βΌ CVE-2022-29376 βΌ
π Read
via "National Vulnerability Database".
Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32958 βΌ
π Read
via "National Vulnerability Database".
Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user interface (UI). With access to the web UI an attacker can access assets managed by the SRA installation and could compromise the installation.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30015 βΌ
π Read
via "National Vulnerability Database".
In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/all_users.php like Full Username, etc .This causes stored xss.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-31263 βΌ
π Read
via "National Vulnerability Database".
app/models/user.rb in Mastodon before 3.5.0 allows a bypass of e-mail restrictions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29305 βΌ
π Read
via "National Vulnerability Database".
imgurl v2.31 was discovered to contain a Blind SQL injection vulnerability via /upload/localhost.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29377 βΌ
π Read
via "National Vulnerability Database".
Totolink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a stacker overflow in the fread function at infostat.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via the parameter CONTENT_LENGTH.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0734 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user's browser, such as cookies or session tokens, via a malicious script.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29309 βΌ
π Read
via "National Vulnerability Database".
mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0910 βΌ
π Read
via "National Vulnerability Database".
A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware versions 4.32 through 5.21, that could allow an authenticated attacker to bypass the second authentication phase to connect the IPsec VPN server even though the two-factor authentication (2FA) was enabled.π Read
via "National Vulnerability Database".
π’ SES GS wins US governmentβs TROJAN contract π’
π Read
via "ITPro".
The five-year deal is aimed at fortifying the countryβs cyber security resilienceπ Read
via "ITPro".
IT PRO
SES GS wins US governmentβs TROJAN contract | IT PRO
The five-year deal is aimed at fortifying the countryβs cyber security resilience
π’ What is data and big data mining? An easy guide π’
π Read
via "ITPro".
You have a lot of data, but how do you find the right data to make a business decision?π Read
via "ITPro".
IT Pro
What is data and big data mining? An easy guide
You have a lot of data, but how do you find the right data to make a business decision?
π’ Ethical hackers handed lifeline in controversial US cyber crime review π’
π Read
via "ITPro".
The DoJ's latest ruling is a boon to "good-faith security research" but some argue that white hats are still not protectedπ Read
via "ITPro".
IT PRO
Ethical hackers handed lifeline in controversial US cyber crime review | IT PRO
The DoJ's latest ruling is a boon to "good-faith security research" but some argue that white hats are still not protected
π’ Ministry of Defence pledges resilience to all known vulnerabilities and cyber attack methods by 2030 π’
π Read
via "ITPro".
New MoD cyber security strategy is underpinned by a 'secure by design' approach that will run across the organisationπ Read
via "ITPro".
IT PRO
Ministry of Defence pledges resilience to all known vulnerabilities and cyber attack methods by 2030 | IT PRO
New MoD cyber security strategy is underpinned by a 'secure by design' approach that will run across the organisation
π’ Ransomware group Conti threatens to overthrow Costa Rican government π’
π Read
via "ITPro".
It has urged citizens to go out onto the streets to demand their government pays the ransomware demandπ Read
via "ITPro".
ITPro
Ransomware group Conti threatens to overthrow Costa Rican government
It has urged citizens to go out onto the streets to demand their government pays the ransomware demand
π’ US security agency issues emergency alert over vulnerable VMware products π’
π Read
via "ITPro".
A string of actively exploited critical vulnerabilities across five popular VMware products has been described as an "unacceptable risk" to government systemsπ Read
via "ITPro".
IT PRO
US security agency issues emergency alert over vulnerable VMware products | IT PRO
A string of actively exploited critical vulnerabilities across five popular VMware products has been described as an "unacceptable risk" to government systems
π’ IT admin deletes companyβs databases and is jailed for seven years π’
π Read
via "ITPro".
Forensic experts correlated WiFi connectivity logs and timestamps with internal CCTV footage to confirm their suspicionsπ Read
via "ITPro".
IT PRO
IT admin deletes companyβs databases and is jailed for seven years | IT PRO
Forensic experts correlated WiFi connectivity logs and timestamps with internal CCTV footage to confirm their suspicions
π’ Researchers demonstrate how to install malware on iPhone after it's switched off π’
π Read
via "ITPro".
The most recent iPhones are found to be vulnerable after researchers discover an exploit in a beloved iOS 15 featureπ Read
via "ITPro".
IT PRO
Researchers demonstrate how to install malware on iPhone after it's switched off | IT PRO
The most recent iPhones are found to be vulnerable after researchers discover an exploit in a beloved iOS 15 feature
π’ Palo Alto and Deloitte to deliver managed security services in the US π’
π Read
via "ITPro".
Freshly expanded strategic partnership will deliver threat protection, 5G security, and enable the Zero Trust Enterprise for US businessesπ Read
via "ITPro".
IT PRO
Palo Alto and Deloitte to deliver managed security services in the US | IT PRO
Freshly expanded strategic partnership will deliver threat protection, 5G security, and enable the Zero Trust Enterprise for US businesses
π’ (ISC)2 launches free scheme to get 100,000 UK citizens into cyber security π’
π Read
via "ITPro".
The certification non-profit estimates the UK has around 33,000 cyber security vacancies, with that figure set to rise this yearπ Read
via "ITPro".
IT PRO
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security | IT PRO
The industry body will offer its entry-level cyber security course and exam at no cost for uncertified individuals looking to move into a career in information security
π’ The cookie phase-out might precede an AdTech apocalypse π’
π Read
via "ITPro".
With the industry phasing out third-party cookies, what does this mean for businesses reliant on them to track and improve their campaigns?π Read
via "ITPro".
IT PRO
The cookie phase-out might precede an AdTech apocalypse | IT PRO
With the industry phasing out third-party cookies, what does this mean for businesses reliant on them to track and improve their campaigns?
π’ What is cyber warfare? π’
π Read
via "ITPro".
We explain what cyber warfare is and why you need to pay attention to the threats posedπ Read
via "ITPro".
IT Pro
What is cyber warfare?
We explain what cyber warfare is and why you need to pay attention to the threats posed