πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-26628 β€Ό

Matrimony v1.0 was discovered to contain a SQL injection vulnerability via the Password parameter.

πŸ“– Read

via "National Vulnerability Database".
165 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-28115 β€Ό

Online Sports Complex Booking v1.0 was discovered to contain a SQL injection vulnerability via the id parameter.

πŸ“– Read

via "National Vulnerability Database".
166 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-28467 β€Ό

Online Student Admission v1.0 was discovered to contain a SQL injection vulnerability via the txtapplicationID parameter.

πŸ“– Read

via "National Vulnerability Database".
166 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-27124 β€Ό

Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.

πŸ“– Read

via "National Vulnerability Database".
167 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-26912 β€Ό

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909.

πŸ“– Read

via "National Vulnerability Database".
170 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-26909 β€Ό

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26912.

πŸ“– Read

via "National Vulnerability Database".
173 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-26895 β€Ό

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912.

πŸ“– Read

via "National Vulnerability Database".
181 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-26891 β€Ό

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912.

πŸ“– Read

via "National Vulnerability Database".
190 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-26908 β€Ό

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26909, CVE-2022-26912.

πŸ“– Read

via "National Vulnerability Database".
209 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-28116 β€Ό

Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter.

πŸ“– Read

via "National Vulnerability Database".
229 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-28468 β€Ό

Payroll Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter.

πŸ“– Read

via "National Vulnerability Database".
240 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Developers Increasingly Prioritize Secure Coding πŸ•΄

But "old habits are hard to break," with 48% of developers still shipping code with vulnerabilities.

πŸ“– Read

via "Dark Reading".
Dark Reading
Developers Increasingly Prioritize Secure Coding
But "old habits are hard to break," with 48% of developers still shipping code with vulnerabilities.
269 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Firefox 99 is out – no major bugs, but update anyway! ⚠

Firefox's four-weekly updates just dropped - here's what you need to know.

πŸ“– Read

via "Naked Security".
Naked Security
Firefox 99 is out – no major bugs, but update anyway!
Firefox’s four-weekly updates just dropped – here’s what you need to know.
312 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Google’s monthly Android updates patch numerous β€œget root” holes ⚠

Get the update now... if it's available for your phone. Here's how to check.

πŸ“– Read

via "Naked Security".
Naked Security
Google’s monthly Android updates patch numerous β€œget root” holes
Get the update now… if it’s available for your phone. Here’s how to check.
426 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Microsoft Details New Security Features for Windows 11 πŸ•΄

Security features to come include a TPM-like security processor for protecting artifacts that a computer uses during the secure boot-up process, as well as a control for blocking unsigned and untrusted apps.

πŸ“– Read

via "Dark Reading".
Dark Reading
Microsoft Details New Security Features for Windows 11
Security features to come include a TPM-like security processor for protecting artifacts that a computer uses during the secure boot-up process, as well as a control for blocking unsigned and untrusted apps.
505 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-23446 β€Ό

A improper control of a resource through its lifetime in Fortinet FortiEDR version 5.0.3 and earlier allows attacker to make the whole application unresponsive via changing its root directory access permission.

πŸ“– Read

via "National Vulnerability Database".
461 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-23441 β€Ό

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated attacker on the network to disguise as and forge messages from other collectors.

πŸ“– Read

via "National Vulnerability Database".
462 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2020-29013 β€Ό

An improper input validation vulnerability in the sniffer interface of FortiSandbox before 3.2.2 may allow an authenticated attacker to silently halt the sniffer via specifically crafted requests.

πŸ“– Read

via "National Vulnerability Database".
437 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Attackers Spoof WhatsApp Voice-Message Alerts to Steal Info ❌

Threat actors target Office 365 and Google Workspace in a new campaign, which uses a legitimate domain associated with a road-safety center in Moscow to send messages.

πŸ“– Read

via "Threat Post".
Threat Post
Attackers Spoof WhatsApp Voice-Message Alerts to Steal Info
Threat actors target Office 365 and Google Workspace in a new campaign, which uses a legitimate domain associated with a road-safety center in Moscow to send messages.
385 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ—“οΈ UK retailer The Works blames store closures on POS problems following cyber-attack πŸ—“οΈ

Discount chain is working to restore stock deliveries

πŸ“– Read

via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
UK retailer The Works blames store closures on POS problems following cyber-attack
Discount chain is working to restore stock deliveries
404 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Why XDR As We Know It Will Fail πŸ•΄

Don't take the XDR hype at face value. Do security due diligence and add a connectivity level for data access across all silos for best response.

πŸ“– Read

via "Dark Reading".
Dark Reading
Why XDR As We Know It Will Fail
Don't take the XDR hype at face value. Do security due diligence and add a connectivity level for data access across all silos for best response.
390 views