πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-24017 β€Ό

An improper authentication in Fortinet FortiManager version 6.4.3 and below, 6.2.6 and below allows attacker to assign arbitrary Policy and Object modules via crafted requests to the request handler.

πŸ“– Read

via "National Vulnerability Database".
135 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2020-20662 β€Ό

libiec_iccp_mod v1.5 contains a heap-buffer-overflow in the component mms_client_example1.c.

πŸ“– Read

via "National Vulnerability Database".
136 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2020-20664 β€Ό

libiec_iccp_mod v1.5 contains a segmentation violation in the component server_example1.c.

πŸ“– Read

via "National Vulnerability Database".
141 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2020-20663 β€Ό

libiec_iccp_mod v1.5 contains a heap-buffer-overflow in the component mms_client_connection.c.

πŸ“– Read

via "National Vulnerability Database".
143 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-20578 β€Ό

IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform unauthorized actions due to improper or missing authentication controls. IBM X-Force ID: 199282.

πŸ“– Read

via "National Vulnerability Database".
151 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-20554 β€Ό

IBM Sterling Order Management 9.4, 9.5, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199179.

πŸ“– Read

via "National Vulnerability Database".
163 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2020-20665 β€Ό

rudp v0.6 was discovered to contain a memory leak in the component main.c.

πŸ“– Read

via "National Vulnerability Database".
167 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ” CISA Rolls Out New Insider Threat Risk Assessment Tool πŸ”

The tool, which is intended for both public and private sector organizations, can help companies better assess their vulnerability to insider threats.

πŸ“– Read

via "".
Digital Guardian
CISA Rolls Out New Insider Threat Risk Assessment Tool
The tool, which is intended for both public and private sector organizations, can help companies better assess their vulnerability to insider threats.
170 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
🦿 Dell announces new ProSupport Suite and AI-powered Trusted Device capabilities 🦿

Both could help businesses struggling to secure remote workforces and protect ever-increasing vulnerability footprints.

πŸ“– Read

via "Tech Republic".
TechRepublic
Dell announces new ProSupport Suite and AI-powered Trusted Device capabilities
Both could help businesses struggling to secure remote workforces and protect ever-increasing vulnerability footprints.
191 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
🦿 Windows Server 2022: A cheat sheet 🦿

Microsoft has just released its most recent Windows Server platform. Check out the improved hybrid cloud features, beefed up security and improved support for large on-premises applications.

πŸ“– Read

via "Tech Republic".
TechRepublic
Windows Server 2022: A cheat sheet
Microsoft has just released its most recent Windows Server platform. Check out the improved hybrid cloud features, beefed up security and improved support for large on-premises applications.
199 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Military’s RFID Tracking of Guns May Endanger Troops ❌

RFID gun tags leave the military exposed to tracking, sniffing and spoofing attacks, experts say.  

πŸ“– Read

via "Threat Post".
Threat Post
Military’s RFID Tracking of Guns May Endanger Troops
RFID gun tags leave the military exposed to tracking, sniffing and spoofing attacks, experts say.
179 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
🦿 How to install the Nessus vulnerability scanner on Rocky Linux 🦿

If you're looking for one of the best vulnerability scanners on the market, Nessus might be the ticket. Jack Wallen shows you how to install this platform on Rocky Linux.

πŸ“– Read

via "Tech Republic".
TechRepublic
How to install the Nessus vulnerability scanner on Rocky Linux
If you're looking for one of the best vulnerability scanners on the market, Nessus might be the ticket. Jack Wallen shows you how to install this platform on Rocky Linux.
181 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ FireEye Products & McAfee Enterprise Merge to Create $2B Entity πŸ•΄

The combined company will have 5,000 employees, more than 40,000 customers, and nearly $2 billion in revenue, officials report.

πŸ“– Read

via "Dark Reading".
Dark Reading
FireEye Products & McAfee Enterprise Merge to Create $2B Entity
The combined company will have 5,000 employees, more than 40,000 customers, and nearly $2 billion in revenue, officials report.
169 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-41323 β€Ό

Directory traversal in the Compress feature in Pydio Cells 2.2.9 allows remote authenticated users to overwrite personal files, or Cells files belonging to any user, via the format parameter.

πŸ“– Read

via "National Vulnerability Database".
144 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-35198 β€Ό

NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module.

πŸ“– Read

via "National Vulnerability Database".
142 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-35200 β€Ό

NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting (XSS) in FDSQueryService.

πŸ“– Read

via "National Vulnerability Database".
135 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-35199 β€Ό

NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting (XSS) in UploadFile.

πŸ“– Read

via "National Vulnerability Database".
137 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-35205 β€Ό

NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector.

πŸ“– Read

via "National Vulnerability Database".
126 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-35201 β€Ό

NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks.

πŸ“– Read

via "National Vulnerability Database".
131 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-35202 β€Ό

NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService.

πŸ“– Read

via "National Vulnerability Database".
133 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-41325 β€Ό

Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. (In addition, such users can be granted several admin permissions via the Roles parameter.)

πŸ“– Read

via "National Vulnerability Database".
138 views