πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-29906 β€Ό

IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630.

πŸ“– Read

via "National Vulnerability Database".
224 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-42109 β€Ό

VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.

πŸ“– Read

via "National Vulnerability Database".
223 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ North American Orgs Hit With an Average of 497 Cyberattacks per Week πŸ•΄

A new analysis confirms a surge in global cyberattacks since the COVID-19 pandemic began.

πŸ“– Read

via "Dark Reading".
Dark Reading
North American Orgs Hit With an Average of 497 Cyberattacks per Week
A new analysis confirms a surge in global cyberattacks since the COVID-19 pandemic began.
217 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-30632 β€Ό

Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
190 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-42112 β€Ό

The "File upload question" functionality in LimeSurvey 3.x-LTS through 3.27.18 allows XSS in assets/scripts/modaldialog.js and assets/scripts/uploader.js.

πŸ“– Read

via "National Vulnerability Database".
187 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-30625 β€Ό

Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a malicious website to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
184 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-30626 β€Ό

Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
180 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-30627 β€Ό

Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
203 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-30629 β€Ό

Use after free in Permissions in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
214 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2020-22617 β€Ό

Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext.

πŸ“– Read

via "National Vulnerability Database".
248 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-30630 β€Ό

Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
350 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-30628 β€Ό

Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
390 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-30633 β€Ό

Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
391 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ The IT Pro Podcast: Behind the scenes of the Solarwinds hack πŸ“’

We speak to the company’s top execs to find out what really happened

πŸ“– Read

via "ITPro".
IT PRO
The IT Pro Podcast: Behind the scenes of the Solarwinds hack | IT PRO
We speak to the company’s top execs to find out what really happened
356 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ Maverick fast-attack ransomware group FIN12 is quickly expanding πŸ“’

FIN12 hits hospitals even during pandemic

πŸ“– Read

via "ITPro".
IT PRO
Maverick fast-attack ransomware group FIN12 is quickly expanding | IT PRO
FIN12 hits hospitals even during pandemic
311 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ What is NotPetya? πŸ“’

We take a look at the malware that first came to prominence in 2016 and targets Windows-based machines

πŸ“– Read

via "ITPro".
IT PRO
What is NotPetya? | IT PRO
We take a look at the malware that first came to prominence in 2016 and targets Windows-based machines
201 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ 2021 Thales access management index: Global edition πŸ“’

The challenges of trusted access in a cloud-first world

πŸ“– Read

via "ITPro".
IT PRO
2021 Thales access management index: Global edition
The challenges of trusted access in a cloud-first world
196 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ Twitch confirms data breach after server configuration error πŸ“’

The popular streaming service says there's no indication that login information has been exposed

πŸ“– Read

via "ITPro".
IT PRO
Twitch confirms data breach after server configuration error | IT PRO
The popular streaming service says there's no indication that login information has been exposed
185 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ Why is the energy sector so vulnerable to hacking? πŸ“’

Highly-targeted energy companies often struggle to attract the right cyber security skills and rely on dated systems

πŸ“– Read

via "ITPro".
IT PRO
Why is the energy sector so vulnerable to hacking? | IT PRO
Highly-targeted energy companies often struggle to attract the right cyber security skills and rely on dated systems
173 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ SolarWinds hackers stole US sanctions policy data, Microsoft confirms πŸ“’

Unconfirmed reports also suggest data on threat hunting techniques, assessments of Russian threat actors, and source codes were also accessed

πŸ“– Read

via "ITPro".
ITPro
SolarWinds hackers stole US sanctions policy data, Microsoft confirms
Unconfirmed reports also suggest data on threat hunting techniques, assessments of Russian threat actors, and source codes were also accessed
164 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ Google will auto-enrol 150 million users in 2FA by end of 2021 πŸ“’

An additional two million YouTube creators will also be required to switch it on the 2SV feature by the end of the year

πŸ“– Read

via "ITPro".
IT PRO
Google will auto-enrol 150 million users in 2FA by end of 2021 | IT PRO
An additional two million YouTube creators will also be required to switch it on the 2SV feature by the end of the year
158 views