πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.9K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.9K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ” Lithuanian DPA Hopes First GDPR Fine Is A Wake Up Call πŸ”

It took a year but Lithuania's data protection authority issued its first fine, to a fintech company, for breaching three provisions of the GDPR.

πŸ“– Read

via "Subscriber Blog RSS Feed ".
Digital Guardian
Lithuanian DPA Hopes First GDPR Fine Is A Wake Up Call
It took a year but Lithuania's data protection authority issued its first fine, to a fintech company, for breaching three provisions of the GDPR.
47 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ WannaCry-Infested Laptop Starts at $1.13M in Art Auction ❌

The "bestiary" houses six historical threats that combined resulted in at least $95B in damages worldwide.

πŸ“– Read

via "Threatpost".
Threat Post
WannaCry-Infested Laptop Starts at $1.13M in Art Auction
The "bestiary" houses six historical threats that combined resulted in at least $95B in damages worldwide.
43 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2018-7202

An issue was discovered in ProjectSend before r1053. XSS exists in the "Name" field on the My Account page.

πŸ“– Read

via "National Vulnerability Database".
39 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2018-14729

The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code.

πŸ“– Read

via "National Vulnerability Database".
40 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2018-12886

stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.

πŸ“– Read

via "National Vulnerability Database".
39 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-9809

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure.

πŸ“– Read

via "National Vulnerability Database".
41 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-6514 (wordpress)

WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the "author_name":" substring.

πŸ“– Read

via "National Vulnerability Database".
43 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Data Asset Management: What Do You Really Need? πŸ•΄

At Interop, a cybersecurity and privacy leader explains her approach to data management and governance at a massive, decentralized company.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
Data Asset Management: What Do You Really Need?
At Interop, a cybersecurity and privacy leader explains her approach to data management and governance at a massive, decentralized company.
41 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ New Software Skims Credit Card Info From Online Credit Card Transactions πŸ•΄

The new exploit builds a fake frame around legitimate portions of an online commerce website.

πŸ“– Read

via "Dark Reading: ".
Darkreading
New Software Skims Credit Card Info From Online Credit Card Transactions
The new exploit builds a fake frame around legitimate portions of an online commerce website.
37 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-9808

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).

πŸ“– Read

via "National Vulnerability Database".
33 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-8777

Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization.

πŸ“– Read

via "National Vulnerability Database".
31 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-8341

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.

πŸ“– Read

via "National Vulnerability Database".
31 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-8340

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.

πŸ“– Read

via "National Vulnerability Database".
32 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-6912

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.

πŸ“– Read

via "National Vulnerability Database".
35 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-5984

In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read.

πŸ“– Read

via "National Vulnerability Database".
35 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-5871

Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote).

πŸ“– Read

via "National Vulnerability Database".
36 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-5864

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).

πŸ“– Read

via "National Vulnerability Database".
39 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-5863

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.

πŸ“– Read

via "National Vulnerability Database".
46 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Alphabet's Chronicle Explores Code-Signing Abuse in the Wild πŸ•΄

A new analysis highlights the prevalence of malware signed by certificate authorities and the problems with trust-based security.

πŸ“– Read

via "Dark Reading: ".
Darkreading
Alphabet's Chronicle Explores Code-Signing Abuse in the Wild
A new analysis highlights the prevalence of malware signed by certificate authorities and the problems with trust-based security.
50 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ The city of Baltimore is being held hostage by ransomware ⚠

The mayor said noβ€”for nowβ€”to paying 13 Bitcoins to (purportedly) unlock all seized systems. Manual rebuilding could take months.

πŸ“– Read

via "Naked Security".
Naked Security
The city of Baltimore is being held hostage by ransomware
The mayor said noβ€”for nowβ€”to paying 13 Bitcoins to (purportedly) unlock all seized systems. Manual rebuilding could take months.
50 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Mozilla fixes bugs, improves privacy in latest Firefox release ⚠

Mozilla rolled out version 67 of its Firefox browser this week, fixing some security bugs and introducing a host of privacy features.

πŸ“– Read

via "Naked Security".
Naked Security
Mozilla fixes bugs, improves privacy in latest Firefox release
Mozilla rolled out version 67 of its Firefox browser this week, fixing some security bugs and introducing a host of privacy features.
48 views