🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2017-3919 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.

📖 Read

via "National Vulnerability Database".
429 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2017-5690 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.

📖 Read

via "National Vulnerability Database".
450 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-34679 ‼

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

📖 Read

via "National Vulnerability Database".
450 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2017-5765 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.

📖 Read

via "National Vulnerability Database".
454 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-12909 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
455 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-12999 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
461 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-13007 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
464 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-12975 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
458 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-12923 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
482 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-12997 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
536 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-12971 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
598 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2008-2660 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2008. Notes: none.

📖 Read

via "National Vulnerability Database".
660 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-32552 ‼

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.

📖 Read

via "National Vulnerability Database".
756 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-32551 ‼

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users.

📖 Read

via "National Vulnerability Database".
852 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-31811 ‼

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

📖 Read

via "National Vulnerability Database".
956 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-34682 ‼

Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack against the update feature.

📖 Read

via "National Vulnerability Database".
932 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-23394 ‼

The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.

📖 Read

via "National Vulnerability Database".
895 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-21439 ‼

DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.

📖 Read

via "National Vulnerability Database".
824 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Colonial Pipeline Cyberattack Proves a Single Password Isn't Enough 🕴

Since the attack, it's been revealed that it was down to a single password. Yes, ransomware needs to be on your radar -- but a focus on credentials is vital.

📖 Read

via "Dark Reading".
Dark Reading
Colonial Pipeline Cyberattack Proves a Single Password Isn't Enough
Since the attack, it's been revealed that it was down to a single password. Yes, ransomware needs to be on your radar -- but a focus on credentials is vital.
760 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Name That Toon: Sight Unseen 🕴

Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.

📖 Read

via "Dark Reading".
Dark Reading
Name That Toon: Sight Unseen
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
657 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Know Thy Enemy: Fighting Half-Blind Against Ransomware Won't Work 🕴

We lack reliable, representative, actionable data about ransomware's actual scope, scale, and impact. The Ransom Incident Response Network could change that.

📖 Read

via "Dark Reading".
605 views