🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-45471 ‼

In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address

📖 Read

via "National Vulnerability Database".
325 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Palo Alto Networks Focuses on Secure Coding with $195M Cider Deal 🕴

PAN plans to add Cider's CI/CD security platform to its Prisma Cloud suite of AppSec tools.

📖 Read

via "Dark Reading".
Dark Reading
Palo Alto Networks Focuses on Secure Coding with $195M Cider Deal
PAN plans to add Cider's CI/CD security platform to its Prisma Cloud suite of AppSec tools.
331 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Secure Offboarding in the Spotlight as Tech Layoffs Mount 🕴

A secure-by-design culture is needed to develop a comprehensive offboarding and identity management strategy that limits potential for broader compromise in case of unauthorized access.

📖 Read

via "Dark Reading".
Dark Reading
Secure Offboarding in the Spotlight as Tech Layoffs Mount
A secure-by-design culture is needed to develop a comprehensive offboarding and identity management strategy that limits potential for broader compromise in case of unauthorized access.
328 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-45474 ‼

drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request.

📖 Read

via "National Vulnerability Database".
258 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-45473 ‼

In drachtio-server 0.8.18, /var/log/drachtio has mode 0777 and drachtio.log has mode 0666.

📖 Read

via "National Vulnerability Database".
261 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44378 ‼

Automotive Shop Management System v1.0 is vulnerable to SQL via /asms/classes/Master.php?f=delete_mechanic.

📖 Read

via "National Vulnerability Database".
263 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44204 ‼

D-Link DIR3060 DIR3060A1_FW111B04.bin is vulnerable to Buffer Overflow.

📖 Read

via "National Vulnerability Database".
261 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44379 ‼

Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/classes/Master.php?f=delete_service.

📖 Read

via "National Vulnerability Database".
270 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Amid Legal Fallout, Cyber Insurers Redefine State-Sponsored Attacks as Act of War 🕴

As carriers rewrite their act-of-war exclusions following the NotPetya settlement between Mondelez and Zurich, organizations should read their cyber insurance policies carefully to see what is still covered.

📖 Read

via "Dark Reading".
Dark Reading
Amid Legal Fallout, Cyber Insurers Redefine State-Sponsored Attacks as Act of War
As carriers rewrite their act-of-war exclusions following the NotPetya settlement between Mondelez and Zurich, organizations should read their cyber insurance policies carefully to see what is still covered.
308 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Australia's Hack-Back Plan Against Cyberattackers Raises Familiar Concerns 🕴

How far can its government — or any government or private company — go to proactively disrupt cyber threats without causing collateral damage?

📖 Read

via "Dark Reading".
Dark Reading
Australia's Hack-Back Plan Against Cyberattackers Raises Familiar Concerns
How far can its government — or any government or private company — go to proactively disrupt cyber threats without causing collateral damage?
277 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 DEV-0569 Ransomware Group Remarkably Innovative, Microsoft Cautions 🕴

Although consistently reliant on good old phishing to deliver Royal ransomware, researchers say DEV-0569 regularly uses new and creative discovery techniques to lure in new victims.

📖 Read

via "Dark Reading".
Dark Reading
DEV-0569 Ransomware Group Remarkably Innovative, Microsoft Cautions
Although the group relies on good old phishing to deliver Royal ransomware, researchers say DEV-0569 regularly uses new and creative discovery techniques to lure victims.
270 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41652 ‼

Bypass vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress.

📖 Read

via "National Vulnerability Database".
198 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-40686 ‼

Cross-Site Request Forgery (CSRF) vulnerability in Creative Mail plugin <= 1.5.4 on WordPress.

📖 Read

via "National Vulnerability Database".
198 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44820 ‼

Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/?page=transactions/manage_transaction&id=.

📖 Read

via "National Vulnerability Database".
189 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44415 ‼

Automotive Shop Management System v1.0 is vulnerable to SQL Injection via /asms/admin/mechanics/view_mechanic.php?id=.

📖 Read

via "National Vulnerability Database".
175 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-38974 ‼

Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with subscriber or higher user roles to change the status of the translation jobs.

📖 Read

via "National Vulnerability Database".
178 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41805 ‼

Cross-Site Request Forgery (CSRF) vulnerability in Booster for WooCommerce plugin <= 5.6.6 on WordPress.

📖 Read

via "National Vulnerability Database".
173 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-38075 ‼

Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Mantenimiento web plugin <= 0.13 on WordPress.

📖 Read

via "National Vulnerability Database".
167 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41840 ‼

Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress.

📖 Read

via "National Vulnerability Database".
170 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-40687 ‼

Cross-Site Request Forgery (CSRF) vulnerability in Creative Mail plugin <= 1.5.4 on WordPress.

📖 Read

via "National Vulnerability Database".
169 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41692 ‼

Missing Authorization vulnerability in Appointment Hour Booking plugin <= 1.3.71 on WordPress.

📖 Read

via "National Vulnerability Database".
166 views