🛡 Cybersecurity & Privacy 🛡 - News

♟️ “Downthem” DDoS-for-Hire Boss Gets 2 Years in Prison ♟️

A 33-year-old Illinois man was sentenced to two years in prison today following his conviction last year for operating services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against hundreds of thousands of Internet users and websites.

📖 Read

via "Krebs on Security".

Krebsonsecurity

“Downthem” DDoS-for-Hire Boss Gets 2 Years in Prison

A 33-year-old Illinois man was sentenced to two years in prison today following his conviction last year for operating services that allowed paying customers to launch powerful distributed denial-of-service (DDoS) attacks against hundreds of thousands of…

345 views00:38

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-31447 ‼

An XML external entity (XXE) injection vulnerability in Magicpin v3.4 allows attackers to access sensitive database information via a crafted SVG file.

📖 Read

via "National Vulnerability Database".

360 views05:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-31446 ‼

Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.

📖 Read

via "National Vulnerability Database".

366 views05:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-31415 ‼

Online Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the GET parameter in /report/list.php.

📖 Read

via "National Vulnerability Database".

384 views05:18

🛡 Cybersecurity & Privacy 🛡 - News

❌ Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach ❌

Attackers gained access to private account details through an email compromise incident that occurred in April.

📖 Read

via "Threat Post".

Threat Post

Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach

Attackers gained access to private account details through an email compromise incident that occurred in April.

439 views11:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-30345 ‼

RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

📖 Read

via "National Vulnerability Database".

266 views12:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-30350 ‼

Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

📖 Read

via "National Vulnerability Database".

229 views12:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-30281 ‼

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

📖 Read

via "National Vulnerability Database".

188 views12:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-30340 ‼

Reachable assertion due to improper validation of coreset in PDCCH configuration in SA mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

📖 Read

via "National Vulnerability Database".

165 views12:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-35098 ‼

Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

📖 Read

via "National Vulnerability Database".

155 views12:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-32254 ‼

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file, exposing sensitive user information that could provide valuable guidance to an attacker.

📖 Read

via "National Vulnerability Database".

151 views12:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-35076 ‼

Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

📖 Read

via "National Vulnerability Database".

140 views12:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-35102 ‼

Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

📖 Read

via "National Vulnerability Database".

141 views12:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-32258 ‼

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains an older feature that allows to import device configurations via a specific endpoint. An attacker could use this vulnerability for information disclosure.

📖 Read

via "National Vulnerability Database".

137 views12:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-35079 ‼

Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

📖 Read

via "National Vulnerability Database".

131 views12:18

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-35100 ‼

Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

📖 Read

via "National Vulnerability Database".

129 views12:19

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-32259 ‼

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with test configuration.

📖 Read

via "National Vulnerability Database".

119 views12:19

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-32261 ‼

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add insecure packages to the application.

📖 Read

via "National Vulnerability Database".

116 views12:19

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-35085 ‼

Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

📖 Read

via "National Vulnerability Database".

108 views12:19

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-30341 ‼

Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

📖 Read

via "National Vulnerability Database".

111 views12:19

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-32260 ‼

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios.

📖 Read

via "National Vulnerability Database".

111 views12:19

About

Blog

Apps

Platform