πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Firefox update brings a whole new sort of security sandbox ⚠

Firefox 95.0 is out, with the usual security fixes... plus some funky new ones.

πŸ“– Read

via "Naked Security".
Naked Security
Firefox update brings a whole new sort of security sandbox
Firefox 95.0 is out, with the usual security fixes… plus some funky new ones.
147 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
🦿 Cybersecurity: Organizations face key obstacles in adopting zero trust 🦿

Security pros surveyed by One Identity cited a lack of clarity, other priorities and a lack of resources as bumps on the road to Zero Trust.

πŸ“– Read

via "Tech Republic".
TechRepublic
Cybersecurity: Organizations face key obstacles in adopting zero trust
Security pros surveyed by One Identity cited a lack of clarity, other priorities and a lack of resources as bumps on the road to zero trust.
163 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ›  ETS5 Password Recovery Tool πŸ› 

ETS Password Recovery Tool allows you to recover passwords for an ETS5 project. This is due to a significant design flaw as ETS5 uses a hard-coded password and salt to encrypt the project information.

πŸ“– Read

via "Packet Storm Security".
Packetstormsecurity
ETS5 Password Recovery Tool β‰ˆ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
161 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ—“οΈ US Department of Homeland Security heeds calls for tougher transport cybersecurity rules πŸ—“οΈ

TSA issues mandatory requirements for β€˜high-risk’ rail infrastructure

πŸ“– Read

via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
US Department of Homeland Security heeds calls for tougher transport cybersecurity rules
TSA issues mandatory requirements for β€˜high-risk’ rail infrastructure
145 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-41450 β€Ό

An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet.

πŸ“– Read

via "National Vulnerability Database".
150 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-25521 β€Ό

Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.

πŸ“– Read

via "National Vulnerability Database".
135 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-25524 β€Ό

Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to get Samsung Account ID.

πŸ“– Read

via "National Vulnerability Database".
126 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-37097 β€Ό

There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.

πŸ“– Read

via "National Vulnerability Database".
109 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-25513 β€Ό

An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.

πŸ“– Read

via "National Vulnerability Database".
102 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-37069 β€Ό

There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

πŸ“– Read

via "National Vulnerability Database".
99 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-25512 β€Ό

An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.

πŸ“– Read

via "National Vulnerability Database".
95 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-37050 β€Ό

There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

πŸ“– Read

via "National Vulnerability Database".
96 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-37054 β€Ό

There is an Identity spoofing and authentication bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.

πŸ“– Read

via "National Vulnerability Database".
93 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-25518 β€Ό

An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution.

πŸ“– Read

via "National Vulnerability Database".
88 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-25511 β€Ό

An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.

πŸ“– Read

via "National Vulnerability Database".
84 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-25510 β€Ό

An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution.

πŸ“– Read

via "National Vulnerability Database".
87 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-37037 β€Ό

There is an Invalid address access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart.

πŸ“– Read

via "National Vulnerability Database".
89 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-42110 β€Ό

An issue was discovered in Allegro Windows (formerly Popsy Windows) before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking.

πŸ“– Read

via "National Vulnerability Database".
89 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-40860 β€Ό

A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution (IWD) before 9.0.013.11 allows an attacker to execute arbitrary SQL queries via the ql_expression parameter, with which all data in the database can be extracted and OS command execution is possible depending on the permissions and/or database engine.

πŸ“– Read

via "National Vulnerability Database".
91 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-25514 β€Ό

An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information.

πŸ“– Read

via "National Vulnerability Database".
96 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-25515 β€Ό

An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.

πŸ“– Read

via "National Vulnerability Database".
105 views