πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.9K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.9K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-9809

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure.

πŸ“– Read

via "National Vulnerability Database".
41 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-6514 (wordpress)

WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the "author_name":" substring.

πŸ“– Read

via "National Vulnerability Database".
43 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Data Asset Management: What Do You Really Need? πŸ•΄

At Interop, a cybersecurity and privacy leader explains her approach to data management and governance at a massive, decentralized company.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
Data Asset Management: What Do You Really Need?
At Interop, a cybersecurity and privacy leader explains her approach to data management and governance at a massive, decentralized company.
41 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ New Software Skims Credit Card Info From Online Credit Card Transactions πŸ•΄

The new exploit builds a fake frame around legitimate portions of an online commerce website.

πŸ“– Read

via "Dark Reading: ".
Darkreading
New Software Skims Credit Card Info From Online Credit Card Transactions
The new exploit builds a fake frame around legitimate portions of an online commerce website.
37 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-9808

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).

πŸ“– Read

via "National Vulnerability Database".
33 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-8777

Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization.

πŸ“– Read

via "National Vulnerability Database".
31 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-8341

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.

πŸ“– Read

via "National Vulnerability Database".
31 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-8340

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.

πŸ“– Read

via "National Vulnerability Database".
32 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-6912

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.

πŸ“– Read

via "National Vulnerability Database".
35 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-5984

In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read.

πŸ“– Read

via "National Vulnerability Database".
35 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-5871

Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote).

πŸ“– Read

via "National Vulnerability Database".
36 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-5864

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).

πŸ“– Read

via "National Vulnerability Database".
39 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2017-5863

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.

πŸ“– Read

via "National Vulnerability Database".
46 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Alphabet's Chronicle Explores Code-Signing Abuse in the Wild πŸ•΄

A new analysis highlights the prevalence of malware signed by certificate authorities and the problems with trust-based security.

πŸ“– Read

via "Dark Reading: ".
Darkreading
Alphabet's Chronicle Explores Code-Signing Abuse in the Wild
A new analysis highlights the prevalence of malware signed by certificate authorities and the problems with trust-based security.
50 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ The city of Baltimore is being held hostage by ransomware ⚠

The mayor said noβ€”for nowβ€”to paying 13 Bitcoins to (purportedly) unlock all seized systems. Manual rebuilding could take months.

πŸ“– Read

via "Naked Security".
Naked Security
The city of Baltimore is being held hostage by ransomware
The mayor said noβ€”for nowβ€”to paying 13 Bitcoins to (purportedly) unlock all seized systems. Manual rebuilding could take months.
50 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Mozilla fixes bugs, improves privacy in latest Firefox release ⚠

Mozilla rolled out version 67 of its Firefox browser this week, fixing some security bugs and introducing a host of privacy features.

πŸ“– Read

via "Naked Security".
Naked Security
Mozilla fixes bugs, improves privacy in latest Firefox release
Mozilla rolled out version 67 of its Firefox browser this week, fixing some security bugs and introducing a host of privacy features.
48 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Tor Browser for Android 8.5 offers mobile users privacy boost ⚠

After nine months of alpha testing, a stable release of the Tor browser for Android can now be downloaded from Google’s Play store or direct from the Project’s website.

πŸ“– Read

via "Naked Security".
Naked Security
Tor Browser for Android 8.5 offers mobile users privacy boost
After nine months of alpha testing, a stable release of the Tor browser for Android can now be downloaded from Google’s Play store or direct from the Project’s website.
47 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Google stored some passwords in plain text for 14 years ⚠

Nobody got at the subset of G Suite passwords, Google said, apologizing and saying that it's working to ensure this is an isolated incident.

πŸ“– Read

via "Naked Security".
Naked Security
Google stored some passwords in plaintext for 14 years
Nobody got at the subset of G Suite passwords, Google said, apologizing and saying that it’s working to ensure this is an isolated incident.
44 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Soaring Cryptocurrency Prices Draw Malicious New Onslaught of Apps, Malware ❌

As Bitcoin prices surge, so too are malicious apps, malware-ridden scams and cryptojacking attacks looking to profit from the cryptocurrency industry.

πŸ“– Read

via "Threatpost".
Threat Post
Soaring Cryptocurrency Prices Draw Malicious New Onslaught of Apps, Malware
As Bitcoin prices surge, so too are malicious apps, malware-ridden scams and cryptojacking attacks looking to profit from the cryptocurrency industry.
44 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Incident Response: 3 Easy Traps & How to Avoid Them πŸ•΄

Sage legal advice about navigating a data breach from a troubleshooting cybersecurity outside counsel.

πŸ“– Read

via "Dark Reading: ".
Darkreading
Incident Response: 3 Easy Traps & How to Avoid Them
Sage legal advice about navigating a data breach from a troubleshooting cybersecurity outside counsel.
41 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ SandboxEscaper Drops Three More Windows Exploits, IE Zero-Day ❌

As promised, developer SandboxEscaper has dropped exploit code for four more bugs, on the heels of releasing a Windows zero-day yesterday.

πŸ“– Read

via "Threatpost".
Threat Post
SandboxEscaper Drops Three More Windows Exploits, IE Zero-Day
As promised, developer SandboxEscaper has dropped exploit code for four more bugs, on the heels of releasing a Windows zero day yesterday.
40 views