π’ Google Chrome update fixes zero-day under active exploitation π’
π Read
via "ITPro".
Google releases a fresh wave of patches for severe vulnerabilities that could facilitate code execution and system takeover via Google Chromeπ Read
via "ITPro".
ITPro
Google Chrome update fixes zero-day under active exploitation
Google releases a fresh wave of patches for severe vulnerabilities that could facilitate code execution and system takeover via Google Chrome
π’ Data protection policies and procedures π’
π Read
via "ITPro".
Why your company needs them, and what they should includeπ Read
via "ITPro".
IT PRO
Data protection policies and procedures | IT PRO
Why your company needs them, and what they should include
π’ Hackers to face 25 years in jail for cyber attacks on Australia's national infrastructure π’
π Read
via "ITPro".
The proposals aim to update current laws to account for cyber threats like ransomwareπ Read
via "ITPro".
IT PRO
Hackers to face 25 years in jail for cyber attacks on Australia's national infrastructure | IT PRO
The proposals aim to update current laws to account for cyber threats like ransomware
π’ Cyber security startups pull in record-breaking investment in 2021 π’
π Read
via "ITPro".
Data suggests high-profile data breaches led to a greater number of transactions valued at $100 million or moreπ Read
via "ITPro".
IT PRO
Cyber security startups pull in record-breaking investment in 2021 | IT PRO
Data suggests high-profile data breaches led to a greater number of transactions valued at $100 million or more
π’ CISA updates must-patch bug list for federal agencies π’
π Read
via "ITPro".
Latest collection includes bugs up to seven years old that are still exploited in the wildπ Read
via "ITPro".
IT PRO
CISA updates must-patch bug list for federal agencies | IT PRO
Latest collection includes bugs up to seven years old that are still exploited in the wild
π’ Almost a quarter of all spam emails were sent from Russia in 2021 π’
π Read
via "ITPro".
Last year's spam emails mostly centred around money and investment, Bond and Spider-Man movie premieres, and the pandemicπ Read
via "ITPro".
IT PRO
Almost a quarter of all spam emails were sent from Russia in 2021 | IT PRO
Last year's spam emails mostly centred around money and investment, Bond and Spider-Man movie premieres, and the pandemic
π’ Juniper acquires cloud networking startup WiteSand π’
π Read
via "ITPro".
The deal will enable Juniper to advance traditional NAC solutions using AI and the cloudπ Read
via "ITPro".
IT PRO
Juniper acquires cloud networking startup WiteSand | IT PRO
The deal will enable Juniper to advance traditional NAC solutions using AI and the cloud
π’ Ukrainian Ministry of Defence hit by DDoS attack π’
π Read
via "ITPro".
Ukraineβs largest commercial bank and State Savings Bank were also hit by cyber attacksπ Read
via "ITPro".
IT PRO
Ukrainian Ministry of Defence hit by DDoS attack | IT PRO
Ukraineβs largest commercial bank and State Savings Bank were also hit by cyber attacks
π’ Nine tips to improve your disaster recovery strategy π’
π Read
via "ITPro".
Whether you have a well-rehearsed DR plan in place or are just starting out, here's how to take your strategy to the next levelπ Read
via "ITPro".
IT PRO
Nine tips to improve your disaster recovery strategy | IT PRO
Whether you have a well-rehearsed DR plan in place or are just starting out, here's how to take your strategy to the next level
π’ Remote access to businesses sold for huge profit in growing dark web operation π’
π Read
via "ITPro".
Researchers told IT Pro the lucrative business model is reaching 'full maturity' but has opportunities to become even more profitable in the near futureπ Read
via "ITPro".
IT PRO
Remote access to businesses sold for huge profit in growing dark web operation | IT PRO
Researchers told IT Pro the lucrative business model is reaching 'full maturity' but has opportunities to become even more profitable in the near future
π’ Google brings Privacy Sandbox initiative to Android π’
π Read
via "ITPro".
Multi-year effort likely to bring new Topics API to mobile OSπ Read
via "ITPro".
IT PRO
Google brings Privacy Sandbox initiative to Android | IT PRO
Multi-year effort likely to bring new Topics API to mobile OS
βΌ CVE-2021-45007 βΌ
π Read
via "National Vulnerability Database".
Plesk 18.0.37 is affected by a Cross Site Request Forgery (CSRF) vulnerability that allows an attacker to insert data on the user and admin panel.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0685 βΌ
π Read
via "National Vulnerability Database".
Use of Out-of-range Pointer Offset in Conda vim prior to 8.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23053 βΌ
π Read
via "National Vulnerability Database".
Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the Γ’β¬ΕCondition WidgetΓ’β¬οΏ½ element, that allows the injection of malicious JavaScript into the Γ’β¬ΛURLΓ’β¬β’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22126 βΌ
π Read
via "National Vulnerability Database".
Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the Γ’β¬ΕWeb PageΓ’β¬οΏ½ element, that allows the injection of malicious JavaScript into the Γ’β¬ΛURLΓ’β¬β’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25372 βΌ
π Read
via "National Vulnerability Database".
Pritunl Client through 1.2.3019.52 on Windows allows local privilege escalation, related to an ACL entry for CREATOR OWNER in platform_windows.go.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23848 βΌ
π Read
via "National Vulnerability Database".
In Alluxio before 2.7.3, the logserver does not validate the input stream. NOTE: this is not the same as the CVE-2021-44228 Log4j vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25375 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23054 βΌ
π Read
via "National Vulnerability Database".
Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via the Γ’β¬ΕSummary WidgetΓ’β¬οΏ½ element, that allows the injection of malicious JavaScript into the Γ’β¬ΛURLΓ’β¬β’ field. This issue affects: nasa openmct 1.7.7 version and prior versions; 1.3.0 version and later versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25297 βΌ
π Read
via "National Vulnerability Database".
This affects the package drogonframework/drogon before 1.7.5. The unsafe handling of file names during upload using HttpFile::save() method may enable attackers to write files to arbitrary locations outside the designated target folder.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0691 βΌ
π Read
via "National Vulnerability Database".
Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9.π Read
via "National Vulnerability Database".