πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-2468 β€Ό

Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. (Chromium security severity: Low)

πŸ“– Read

via "National Vulnerability Database".
362 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-2461 β€Ό

Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)

πŸ“– Read

via "National Vulnerability Database".
391 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-2465 β€Ό

Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

πŸ“– Read

via "National Vulnerability Database".
447 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ Bolstering cyber security with the right channel partnerships πŸ“’

Organizations must draw on the expertise of their channel partners to support in-house security operations

πŸ“– Read

via "ITPro".
channelpro
Bolstering cyber security with the right channel partnerships
Organizations must draw on the expertise of their channel partners to support in-house security operations
406 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ WatchGuard Firebox T85-PoE review: Big security in small spaces πŸ“’

A table-top appliance offering tough security measures for SMBs and remote offices at a great price

πŸ“– Read

via "ITPro".
ITPro
WatchGuard Firebox T85-PoE review: Big security in small spaces
A table-top appliance offering tough security measures for SMBs and remote offices at a great price
381 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-23790 β€Ό

Cross-Site Request Forgery (CSRF) vulnerability in Pods Framework Team Pods Γ’β‚¬β€œ Custom Content Types and Fields plugin <=Γ‚ 2.9.10.2 versions.

πŸ“– Read

via "National Vulnerability Database".
300 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25786 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Thom Stark Eyes Only: User Access Shortcode plugin <=Γ‚ 1.8.2 versions.

πŸ“– Read

via "National Vulnerability Database".
284 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25787 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wbolt team WP?????? plugin <=Γ‚ 1.3.9 versions.

πŸ“– Read

via "National Vulnerability Database".
272 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-30995 β€Ό

Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.

πŸ“– Read

via "National Vulnerability Database".
249 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25789 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tapfiliate plugin <=Γ‚ 3.0.12 versions.

πŸ“– Read

via "National Vulnerability Database".
229 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-3405 β€Ό

Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.

πŸ“– Read

via "National Vulnerability Database".
236 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25783 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Moss FireCask Like & Share Button plugin <=Γ‚ 1.1.5 versions.

πŸ“– Read

via "National Vulnerability Database".
πŸ‘1
250 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25792 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XiaoMac WP Open Social plugin <=Γ‚ 5.0 versions.

πŸ“– Read

via "National Vulnerability Database".
250 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25784 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bon Plan Gratos Sticky Ad Bar pluginΓ‚ <= 1.3.1 versions.

πŸ“– Read

via "National Vulnerability Database".
253 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25797 β€Ό

Auth. Stored Cross-Site Scripting (XSS) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <=Γ‚ 4.1.2 versions.

πŸ“– Read

via "National Vulnerability Database".
282 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Palo Alto Networks Unveils New Cloud Firewall for Azure πŸ•΄

The next-generation cloud firewall is a fully managed Azure-native ISV service.

πŸ“– Read

via "Dark Reading".
Dark Reading
Palo Alto Networks Unveils New Cloud Firewall for Azure
The next-generation cloud firewall is a fully managed Azure-native ISV service.
305 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Hotels at Risk From Bug in Oracle Property Management Software πŸ•΄

Oracle's characterization of the vulnerability in its Opera software as complex and hard to exploit is incorrect, researchers who found the flaw and reported it say.

πŸ“– Read

via "Dark Reading".
Dark Reading
Hotels at Risk From Bug in Oracle Property Management Software
Oracle's characterization of the vulnerability in its Opera software as complex and hard to exploit is incorrect, researchers who found the flaw and reported it say.
318 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Meta Expunges Multiple APT, Cybercrime Groups from Facebook, Instagram πŸ•΄

The company has removed three APTs and six potentially criminal networks from its platforms who leveraged elaborate campaigns of fake personas and profiles to lure and compromise users.

πŸ“– Read

via "Dark Reading".
Dark Reading
Meta Expunges Multiple APT, Cybercrime Groups From Facebook, Instagram
The company has removed three APTs and six potentially criminal networks from its platforms who leveraged elaborate campaigns of fake personas and profiles to lure and compromise users.
296 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Legitimate Software Abuse: A Disturbing Trend in Ransomware Attacks πŸ•΄

Build a culture of security so that everyone is on the lookout for suspect behavior. Implement least privilege, improve visibility.

πŸ“– Read

via "Dark Reading".
Dark Reading
Legitimate Software Abuse: A Disturbing Trend in Ransomware Attacks
Build a culture of security so that everyone is on the lookout for suspect behavior. Implement least privilege, improve visibility.
246 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-40302 β€Ό

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case.

πŸ“– Read

via "National Vulnerability Database".
212 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-22713 β€Ό

Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in WordPress Download Manager Gutenberg Blocks by WordPress Download Manager plugin <=Γ‚ 2.1.8 versions.

πŸ“– Read

via "National Vulnerability Database".
199 views