๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
@cibsecurity
25.8K subscribers
89.2K links
๐Ÿ—ž The finest daily news on cybersecurity and privacy.

๐Ÿ”” Daily releases.

๐Ÿ’ป Is your online life secure?

๐Ÿ“ฉ lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
25.8K subscribers
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2017-12580

An issue was discovered in IDM UltraEdit through 24.10.0.32. To exploit the vulnerability, on unpatched Windows systems, an attacker could include in the same directory as the affected executable a DLL using the name of a Windows DLL. This DLL must be preloaded by the executable (for example, "ntmarta.dll"). When the installer EXE is executed by the user, the DLL located in the EXE's current directory will be loaded instead of the Windows DLL, allowing the attacker to run arbitrary code on the affected system.

๐Ÿ“– Read

via "National Vulnerability Database".
138 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2015-1583

Multiple cross-site request forgery (CSRF) vulnerabilities in ATutor 2.2 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account via a request to mods/_core/users/admins/create.php or (2) create a user account via a request to mods/_core/users/create_user.php.

๐Ÿ“– Read

via "National Vulnerability Database".
134 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โŒ RSAC: Keeping Smart Cities Safe From Hacks โŒ

As cities grow more connected, municipal operators must deal with new risks like ransomware, IoT hacks and more.

๐Ÿ“– Read

via "Threatpost".
Threat Post
Forrester: Keeping Smart Cities Safe From Hacks
As cities grow more connected, municipal operators must deal with new risks like ransomware, IoT hacks and more.
120 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ” Companies Increasingly Complacent Around Data Breach Preparedness ๐Ÿ”

Ponemon Institute's annual data breach readiness survey suggests the increased adoption of security technologies but the continuation of problems, like spear phishing attacks.

๐Ÿ“– Read

via "Subscriber Blog RSS Feed ".
Digital Guardian
Companies Increasingly Complacent Around Data Breach Preparedness
Ponemon Institute's annual data breach readiness survey suggests the increased adoption of security technologies but the continuation of problems, like spear phishing attacks.
124 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2019-14892

A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.

๐Ÿ“– Read

via "National Vulnerability Database".
117 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-14384

The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated attackers to inject arbitrary web script or HTML via the websites.php name parameter.

๐Ÿ“– Read

via "National Vulnerability Database".
112 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-11675

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

๐Ÿ“– Read

via "National Vulnerability Database".
110 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ” Report: Coronavirus is negatively impacting international call quality ๐Ÿ”

When entire regions are quarantined, home-bound people are overloading local switches, reducing international call quality and interrupting connectivity.

๐Ÿ“– Read

via "Security on TechRepublic".
TechRepublic
Coronavirus is negatively impacting international call quality
When entire regions are quarantined, home-bound people are overloading local switches, reducing international call quality and interrupting connectivity.
125 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
Forwarded from [CANAL] Merger
โ€‹โ€‹๐Ÿ”ฅ AMAZING CHANNELS!! ๐Ÿ”ฅ
7 views
๐Ÿคก Memes, gifs and fun ๐Ÿคช
[+18] ๐Ÿ”ฅ Homemade & Selfshot ๐ŸŒก
๐Ÿ›ก Cybersecurity & Privacy news ๐Ÿ›ก
๐Ÿ‘ฉโ€๐Ÿซ Oposiciones y empleo pรบblico [ES] ๐Ÿ‘ฎโ€โ™‚๏ธ
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ•ด Walgreens' Mobile App Exposes Customers' Info ๐Ÿ•ด

An error in the app allowed some secure chat users to see medical information that wasn't theirs.

๐Ÿ“– Read

via "Dark Reading: ".
Darkreading
Walgreens' Mobile App Exposes Customers' Info
An error in the app allowed some secure chat users to see medical information that wasn't theirs.
119 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-19658

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

๐Ÿ“– Read

via "National Vulnerability Database".
109 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-19599

Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product.

๐Ÿ“– Read

via "National Vulnerability Database".
101 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-19284

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

๐Ÿ“– Read

via "National Vulnerability Database".
99 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-18479

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

๐Ÿ“– Read

via "National Vulnerability Database".
102 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-17572

InfluxDB 0.9.5 has Reflected XSS in the Write Data module.

๐Ÿ“– Read

via "National Vulnerability Database".
102 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-16357

An issue was discovered in PbootCMS. There is a SQL injection via the api.php/Cms/search order parameter.

๐Ÿ“– Read

via "National Vulnerability Database".
103 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-16356

An issue was discovered in PbootCMS. There is a SQL injection via the api.php/List/index order parameter.

๐Ÿ“– Read

via "National Vulnerability Database".
104 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-15820

EasyIO EasyIO-30P devices before 2.0.5.27 allow XSS via the dev.htm GDN parameter.

๐Ÿ“– Read

via "National Vulnerability Database".
106 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
ATENTIONโ€ผ New - CVE-2018-15819

EasyIO EasyIO-30P devices before 2.0.5.27 have Incorrect Access Control, related to webuser.js.

๐Ÿ“– Read

via "National Vulnerability Database".
104 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ” Phishing: Leading targets, breaking myths, and educating users ๐Ÿ”

Vade Secure's Adrien Gendre explains why the end user is an important link in the security chain.

๐Ÿ“– Read

via "Security on TechRepublic".
TechRepublic
Phishing: Leading targets, breaking myths, and educating users
Vade Secure's Adrien Gendre explains why the end user is an important link in the security chain.
106 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โŒ Gamer Alert: Serious Nvidia Flaw Plagues Graphics Driver โŒ

Several flaws found in Nvidia's graphics drivers could enable denial of service, remote code execution and other malicious attacks.

๐Ÿ“– Read

via "Threatpost".
Threat Post
Gamer Alert: Serious Nvidia Flaw Plagues Graphics Driver
Several flaws found in Nvidia's graphics drivers could enable denial of service, remote code execution and other malicious attacks.
104 views