Insider Data Leaks: A Growing Enterprise Threat

Subscribe to Newsletters

Earn (ISC)2 CPEs at Interop Digital, April 29

More Informa Tech Live Events

White Papers

What Elite Threat Hunters See That Others Miss: Case Study

How to Optimize Your Windows 10 Defense Strategy

Top Threats to Cloud Computing: The Egregious 11

Lessons Learned Investigating the SUNBURST Software Supply Chain Attack

Addressing Complexity and Expertise in Application Security Testing

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: “See? I told you no one understands Linux.”

Cartoon Archive

Current Issue

2021 Top Enterprise IT TrendsWe’ve identified the key trends that are poised to impact the IT landscape in 2021. Find out why they’re important and how they will affect you today!

Back Issues | Must Reads

Flash Poll

All Polls

How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.

Download Now!

Assessing Cybersecurity Risk in Today’s Enterprises

0 comments

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

More Reports

Twitter Feed

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database
CVE-2021-20089
PUBLISHED: 2021-04-23

Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’) in purl 2.3.2 allows a malicious user to inject properties into Object.prototype.

CVE-2021-29470
PUBLISHED: 2021-04-23

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An att…

CVE-2021-20085
PUBLISHED: 2021-04-23

Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’) in backbone-query-parameters 0.4.0 allows a malicious user to inject properties into Object.prototype.

CVE-2021-20086
PUBLISHED: 2021-04-23

Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’) in jquery-bbq 1.2.1 allows a malicious user to inject properties into Object.prototype.

CVE-2021-20083
PUBLISHED: 2021-04-23

Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’) in jquery-plugin-query-object 2.2.3 allows a malicious user to inject properties into Object.prototype.

The post Insider Data Leaks: A Growing Enterprise Threat appeared first on Malware Devil.

https://malwaredevil.com/2021/04/23/insider-data-leaks-a-growing-enterprise-threat/?utm_source=rss&utm_medium=rss&utm_campaign=insider-data-leaks-a-growing-enterprise-threat