home.social
Sign in Create account

#informationdisclosure — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #informationdisclosure, aggregated by home.social.

  1. Yonhap Infomax News @[email protected] ·

    Korea Hydro & Nuclear Power Co. secured the top rating in the 2025 public institution information disclosure assessment, highlighting its commitment to transparency and improved customer satisfaction.
    #YonhapInfomax #KoreaHydroNuclearPower #InformationDisclosure #MinistryOfTheInteriorAndSafety #CustomerSatisfaction #Transparency #Economics #FinancialMarkets #Banking #Securities #Bonds #StockMarket
    en.infomaxai.com/news/articleV

    #koreahydronuclearpower #informationdisclosure #ministryoftheinteriorandsafety #customersatisfaction #transparency #economics
  2. Yonhap Infomax News @[email protected] ·

    Korea Hydro & Nuclear Power Co. secured the top rating in the 2025 public institution information disclosure assessment, highlighting its commitment to transparency and improved customer satisfaction.
    #YonhapInfomax #KoreaHydroNuclearPower #InformationDisclosure #MinistryOfTheInteriorAndSafety #CustomerSatisfaction #Transparency #Economics #FinancialMarkets #Banking #Securities #Bonds #StockMarket
    en.infomaxai.com/news/articleV

    #yonhapinfomax #koreahydronuclearpower #informationdisclosure #ministryoftheinteriorandsafety #customersatisfaction #transparency
  3. Yonhap Infomax News @[email protected] ·

    Korea Hydro & Nuclear Power Co. secured the top rating in the 2025 public institution information disclosure assessment, highlighting its commitment to transparency and improved customer satisfaction.
    #YonhapInfomax #KoreaHydroNuclearPower #InformationDisclosure #MinistryOfTheInteriorAndSafety #CustomerSatisfaction #Transparency #Economics #FinancialMarkets #Banking #Securities #Bonds #StockMarket
    en.infomaxai.com/news/articleV

    #stockmarket #bonds #securities #banking #financialmarkets #economics
  4. Yonhap Infomax News @[email protected] ·

    Korea Hydro & Nuclear Power Co. secured the top rating in the 2025 public institution information disclosure assessment, highlighting its commitment to transparency and improved customer satisfaction.
    #YonhapInfomax #KoreaHydroNuclearPower #InformationDisclosure #MinistryOfTheInteriorAndSafety #CustomerSatisfaction #Transparency #Economics #FinancialMarkets #Banking #Securities #Bonds #StockMarket
    en.infomaxai.com/news/articleV

    #yonhapinfomax #koreahydronuclearpower #informationdisclosure #ministryoftheinteriorandsafety #customersatisfaction #transparency
  5. Pyrzout :vm: @[email protected] ·

    CERT-IN Warns About Critical Vulnerabilities in Palo Alto Networks Applications thecyberexpress.com/cert-in-vu #informationdisclosure #privilegeescalation #TheCyberExpressNews #CybersecurityNews #commandinjection #paloaltonetworks #securityadvisory #Vulnerabilities #TheCyberExpress #FirewallDaily #cybersecurity #GlobalProtect #CortexXSOAR #CERTIn #PANOS

    #informationdisclosure #privilegeescalation #thecyberexpressnews #cybersecuritynews #commandinjection #paloaltonetworks
  6. Pyrzout :vm: @[email protected] ·

    CERT-IN Warns About Critical Vulnerabilities in Palo Alto Networks Applications thecyberexpress.com/cert-in-vu #informationdisclosure #privilegeescalation #TheCyberExpressNews #CybersecurityNews #commandinjection #paloaltonetworks #securityadvisory #Vulnerabilities #TheCyberExpress #FirewallDaily #cybersecurity #GlobalProtect #CortexXSOAR #CERTIn #PANOS

    #panos #certin #cortexxsoar #globalprotect #cybersecurity #firewalldaily
  7. 🛡 [email protected]/:~# :blinking_cursor:​ @[email protected] ·

    Check Point Vulnerability Report: CVE-2024-24919

    Date: May 29, 2024

    CVE: CVE-2024-24919

    Vulnerability Type: Exposure of Sensitive Information to an Unauthorized Actor

    CWE: [[CWE-22]], [[CWE-425]]

    Sources: Check Point, [Tenable](CVE-2024-24919 | Tenable®) Tenable Blog

    Synopsis

    A critical vulnerability (CVE-2024-24919) has been identified in Check Point's CloudGuard Network Security appliance, allowing unauthorized actors to access sensitive information.

    Issue Summary

    The vulnerability, categorized as an 'Exposure of Sensitive Information to an Unauthorized Actor,' affects Check Point's CloudGuard Network Security appliances. Attackers can exploit this vulnerability to read sensitive information from gateways connected to the Internet and enabled with Remote Access VPN or Mobile Access. The flaw is actively exploited in the wild, making it a high-priority issue for administrators.

    Technical Key Findings

    The vulnerability arises from a path traversal issue in the appliance's handling of certain HTTP requests. Attackers can manipulate the request paths to access files on the device, bypassing standard access controls. The exploit involves sending crafted HTTP requests to the vulnerable endpoint, allowing unauthorized file reads.

    Vulnerable Products

    • Check Point CloudGuard Network Security appliances with Remote Access VPN or Mobile Access enabled.

    Impact Assessment

    Exploiting this vulnerability can lead to unauthorized access to sensitive information, such as configuration files and password hashes. This could potentially escalate to full system compromise if critical files are accessed and misused.

    Patches or Workaround

    Check Point has released a hotfix to address this vulnerability. Administrators are urged to apply the patch immediately. The company also recommends placing the vulnerable gateway behind another security gateway with IPS and SSL inspection enabled as a temporary mitigation.

    Tags

    #CheckPoint #CVE-2024-24919 #InformationDisclosure #PathTraversal #NetworkSecurity #CloudGuard #SecurityPatch #VulnerabilityManagement #threatintelligence

    #checkpoint #cve #informationdisclosure #pathtraversal #networksecurity #cloudguard
  8. 🛡 [email protected]/:~# :blinking_cursor:​ @[email protected] ·

    Wall-Escape Vulnerability Analysis: Implications and Mitigation Strategies

    Date: February 27, 2024
    CVE: CVE-2024-28085
    Vulnerability Type: [[Command Injection]]
    CWE: [[CWE-77]], [[CWE-78]], [[CWE-88]]
    Sources: [SANS Wall-Escape (CVE-2024-28085)](https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt

    Issue Summary

    Wall-Escape (CVE-2024-28085) unveils a critical flaw in the wall command from the util-linux package, allowing unprivileged users to execute command-line arguments without proper escape sequence filtering. This vulnerability has existed since 2013, posing a significant risk on systems where wall is setgid and mesg is set to 'y', notably Ubuntu 22.04 and Debian Bookworm.

    Technical Key findings

    The flaw arises from the mishandling of command-line arguments (argv), which are not sanitized for escape sequences. This oversight enables attackers to inject arbitrary text onto terminals of other users, potentially leading to information leakage or clipboard alteration. The vulnerability is exploitable through crafted wall command executions, leveraging system features to extract sensitive information such as user passwords.

    Vulnerable products

    • All versions of util-linux since 2013
    • Specifically impactful on:
      • Ubuntu 22.04
      • Debian Bookworm

    Impact assessment

    Successful exploitation can lead to unauthorized information disclosure and manipulation of terminal sessions. On Ubuntu 22.04, attackers can deceive users into revealing passwords. The vulnerability also enables clipboard content alteration on certain terminal emulators.

    Patches or workaround

    No specific patches were mentioned for CVE-2024-28085. Users are advised to restrict access to the wall command and monitor systems for unusual terminal behavior indicative of exploitation attempts.

    Tags

    #CVE-2024-28085 #CommandInjection #Ubuntu #Debian #InformationDisclosure #util-linux #TerminalSecurity

    #cve #commandinjection #ubuntu #debian #informationdisclosure #util
  9. Central Intelligence Agency :verified: @[email protected] ·
    CW: Freedom of Information Act (FOIA) Response - "FEMBOY" Bomb
    Dear Mr Putin,

    This letter is in response to your Freedom of Information Act (FOIA) request dated 30 June 2013, seeking information on the development and use of a weapon referred to as the "FEMBOY" bomb against the Russians.

    After a thorough search of our records, we can confirm the existence of documents related to the "FEMBOY" bomb within our agency. However, as per our standard policy, we cannot confirm or deny the operational status, development, or deployment of any specific weapons systems.

    It is essential to understand that the Central Intelligence Agency's activities and operations are subject to national security concerns and secrecy obligations. To protect the integrity of our operations and to safeguard sensitive information, certain matters cannot be disclosed, including those pertaining to classified weapons programs.

    Our response adheres to the provisions of the FOIA, which allows for the withholding of information that is exempt from public release, such as information related to national defense and intelligence sources.

    We appreciate your understanding of the need for confidentiality and security in such matters. If you have any further questions or require assistance with other FOIA requests, please don't hesitate to contact us.

    Sincerely,

    [REDACTED]
    Freedom of Information Act Officer
    Central Intelligence Agency (CIA)

    #FOIAResponse #CIA #Transparency #NationalSecurity #GovernmentDocuments #ClassifiedInformation #FOIARequest #InformationDisclosure #PublicInterest #Accountability #FreedomOfInformation #GovernmentOperations #NationalDefense #IntelligenceCommunity #Secrecy #Confidentiality
    #accountability #cia #classifiedinformation #confidentiality #foiarequest #foiaresponse