π’ Security BSides commits to greater conference diversity after speaker backlash π’
π Read
via "ITPro".
A surprise booking of a divisive social engineer prompted a number of cyber security experts to pull out of BSides Clevelandπ Read
via "ITPro".
IT PRO
Security BSides commits to greater conference diversity after speaker backlash | IT PRO
A surprise booking of a divisive social engineer prompted a number of cyber security experts to pull out of BSides Cleveland
π’ Cloudflare fixes outage that knocked major web services offline π’
π Read
via "ITPro".
Online services such as Nord VPN, Shopify, and Steam were all inaccessible by users in most regionsπ Read
via "ITPro".
IT PRO
Cloudflare fixes outage that knocked major web services offline | IT PRO
Online services such as Nord VPN, Shopify, and Steam were all inaccessible by users in most regions
π’ How to react to a data breach π’
π Read
via "ITPro".
Would you know what to do if an online attacker got their hands on your data? We outline the first steps you should take following a security breachπ Read
via "ITPro".
ITPro
Data breach response: How to react when your business gets hit
Every business should have a data breach response plan, but when building one it can be difficult to know where to start
π’ IT Pro News in Review: UK tech raises $16bn, Microsoft acquires Miburo, largest DDoS attack mitigated π’
π Read
via "ITPro".
Catch up on the biggest headlines of the week in just two minutesπ Read
via "ITPro".
ITPro
IT Pro News in Review: UK tech raises $16bn, Microsoft acquires Miburo, largest DDoS attack mitigated
Catch up on the biggest headlines of the week in just two minutes
π’ SolarWinds details 'next generation' software development process π’
π Read
via "ITPro".
The open source approach, which will be shared with the wider community, is a direct response to the SUNBURST cyber attack in 2020π Read
via "ITPro".
IT PRO
SolarWinds details 'next generation' software development process | IT PRO
The open source approach, which will be shared with the wider community, is a direct response to the SUNBURST cyber attack in 2020
π’ Avira Free Security review: An effective antimalware suite, but heavy on the marketing π’
π Read
via "ITPro".
Itβs hard to fully appreciate Aviraβs malware protection when the packaging feels so manipulativeπ Read
via "ITPro".
IT PRO
Avira Free Security review: An effective antimalware suite, but heavy on the marketing | IT PRO
Itβs hard to fully appreciate Aviraβs malware protection when the packaging feels so manipulative
π’ BRATA malware has evolved to target online banking across Europe, researchers warn π’
π Read
via "ITPro".
The new variant can now access SMS, GPS, and device control to better steal financial dataπ Read
via "ITPro".
IT PRO
BRATA malware has evolved to target online banking across Europe, researchers warn | IT PRO
The new variant can now access SMS, GPS, and device control to better steal financial data
π’ Okta sets aside $1 million to support cyber security training for non-profits π’
π Read
via "ITPro".
One of the projects receiving a grant will help civil society organisations in Ukraine to strengthen their cyber securityπ Read
via "ITPro".
IT PRO
Okta sets aside $1 million to support cyber security training for non-profits | IT PRO
One of the projects receiving a grant will help civil society organisations in Ukraine to strengthen their cyber security
π’ Quantum is 'the future of AWS system security', Amazon claims π’
π Read
via "ITPro".
With third major quantum investment, AWS sets stage for next decade of network infrastructureπ Read
via "ITPro".
IT PRO
Quantum is 'the future of AWS system security', Amazon claims | IT PRO
With third major quantum investment, AWS sets stage for next decade of network infrastructure
π’ How secure is Gmail? π’
π Read
via "ITPro".
The practical steps you should take to secure your Gmail account, from implementing 2FA to performing regular checkupsπ Read
via "ITPro".
IT PRO
How secure is Gmail? | IT PRO
The practical steps you should take to secure your Gmail account, from implementing 2FA to performing regular checkups
βΌ CVE-2020-27509 βΌ
π Read
via "National Vulnerability Database".
Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a specially crafted XSS payload in the 'subject' field. The payload executes when the recipient logs into their mailbox.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34495 βΌ
π Read
via "National Vulnerability Database".
rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34494 βΌ
π Read
via "National Vulnerability Database".
rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.π Read
via "National Vulnerability Database".
βΌ CVE-2020-9754 βΌ
π Read
via "National Vulnerability Database".
NAVER Whale browser mobile app before 1.10.6.2 allows the attacker to bypass its browser unlock function via incognito mode.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33202 βΌ
π Read
via "National Vulnerability Database".
Authentication bypass vulnerability in the setup screen of L2Blocker(on-premise) Ver4.8.5 and earlier and L2Blocker(Cloud) Ver4.8.5 and earlier allows an adjacent attacker to perform an unauthorized login and obtain the stored information or cause a malfunction of the device by using alternative paths or channels for Sensor.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-33146 βΌ
π Read
via "National Vulnerability Database".
Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1846 βΌ
π Read
via "National Vulnerability Database".
The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attackπ Read
via "National Vulnerability Database".
βΌ CVE-2022-1573 βΌ
π Read
via "National Vulnerability Database".
The HTML2WP WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change themπ Read
via "National Vulnerability Database".
βΌ CVE-2022-1095 βΌ
π Read
via "National Vulnerability Database".
The Mihdan: No External Links WordPress plugin through 4.8.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)π Read
via "National Vulnerability Database".
βΌ CVE-2022-1572 βΌ
π Read
via "National Vulnerability Database".
The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary fileπ Read
via "National Vulnerability Database".
βΌ CVE-2022-0722 βΌ
π Read
via "National Vulnerability Database".
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0.π Read
via "National Vulnerability Database".