🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24594 ‼

In waline 1.6.1, an attacker can submit messages using X-Forwarded-For to forge any IP address.

📖 Read

via "National Vulnerability Database".

283 views13:20

🕴 Putting the X Factor in XDR 🕴

While extended detection and response (XDR) is effectively considered an upgrade from endpoint detection and response, enterprises must still begin with a strong EDR foundation.

📖 Read

via "Dark Reading".

Dark Reading

Putting the X Factor in XDR

While extended detection and response (XDR) is effectively considered an upgrade from endpoint detection and response, enterprises must still begin with a strong EDR foundation.

291 views14:41

🛡 Cybersecurity & Privacy 🛡 - News

🕴 The Future of Cyber Insurance 🕴

Having cyber insurance is a good idea if the costs make sense — it could be the difference between going out of business and staying afloat. But it shouldn't be your first course of action.

📖 Read

via "Dark Reading".

Dark Reading

The Future of Cyber Insurance

Having cyber insurance is a good idea if the costs make sense — it could be the difference between going out of business and staying afloat. But it shouldn't be your first course of action.

287 views15:11

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-25374 ‼

HashiCorp Terraform Enterprise before 202202-1 inserts Sensitive Information into a Log File.

📖 Read

via "National Vulnerability Database".

281 views15:20

🛡 Cybersecurity & Privacy 🛡 - News

🗓️ Flurry Finance heist nets crypto thieves $295k 🗓️

Theft topped out at six figures after DeFi platform blocked ‘token balance multiplier’ exploit

📖 Read

via "The Daily Swig".

The Daily Swig | Cybersecurity news and views

Flurry Finance heist nets crypto thieves $295k

Theft topped out at six figures after DeFi platform blocked ‘token balance multiplier’ exploit

282 views15:24

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24334 ‼

In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server.

📖 Read

via "National Vulnerability Database".

242 views17:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24338 ‼

JetBrains TeamCity before 2021.2.1 was vulnerable to reflected XSS.

📖 Read

via "National Vulnerability Database".

238 views17:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24340 ‼

In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was possible.

📖 Read

via "National Vulnerability Database".

233 views17:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24345 ‼

In JetBrains IntelliJ IDEA before 2021.2.4, local code execution (without permission from a user) upon opening a project was possible.

📖 Read

via "National Vulnerability Database".

178 views17:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24339 ‼

JetBrains TeamCity before 2021.2.1 was vulnerable to stored XSS.

📖 Read

via "National Vulnerability Database".

168 views17:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24347 ‼

JetBrains YouTrack before 2021.4.36872 was vulnerable to stored XSS via a project icon.

📖 Read

via "National Vulnerability Database".

162 views17:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24327 ‼

In JetBrains Hub before 2021.1.13890, integration with JetBrains Account exposed an API key with excessive permissions.

📖 Read

via "National Vulnerability Database".

163 views17:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24332 ‼

In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie.

📖 Read

via "National Vulnerability Database".

160 views17:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24329 ‼

In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.

📖 Read

via "National Vulnerability Database".

158 views17:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24331 ‼

In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible.

📖 Read

via "National Vulnerability Database".

151 views17:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24346 ‼

In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO (Right-to-Left Override) characters was possible.

📖 Read

via "National Vulnerability Database".

153 views17:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24337 ‼

In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions.

📖 Read

via "National Vulnerability Database".

151 views17:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24328 ‼

In JetBrains Hub before 2021.1.13956, an unprivileged user could perform DoS.

📖 Read

via "National Vulnerability Database".

152 views17:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24330 ‼

In JetBrains TeamCity before 2021.2.1, a redirection to an external site was possible.

📖 Read

via "National Vulnerability Database".

148 views17:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24333 ‼

In JetBrains TeamCity before 2021.2, blind SSRF via an XML-RPC call was possible.

📖 Read

via "National Vulnerability Database".

151 views17:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-24343 ‼

In JetBrains YouTrack before 2021.4.31698, a custom logo could be set by a user who has read-only permissions.

📖 Read

via "National Vulnerability Database".

160 views17:21

About

Blog

Apps

Platform