Patch/Configuration Management, Vulnerability Management

Microsoft issues an advisory for a SharePoint vulnerability

December 19, 2019

Microsoft issued an out of band security advisory for an information disclosure vulnerability in SharePoint Server.

The issue, CVE-2019-1491, is has an “important” severity rating and affects SharePoint Enterprise Server 2016, SharePoint Foundation 2010 Pack 2, SharePoint Foundation 2013 Pack 1 and SharePoint Server 2019.

If exploited the vulnerability could allow unauthorized file system access - reading from the file system.

The vulnerability has not been publicly disclosed nor exploited in the wild, Microsoft stated. There are no workarounds or mitigations at this time.

Doug Olenick

Data Security

Over 5M job seekers’ data accidentally exposed by LiveCareer

SC StaffJuly 10, 2025

Global job search and resume-building platform LiveCareer had more than 5.1 million files belonging to job seekers inadvertently leaked as a result of an unsecured Microsoft Azure storage container, Cybernews reports.

ZERO-DAY text and binary code concept from the desktop computer screen,ZERO-DAY vulnerability concept (also known as a 0-day)A zero-day vulnerability is a flaw in software or hardware.

Breach

Zero-day attack-related breach reported by Nippon Steel Solutions

SC StaffJuly 10, 2025

Nippon Steel Solutions, the leading Japanese steelmaker's cloud and cybersecurity service-focused subsidiary, has confirmed having information from its customers, partners, and employees pilfered following a March data breach facilitated by the exploitation of a network equipment zero-day vulnerability, reports Security Affairs.