βΌ CVE-2020-19914 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) in xiunobbs 4.0.4 allows remote attackers to execute arbitrary web script or HTML via the attachment upload function.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38247 βΌ
π Read
via "National Vulnerability Database".
Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel.π Read
via "National Vulnerability Database".
π1
π’ Signal hires former Google manager Meredith Whittaker as first president π’
π Read
via "ITPro".
An outspoken critic of the dangers of AI, Whittaker promises to keep Signal users out of tech giants' "surveillant gaze"π Read
via "ITPro".
IT PRO
Signal hires former Google manager Meredith Whittaker as first president | IT PRO
An outspoken critic of the dangers of AI, Whittaker promises to keep Signal users out of tech giants' "surveillant gaze"
π1
π’ German firms beef up cyber security to stay ahead of new threats π’
π Read
via "ITPro".
Ongoing Russia-Ukraine war increased digitisation, and disruptions from COVID-19 call for advanced security tools and servicesπ Read
via "ITPro".
IT PRO
German firms beef up cyber security to stay ahead of new threats | IT PRO
Ongoing Russia-Ukraine war increased digitisation, and disruptions from COVID-19 call for advanced security tools and services
π’ Sophos: Retail organisations pay significantly less in ransomware attacks π’
π Read
via "ITPro".
It's a game of volume in retail since despite being the second-most targeted industry, the average payment per case is well below the industry averageπ Read
via "ITPro".
IT PRO
Sophos: Retail organisations pay significantly less in ransomware attacks | IT PRO
It's a game of volume in retail since despite being the second-most targeted industry, the average payment per case is well below the industry average
π’ Second-largest US school district falls to ransomware attack π’
π Read
via "ITPro".
Los Angeles Unified School District detected βunusual activityβ across its IT systems over the weekendπ Read
via "ITPro".
IT PRO
Second-largest US school district falls to ransomware attack | IT PRO
Los Angeles Unified School District detected βunusual activityβ across its IT systems over the weekend
π’ Japan investigates potential Russian Killnet cyber attacks π’
π Read
via "ITPro".
The hacker group has said itβs revolting against the countryβs militarism and that itβs βkicking the samuraiβπ Read
via "ITPro".
IT PRO
Japan investigates potential Russian Killnet cyber attacks | IT PRO
The hacker group has said itβs revolting against the countryβs militarism and that itβs βkicking the samuraiβ
π’ Instagram slapped with β¬405 million GDPR fine over breaches π’
π Read
via "ITPro".
The social media platform becomes the third Meta-owned company to be hit with privacy penaltyπ Read
via "ITPro".
IT PRO
Instagram slapped with β¬405 million GDPR fine over breaches | IT PRO
The social media platform becomes the third Meta-owned company to be hit with privacy penalty
π’ TikTok refutes allegations of a massive security breach π’
π Read
via "ITPro".
The alleged hack compromised account details of over two billion TikTok usersπ Read
via "ITPro".
IT PRO
TikTok refutes allegations of a massive security breach | IT PRO
The alleged hack compromised account details of over two billion TikTok users
π’ InterContinental Hotels Group confirms cyber attack, experts suggest ransomware π’
π Read
via "ITPro".
Customers had been reporting issues with reservations for days and security experts have sparked discussions of a more serious incidentπ Read
via "ITPro".
IT PRO
InterContinental Hotels Group confirms cyber attack, experts suggest ransomware | IT PRO
Customers had been reporting issues with reservations for days and security experts have sparked discussions of a more serious incident
π’ 'Potentially unsecured' SMBs are propping up an IT supply chain riddled with ransomware π’
π Read
via "ITPro".
More than half of IT supply chains have been impacted by ransomware attacks in recent years and organisations are failing to implement the necessary steps to prevent future damageπ Read
via "ITPro".
IT PRO
'Potentially unsecured' SMBs are propping up an IT supply chain riddled with ransomware | IT PRO
More than half of IT supply chains have been impacted by ransomware attacks in recent years and organisations are failing to implement the necessary steps to prevent future damage
π’ Exclusive Networks hires Paul Eccleston as new UK&I managing director π’
π Read
via "ITPro".
The experienced business leader will look to drive the cyber security specialistβs next phase of growthπ Read
via "ITPro".
IT PRO
Exclusive Networks hires Paul Eccleston as new UK&I Managing Director | IT PRO
Experienced business leader will look to drive the cybersecurity specialistβs next phase of growth
π’ Bus and rail operator Go-Ahead Group confirms "cyber security incident" π’
π Read
via "ITPro".
The public transport giant has been tight-lipped on the nature of the supposed attack but has tasked IBM with helping it recoverπ Read
via "ITPro".
IT PRO
Bus and rail operator Go-Ahead Group confirms "cyber security incident" | IT PRO
The public transport giant has been tight-lipped on the nature of the supposed attack but has tasked IBM with helping it recover
π’ QNAP fixes zero-day vulnerability following Deadbolt ransomware attack π’
π Read
via "ITPro".
The occurrence of the attack is the fourth in this year's Deadbolt attack seriesπ Read
via "ITPro".
ITPro
QNAP fixes zero-day vulnerability following Deadbolt ransomware attack
The occurrence of the attack is the fourth in this year's Deadbolt attack series
π’ Samsung confirms it was hit by a data breach π’
π Read
via "ITPro".
The security incident exposed customersβ personally identifiable informationπ Read
via "ITPro".
IT PRO
Samsung confirms it was hit by a data breach | IT PRO
The security incident exposed customersβ personally identifiable information
π€―2π±1
βΌ CVE-2022-25914 βΌ
π Read
via "National Vulnerability Database".
The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution (RCE) via the isDockerInstalled function, due to attempting to execute input.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38394 βΌ
π Read
via "National Vulnerability Database".
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions prior to Ver.3.3.7 allows a remote unauthenticated attacker to execute an arbitrary OS command.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25897 βΌ
π Read
via "National Vulnerability Database".
The package org.eclipse.milo:sdk-server before 0.6.8 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28220 βΌ
π Read
via "National Vulnerability Database".
Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38400 βΌ
π Read
via "National Vulnerability Database".
Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated attacker to obtain the user input data by having a use of the product to access a specially crafted URL.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38399 βΌ
π Read
via "National Vulnerability Database".
Missing protection mechanism for alternate hardware interface in SmaCam CS-QR10 all versions and SmaCam Night Vision CS-QR20 all versions allows an attacker to execute an arbitrary OS command by having the product connect to the product's specific serial connectionπ Read
via "National Vulnerability Database".