πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ—“οΈ LastPass flags security incident after attackers stole source code, technical information πŸ—“οΈ

Users’ master passwords are safe, thanks to company’s β€˜zero knowledge’ architecture

πŸ“– Read

via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
LastPass flags security incident after attackers stole source code, technical information
Users’ master passwords are safe, thanks to company’s β€˜zero knowledge’ architecture
369 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Capital One Joins Open Source Security Foundation πŸ•΄

OpenSSF welcomes Capital One as a premier member affirming its commitment to strengthening the open source software supply chain.

πŸ“– Read

via "Dark Reading".
Dark Reading
Capital One Joins Open Source Security Foundation
OpenSSF welcomes Capital One as a premier member affirming its commitment to strengthening the open source software supply chain.
324 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Endpoint Protection / Antivirus Products Tested for Malware Protection πŸ•΄

Six out of the eight products achieved an "A" rating or higher for blocking malware attacks. Reports are provided to the community for free.

πŸ“– Read

via "Dark Reading".
Dark Reading
Endpoint Protection / Antivirus Products Tested for Malware Protection
Six out of the eight products achieved an "A" rating or higher for blocking malware attacks. Reports are provided to the community for free.
283 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ—“οΈ Critical command injection vulnerability discovered in Bitbucket Server and Data Center πŸ—“οΈ

Update now to protect against flaw

πŸ“– Read

via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Critical command injection vulnerability discovered in Bitbucket Server and Data Center
Update now to protect against flaw
223 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ 'No-Party' Data Architectures Promise More Control, Better Security πŸ•΄

Consumers gain control of their data while companies build better relationships with their customers β€” but third-party ad-tech firms will likely continue to stand in the way.

πŸ“– Read

via "Dark Reading".
Dark Reading
'No-Party' Data Architectures Promise More Control, Better Security
Consumers gain control of their data while companies build better relationships with their customers β€” but third-party ad-tech firms will likely continue to stand in the way.
208 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ How DevSecOps Empowers Citizen Developers πŸ•΄

DevSecOps can help overcome inheritance mentality, especially in low- and no-code environments.

πŸ“– Read

via "Dark Reading".
Dark Reading
How DevSecOps Empowers Citizen Developers
DevSecOps can help overcome inheritance mentality, especially in low- and no-code environments.
184 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36678 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_category.

πŸ“– Read

via "National Vulnerability Database".
164 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-37152 β€Ό

An issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via "dob" parameter in "/classes/Users.php?f=save_client"

πŸ“– Read

via "National Vulnerability Database".
158 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36680 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_schedule.

πŸ“– Read

via "National Vulnerability Database".
155 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-37151 β€Ό

There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0.

πŸ“– Read

via "National Vulnerability Database".
143 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39393 β€Ό

mm-wiki v0.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the markdown editor.

πŸ“– Read

via "National Vulnerability Database".
146 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36683 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_payment.

πŸ“– Read

via "National Vulnerability Database".
144 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36682 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_student.

πŸ“– Read

via "National Vulnerability Database".
154 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-40285 β€Ό

htmly v2.8.1 was discovered to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php.

πŸ“– Read

via "National Vulnerability Database".
153 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39394 β€Ό

mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add user accounts and modify user information.

πŸ“– Read

via "National Vulnerability Database".
173 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36679 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=user/manage_user.

πŸ“– Read

via "National Vulnerability Database".
218 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36681 β€Ό

Simple Task Scheduling System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_account.

πŸ“– Read

via "National Vulnerability Database".
228 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-37150 β€Ό

An issue was discovered in Online Diagnostic Lab Management System 1.0. There is a stored XSS vulnerability via firstname, address, middlename, lastname , gender, email, contact parameters.

πŸ“– Read

via "National Vulnerability Database".
238 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text] ⚠

Latest episode - listen now! (Or read the transcript if you prefer the text version.)

πŸ“– Read

via "Naked Security".
Naked Security
S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]
Latest episode – listen now! (Or read the transcript if you prefer the text version.)
257 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-36521 β€Ό

Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts.

πŸ“– Read

via "National Vulnerability Database".
220 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Firefox 104 is out – no critical bugs, but update anyway ⚠

Two trust-spoofing bugs were the main culprits this month - but neither one was a zero-day.

πŸ“– Read

via "Naked Security".
Sophos News
Naked Security – Sophos News
215 views