πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-42952 β€Ό

All pervious versions before October 25, 2021 of Zepl Notebooks are affeced by a sandbox escape vulnerability. Upon launching Remote Code Execution from the Notebook, users can then use that to subsequently escape the running context sandbox and proceed to access internal Zepl assets including cloud metadata services.

πŸ“– Read

via "National Vulnerability Database".
139 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-22426 β€Ό

There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.

πŸ“– Read

via "National Vulnerability Database".
139 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-22431 β€Ό

There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.

πŸ“– Read

via "National Vulnerability Database".
140 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-25260 β€Ό

JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF).

πŸ“– Read

via "National Vulnerability Database".
137 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-37027 β€Ό

There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.

πŸ“– Read

via "National Vulnerability Database".
137 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-23985 β€Ό

The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.

πŸ“– Read

via "National Vulnerability Database".
139 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-22430 β€Ό

There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.

πŸ“– Read

via "National Vulnerability Database".
144 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-44132 β€Ό

A command injection vulnerability in the function formImportOMCIShell of C-DATA ONU4FERW V2.1.13_X139 allows attackers to execute arbitrary commands via a crafted file.

πŸ“– Read

via "National Vulnerability Database".
142 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-21209 β€Ό

The affected product is vulnerable to an out-of-bounds read while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.

πŸ“– Read

via "National Vulnerability Database".
145 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-25062 β€Ό

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

πŸ“– Read

via "National Vulnerability Database".
159 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-22448 β€Ό

There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.

πŸ“– Read

via "National Vulnerability Database".
174 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-22437 β€Ό

There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access.

πŸ“– Read

via "National Vulnerability Database".
194 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-37103 β€Ό

There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.

πŸ“– Read

via "National Vulnerability Database".
199 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-22395 β€Ό

There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.

πŸ“– Read

via "National Vulnerability Database".
240 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ TrickBot Takes a Break, Leaving Researchers Scratching Their Heads ❌

The infamous trojan is likely making some major operational changes, researchers believe.

πŸ“– Read

via "Threat Post".
Threat Post
TrickBot Takes a Break, Leaving Researchers Scratching Their Heads
The infamous trojan is likely making some major operational changes, researchers believe.
254 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-24710 β€Ό

Weblate is a copyleft software web-based continuous localization system. Versions prior to 4.11 do not properly neutralize user input used in user name and language fields. Due to this improper neutralization it is possible to perform cross-site scripting via these fields. The issues were fixed in the 4.11 release. Users unable to upgrade are advised to add their own neutralize logic.

πŸ“– Read

via "National Vulnerability Database".
πŸ‘1
255 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ 7 Steps to Take Right Now to Prepare for Cyberattacks by Russia πŸ•΄

A lot of the recommended preparation involves measures organizations should have in place already.

πŸ“– Read

via "Dark Reading".
Dark Reading
7 Steps to Take Right Now to Prepare for Cyberattacks by Russia
A lot of the recommended preparation involves measures organizations should have in place already.
πŸ‘1
261 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ IBM launches security hub to help APAC firms prepare for cyber attacks πŸ“’

The tech giant also announced the opening of a second IBM Security Operation Center (SOC) in Bengaluru

πŸ“– Read

via "ITPro".
IT PRO
IBM launches security hub to help APAC firms prepare for cyber attacks | IT PRO
The tech giant also announced the opening of a second IBM Security Operation Center (SOC) in Bengaluru
213 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ Cloudflare acquires Area 1 Security for $162 million πŸ“’

The deal comes five months after the web infrastructure and website security company announced its foray into the email security market

πŸ“– Read

via "ITPro".
IT Pro
Cloudflare acquires Area 1 Security for $162 million
The deal comes five months after the web infrastructure and website security company announced its foray into the email security market
193 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ Organisations urged to boost cyber defences in wake of Ukraine cyber attacks πŸ“’

Australia’s Cyber Security Centre warns that there has been a historical pattern of cyber attacks against Ukraine that have had international consequences

πŸ“– Read

via "ITPro".
IT PRO
Organisations urged to boost cyber defences in wake of Ukraine cyber attacks | IT PRO
Australia’s Cyber Security Centre warns that there has been a historical pattern of cyber attacks against Ukraine that have had international consequences
179 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ Russian cyber attacks on Ukraine: What we know so far πŸ“’

A score of additional attacks on the Ukrainian government and other critical services have been reported this week, as Russia officially declares war on the country

πŸ“– Read

via "ITPro".
IT Pro
Russian cyber attacks on Ukraine: What we know so far
The conflict between Russia and Ukraine has set the tone for all future wars, and the cyber attacks observed throughout will provide a how-to guide on handling simultaneous cyber and kinetic warfare
186 views