Data Discovery platform, Smart Streaming Discovery - with the ability to perform real-time data discovery on a wide range of streaming data. The capability, believed to be the first of its kind, allows Io-Tahoe’s customers to discover PII (Personally Identifiable Information) and other sensitive data “in ...
Enterprise threat dubbed HospitalGown infests thousands of apps
Tuesday, June 6, 2017 by Richard Harris
Appthority, an enterprise mobile threat protection company, published research on a newly discovered backend data exposure vulnerability, dubbed HospitalGown, that highlights the connection between mobile apps and insecure backend databases containing enterprise data. Appthority documented more than 1,000 apps with this vulnerability, and researched in detail 39 applica...
80 percent of web apps have security flaws
Tuesday, February 14, 2017 by Richard Harris
Data collected by Contrast Labs has revealed that sensitive data exposures, which include missing and weak encryption, are the top vulnerability plaguing 69 percent of web applications and accounting for 26 percent of all vulnerabilities. Their research has also found that 80 percent of tested software applications had at least one vulnerability, with an average of 45 v...
Mitigating Data Exposure Risks on z Systems
Friday, February 19, 2016 by Richard Harris
We visited with Ashok Reddy, CA Technologies’ General Manager – Mainframe, to discuss how the CA Data Content Discovery helps identify data exposure risks on z Systems and reduces these risks by scanning through the mainframe data infrastructure so that the right business decisions can be made to secure, encrypt, archive, or delete the data identified based on its sensi...
Red Hat Satellite is Updated for Container Management, Security and Provisioning
Friday, August 21, 2015 by Richard Harris
Red Hat has announced the general availability of Red Hat Satellite 6.1, Red Hat’s systems management solution for managing Red Hat infrastructure. New additions to the platform bring upgraded security enhancements, enhanced discovery and container management capabilities across physical, virtual and cloud environments. Container ManagementTo support new cont...
