πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18802

Certain NETGEAR devices are affected by command injection. This affects R6100 before 1.0.1.14, R7500 before 1.0.0.110, R7500v2 before 1.0.3.16, R7800 before 1.0.2.32, EX6200v2 before 1.0.1.50, and D7800 before 1.0.1.22.

πŸ“– Read

via "National Vulnerability Database".
82 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18801

Certain NETGEAR devices are affected by command injection. This affects R6220 before 1.1.0.50, R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, WNDR3700v5 before 1.1.0.48, and D7000 before 1.0.1.50.

πŸ“– Read

via "National Vulnerability Database".
85 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18800

Certain NETGEAR devices are affected by reflected XSS. This affects R6700v2 before 1.1.0.42 and R6800 before 1.1.0.42.

πŸ“– Read

via "National Vulnerability Database".
84 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18799

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6200v2 before 1.0.3.14, R6250 before 1.0.4.8, R6300v2 before 1.0.4.8, R6700 before 1.1.1.20, R7000 before 1.0.7.10, R7000P/R6900P before 1.0.0.56, R7100LG before 1.0.0.30, R7900 before 1.0.1.14, R8000 before 1.0.3.22, R8500 before 1.0.2.74, and D8500 before 1.0.3.28.

πŸ“– Read

via "National Vulnerability Database".
87 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ›  Faraday 3.11 πŸ› 

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

πŸ“– Go!

via "Security Tool Files β‰ˆ Packet Storm".
Packetstormsecurity
Faraday 3.11 β‰ˆ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
89 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ NFL Tackles Cybersecurity Concerns Ahead of 2020 Draft Day ❌

Researchers weigh in on potential security concerns surrounding the 2020 NFL Draft.

πŸ“– Read

via "Threatpost".
Threat Post
NFL Tackles Cybersecurity Concerns Ahead of 2020 Draft Day
Researchers weigh in on potential security concerns surrounding the 2020 NFL Draft.
89 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18798

Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, D7000 before 1.0.1.50, and D1500 before 1.0.0.25.

πŸ“– Read

via "National Vulnerability Database".
85 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18797

Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects R6400 before 1.0.1.24, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100.

πŸ“– Read

via "National Vulnerability Database".
87 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18796

Certain NETGEAR devices are affected by command injection. This affects R6400 before 1.0.1.24, R6700 before 1.0.1.26, R6900 before 1.0.1.28, R7000 before 1.0.9.10, R7000P before 1.0.1.16, R6900P before 1.0.1.16, and R7800 before 1.0.2.36.

πŸ“– Read

via "National Vulnerability Database".
86 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18795

Certain NETGEAR devices are affected by command injection. This affects D6220 before 1.0.0.28 and D6100 before 1.0.0.50_0.0.50.

πŸ“– Read

via "National Vulnerability Database".
97 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18794

Certain NETGEAR devices are affected by command injection. This affects R6300v2 before 1.0.4.8_10.0.77, R6400 before 1.0.1.24, R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, R8500 before 1.0.2.100, and D6100 before 1.0.0.50_0.0.50.

πŸ“– Read

via "National Vulnerability Database".
95 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18793

NETGEAR R7800 devices before 1.0.2.36 are affected by command injection.

πŸ“– Read

via "National Vulnerability Database".
93 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18792

NETGEAR D6100 devices before 1.0.0.50_0.0.50 are affected by command injection.

πŸ“– Read

via "National Vulnerability Database".
96 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18791

Certain NETGEAR devices are affected by CSRF. This affects R6050/JR6150 before 1.0.1.7, PR2000 before 1.0.0.17, R6220 before 1.1.0.50, WNDR3700v5 before 1.1.0.48, JNR1010v2 before 1.1.0.40, JWNR2010v5 before 1.1.0.40, WNR1000v4 before 1.1.0.40, WNR2020 before 1.1.0.40, WNR2050 before 1.1.0.40, WNR614 before 1.1.0.40, WNR618 before 1.1.0.40, and D7000 before 1.0.1.50.

πŸ“– Read

via "National Vulnerability Database".
103 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-18790

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects R6700 before 1.0.1.26, R7000 before 1.0.9.10, R7100LG before 1.0.0.32, R7900 before 1.0.1.18, R8000 before 1.0.3.54, and R8500 before 1.0.2.100.

πŸ“– Read

via "National Vulnerability Database".
112 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Researchers Use Microsoft Terminal Services Client in New Attack Method πŸ•΄

The technique would enable attackers to run malicious code via Remote Desktop Protocol using DLL side-loading to bypass security controls.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
Endpoint Security recent news | Dark Reading
Explore the latest news and expert commentary on Endpoint Security, brought to you by the editors of Dark Reading
121 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Automated Bots Are Increasingly Scraping Data & Attempting Logins πŸ•΄

The share of bot traffic to online sites declines, but businesses are seeing an overall increase in automated scraping of data, login attempts, and other detrimental activity.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
Automated Bots Are Increasingly Scraping Data & Attempting Logins
The share of bot traffic to online sites declines, but businesses are seeing an overall increase in automated scraping of data, login attempts, and other detrimental activity.
141 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Banking.BR Android Trojan Emerges in Credential-Stealing Attacks ❌

A new Android trojan targets banking customers with overlay attacks to steal their bank credentials and ultimately take over their accounts.

πŸ“– Read

via "Threatpost".
Threat Post
Banking.BR Android Trojan Emerges in Credential-Stealing Attacks
A new Android trojan targets banking customers with overlay attacks to steal their bank credentials and ultimately take over their accounts.
160 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ” COVID-19 contact tracing: The tricky balance between privacy and relief efforts πŸ”

As more governments consider the use of contact tracing apps to prevent the spread of coronavirus, researchers say privacy will have to be at the forefront of efforts in order for civilians to use it.

πŸ“– Read

via "Security on TechRepublic".
TechRepublic
COVID-19 contact tracing: The tricky balance between privacy and relief efforts
As more governments consider the use of contact tracing apps to prevent the spread of coronavirus, researchers say privacy will have to be at the forefront of efforts in order for civilians to use it.
170 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Gaming company targeted by Chinese Winnti hackers ⚠

Far from pausing operations during the COVID-19 pandemic, China’s notorious Winnti hacking group has been busy launching new attacks on targets, researchers say.

πŸ“– Read

via "Naked Security".
Naked Security
Gaming company targeted by Chinese Winnti hackers
Far from pausing operations during the COVID-19 pandemic, China’s notorious Winnti hacking group has been busy launching new attacks on targets, researchers say.
164 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ 309 million Facebook users’ phone numbers (and more) found online ⚠

First, 267m records were exposed & sold for 0.0002 cents each on the Dark Web. It was taken down but got reposted with yet more records.

πŸ“– Read

via "Naked Security".
Naked Security
309 million Facebook users’ phone numbers found online
First, 267m records were exposed & sold for 0.0002 cents each on the Dark Web. It was taken down but got reposted with yet more records.
179 views