🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Onapsis Announces New Offering to Jumpstart Security for SAP Customers 🕴

Company delivers new vulnerability management offering to help resource-constrained organizations combat increasing attacks on mission-critical SAP applications .

📖 Read

via "Dark Reading".
Darkreading
Onapsis Announces New Offering to Jumpstart Security for SAP Customers
Company delivers new vulnerability management offering to help resource-constrained organizations combat increasing attacks on mission-critical SAP applications .
227 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 5-Buck DCRat Malware Foretells a Worrying Cyber Future 🕴

The Dark Crystal remote access Trojan (aka DCRat) breaks a few stereotypes, with coding done by a solo developer, using an obscure Web language and offering it at a frighteningly low price.

📖 Read

via "Dark Reading".
Darkreading
5-Buck DCRat Malware Foretells a Worrying Cyber Future
The Dark Crystal remote access Trojan (aka DCRat) breaks a few stereotypes, with coding done by a solo developer, using an obscure Web language and offering it at a frighteningly low price.
238 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Arctic Wolf Launches Arctic Wolf Labs Focused on Security Operations Research and Intelligence Reporting 🕴

New research-focused division focused on advancing innovation in the field of security operations.

📖 Read

via "Dark Reading".
Darkreading
Arctic Wolf Launches Arctic Wolf Labs Focused on Security Operations Research and Intelligence Reporting
New research-focused division focused on advancing innovation in the field of security operations.
224 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Cybercriminals Are Increasingly Exploiting Vulnerabilities in Windows Print Spooler 🕴

Kaspersky researchers discovered that cybercriminals made approximately 65,000 attacks between July 2021 and April 2022.

📖 Read

via "Dark Reading".
Darkreading
Cybercriminals Are Increasingly Exploiting Vulnerabilities in Windows Print Spooler
Kaspersky researchers discovered that cybercriminals made approximately 65,000 attacks between July 2021 and April 2022.
194 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-26987 ‼

TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution.

📖 Read

via "National Vulnerability Database".
190 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-28909 ‼

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.

📖 Read

via "National Vulnerability Database".
170 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-28907 ‼

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost.

📖 Read

via "National Vulnerability Database".
160 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-28901 ‼

A command injection vulnerability in the component /SetTriggerLEDBlink/Blink of D-Link DIR882 DIR882A1_FW130B06 allows attackers to escalate privileges to root via a crafted payload.

📖 Read

via "National Vulnerability Database".
145 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29325 ‼

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter.

📖 Read

via "National Vulnerability Database".
134 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-28912 ‼

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW.

📖 Read

via "National Vulnerability Database".
130 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-28913 ‼

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting.

📖 Read

via "National Vulnerability Database".
132 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29329 ‼

D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings.

📖 Read

via "National Vulnerability Database".
127 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29322 ‼

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip.

📖 Read

via "National Vulnerability Database".
127 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-28910 ‼

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName.

📖 Read

via "National Vulnerability Database".
129 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-1397 ‼

API Privilege Escalation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Full system takeover.

📖 Read

via "National Vulnerability Database".
136 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29326 ‼

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter.

📖 Read

via "National Vulnerability Database".
137 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29327 ‼

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel.

📖 Read

via "National Vulnerability Database".
139 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-28906 ‼

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the langtype parameter in /setting/setLanguageCfg.

📖 Read

via "National Vulnerability Database".
140 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-26988 ‼

TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution.

📖 Read

via "National Vulnerability Database".
149 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-28915 ‼

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm.

📖 Read

via "National Vulnerability Database".
156 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29323 ‼

D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment.

📖 Read

via "National Vulnerability Database".
175 views