Earlier this year, ESG published a research report focused on how enterprise organizations use threat intelligence as part of their overall cybersecurity strategy. The research project included a survey of 380 cybersecurity professionals working at enterprise organizations (i.e., more than 1,000 employees).
Survey respondents were asked questions about their organization’s cyber-threat intelligence (CTI) program – how it was staffed, what types of skills were most important, its challenges and strategies, spending plans, etc. I’ve written three previous blogs detailing the research. The first one gave an overview of enterprise threat intelligence programs. The second examined challenges with the threat intelligence lifecycle, and the third looked at the intersection between CTI and digital risk protection (DRP).
It was discovered that Jhead did not properly handle certain crafted images
while rotating them. An attacker could possibly use this issue to crash Jhead,
resulting in a denial of service. (CVE-2021-34055)
Kyle Brown discovered that Jhead did not properly handle certain crafted
images while regenerating the Exif thumbnail. An attacker could possibly use
this issue to execute arbitrary commands. (CVE-2022-41751)
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
