Vulnerability Disclosure Archives - Elteni https://www.elteni.com/category/vulnerability-disclosure/ Cybersecurity Consulting and Advisory Wed, 09 Feb 2022 22:48:34 +0000 en-US hourly 1 https://www.elteni.com/wp-content/uploads/2019/11/Circle-1x1-50x50.png Vulnerability Disclosure Archives - Elteni https://www.elteni.com/category/vulnerability-disclosure/ 32 32 The SEC proposes new Cybersecurity rules https://www.elteni.com/the-sec-proposes-new-cybersecurity-rules/ Wed, 09 Feb 2022 22:48:34 +0000 https://www.elteni.com/?p=19463 Earlier today the Securities and Exchange Commission voted to propose rules related to cybersecurity risk management for registered investment advisers, and registered investment companies and business development companies (funds), as well as amendments to certain rules that govern investment adviser and fund disclosures. The SEC Chair Gary Genlser stated that the proposed rules and amendments

The post The SEC proposes new Cybersecurity rules appeared first on Elteni.

]]> 19463 SEC Charges First American Financial Corporation With Cybersecurity Disclosure Controls Failures https://www.elteni.com/sec-charges-first-american-financial-corporation-with-cybersecurity-disclosure-controls-failures/ Tue, 15 Jun 2021 16:53:23 +0000 https://www.elteni.com/?p=19414 On June 15, 2021 “The Securities and Exchange Commission (“SEC”) announced settled charges against real estate settlement services company First American Financial Corporation for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information.” On May 24, 2019, Brian Krebs notified First American Financial Corporation of a vulnerability with its

The post SEC Charges First American Financial Corporation With Cybersecurity Disclosure Controls Failures appeared first on Elteni.

]]> 19414 Palo Alto Networks Vulnerability – CVE-2020-2021 https://www.elteni.com/palo-alto-networks-vulnerability-cve-2020-2021/ Wed, 01 Jul 2020 16:35:23 +0000 https://www.elteni.com/?p=17670 On June 29, 2020 Palo Alto Networks published a notice about a critical vulnerability affecting their devices. https://security.paloaltonetworks.com/CVE-2020-2021. The vulnerability, which is listed as an issue affecting the way SAML (Security Assertion Markup Language) authentication happens, can be exploited by remote attackers to gain access to the device. Dissecting this vulnerability, Palo Alto states that

The post Palo Alto Networks Vulnerability – CVE-2020-2021 appeared first on Elteni.

]]> 17670 Information Leakage and Improper Error Handling vulnerability found in Axcient / eFolder Synced Tool https://www.elteni.com/information-leakage-and-improper-error-handling-vulnerability-found-in-axcient-efolder-synced-tool/ Thu, 09 Jan 2020 03:16:25 +0000 https://www.elteni.com/?p=17443 This vulnerability was responsibly disclosed to Axcient/Anchor on November 4, 2019. Affected versions: > 2.7.1.1498 During a penetration test we came across a file sharing application called SynedTool. When performing some of the more simpler tests we identified that this application is vulnerable to an Information Leakage and Improper Error Handling vulnerability. The application allows

The post Information Leakage and Improper Error Handling vulnerability found in Axcient / eFolder Synced Tool appeared first on Elteni.

]]> 17443