πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-20646

NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of administrative credentials.

πŸ“– Read

via "National Vulnerability Database".
99 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Slack's Incoming Webhooks Can Be Weaponized in Phishing Attacks πŸ•΄

Researchers report how attackers could weaponize a feature in the Slack collaboration platform to access corporate data and messages.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
Slack's Incoming Webhooks Can Be Weaponized in Phishing Attacks
Researchers report how attackers could weaponize a feature in the Slack collaboration platform to access corporate data and messages.
106 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Malicious Google Web Extensions Harvest Cryptowallet Secrets ❌

Several fake browser extensions masqueraded as legitimate cryptocurrency utilities in a snowballing campaign.

πŸ“– Read

via "Threatpost".
Threat Post
Malicious Google Web Extensions Harvest Cryptowallet Secrets
Several fake browser extensions masqueraded as legitimate cryptocurrency utilities in a snowballing campaign.
112 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ DHS Issues Alert for New North Korean Cybercrime πŸ•΄

Cyber actors from North Korea's intelligence agencies are launching new attacks on financial targets, including hacks for hire on the open market.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
DHS Issues Alert for New North Korean Cybercrime
Cyber actors from North Korea's intelligence agencies are launching new attacks on financial targets, including hacks for hire on the open market.
110 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-20644

NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.

πŸ“– Read

via "National Vulnerability Database".
105 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-20643

NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of sensitive information.

πŸ“– Read

via "National Vulnerability Database".
102 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-20642

NETGEAR RAX40 devices before 1.0.3.64 are affected by authentication bypass.

πŸ“– Read

via "National Vulnerability Database".
100 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-20641

NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level.

πŸ“– Read

via "National Vulnerability Database".
100 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-20640

Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32.

πŸ“– Read

via "National Vulnerability Database".
105 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-20639

Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.

πŸ“– Read

via "National Vulnerability Database".
99 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-20638

NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of administrative credentials.

πŸ“– Read

via "National Vulnerability Database".
98 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-12524

An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.

πŸ“– Read

via "National Vulnerability Database".
101 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-12522

An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.

πŸ“– Read

via "National Vulnerability Database".
108 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-12521

An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.

πŸ“– Read

via "National Vulnerability Database".
119 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ New Malware Family Assembles IoT Botnet πŸ•΄

'Mozi' combines code from three previously known IoT malware.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
New Malware Family Assembles IoT Botnet
'Mozi' combines code from three previously known IoT malware.
119 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-12520

An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo (username and password) for certain protocols. This decoded info is prepended to the domain. This allows an attacker to provide a username that has special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a request to their domain using an encoded username, then when a request for the target domain comes in that decodes to the exact URL, it will serve the attacker's HTML instead of the real HTML. On Squid servers that also act as reverse proxies, this allows an attacker to gain access to features that only reverse proxies can use, such as ESI.

πŸ“– Read

via "National Vulnerability Database".
158 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2019-12519

An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.

πŸ“– Read

via "National Vulnerability Database".
159 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Update now! Windows zero-day flaws fixed in Patch Tuesday ⚠

...and there are fixes for Adobe, Oracle and Intel products too. Go get your updates!

πŸ“– Read

via "Naked Security".
Sophos News
Naked Security – Sophos News
158 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ β€˜Double Extortion’ Ransomware Attacks Spike ❌

More ransomware operators are setting up pages where they threaten to publish compromised data from victims - an added pressure for victims to pay the ransom.

πŸ“– Read

via "Threatpost".
Threat Post
β€˜Double Extortion’ Ransomware Attacks Spike
More ransomware operators are setting up pages where they threaten to publish compromised data from victims - an added pressure for victims to pay the ransom.
157 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ 49 malicious Chrome extensions caught pickpocketing crypto wallets ⚠

They were posing as crypto wallets in order to rip off users' private keys and mnemonic phrases and drain real wallets. Google's yanked them.

πŸ“– Read

via "Naked Security".
Naked Security
49 malicious Chrome extensions caught pickpocketing crypto wallets
They were posing as crypto wallets in order to rip off users’ private keys and mnemonic phrases and drain real wallets. Google’s yanked them.
142 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Which InfoSec Jobs Will Best Survive a Recession? πŸ•΄

With COVID-19 making a mess of the global economy, companies are seeking to cut corners - and some boardrooms still see security as a "cost center." Are infosec careers vulnerable now?

πŸ“– Read

via "Dark Reading: ".
Dark Reading
Which InfoSec Jobs Will Best Survive a Recession?
With COVID-19 making a mess of the global economy, companies are seeking to cut corners - and some boardrooms still see security as a cost center. Are infosec careers vulnerable now?
137 views