data transfer | Breaking Cybersecurity News | The Hacker News

The maintainers of the  Curl library  have released an advisory warning of two security vulnerabilities that are expected to be addressed as part of an forthcoming update set for release on October 11, 2023. This  includes  a high-severity and a low-severity flaw tracked under the identifiers CVE-2023-38545 and CVE-2023-38546, respectively. Additional details about the issues and the exact version ranges impacted have been withheld owing to the possibility that the information could be used to "help identify the problem (area) with a very high accuracy." That said, the "last several years" of versions of the library are said to be affected.  "Sure, there is a minuscule risk that someone can find this (again) before we ship the patch, but this issue has stayed undetected for years for a reason," Daniel Stenberg, the lead developer behind the project, said in a message posted on GitHub. Curl, powered by libcurl, is a  popular command-line tool  for...

A lot of new online services are cropping up every day, making our life a lot easier. But it is always harder for users to switch to another product or service, which they think is better because the process usually involves downloading everything from one service and then re-uploading it all again to another. Thanks to GDPR—stands for General Data Protection Regulation, a legal regulation by European Union that sets guidelines for the collection and processing of users' personal information by companies—many online services have started providing tools that allow their users to download their data in just one click. But that doesn't completely simplify and streamline the process of securely transferring your data around services. To make this easier for users, four big tech companies— Google , Facebook , Microsoft , and Twitter —have teamed up to launch a new open-source, service-to-service data portability platform, called the Data Transfer Project . What is Dat...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...