πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ WatchGuard Firebox T85-PoE review: Big security in small spaces πŸ“’

A table-top appliance offering tough security measures for SMBs and remote offices at a great price

πŸ“– Read

via "ITPro".
ITPro
WatchGuard Firebox T85-PoE review: Big security in small spaces
A table-top appliance offering tough security measures for SMBs and remote offices at a great price
381 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-23790 β€Ό

Cross-Site Request Forgery (CSRF) vulnerability in Pods Framework Team Pods Γ’β‚¬β€œ Custom Content Types and Fields plugin <=Γ‚ 2.9.10.2 versions.

πŸ“– Read

via "National Vulnerability Database".
300 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25786 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Thom Stark Eyes Only: User Access Shortcode plugin <=Γ‚ 1.8.2 versions.

πŸ“– Read

via "National Vulnerability Database".
284 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25787 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wbolt team WP?????? plugin <=Γ‚ 1.3.9 versions.

πŸ“– Read

via "National Vulnerability Database".
272 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-30995 β€Ό

Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.

πŸ“– Read

via "National Vulnerability Database".
249 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25789 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tapfiliate plugin <=Γ‚ 3.0.12 versions.

πŸ“– Read

via "National Vulnerability Database".
229 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-3405 β€Ό

Code execution and sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 29486, Acronis Cyber Backup 12.5 (Windows, Linux) before build 16545.

πŸ“– Read

via "National Vulnerability Database".
236 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25783 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Moss FireCask Like & Share Button plugin <=Γ‚ 1.1.5 versions.

πŸ“– Read

via "National Vulnerability Database".
πŸ‘1
250 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25792 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XiaoMac WP Open Social plugin <=Γ‚ 5.0 versions.

πŸ“– Read

via "National Vulnerability Database".
250 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25784 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bon Plan Gratos Sticky Ad Bar pluginΓ‚ <= 1.3.1 versions.

πŸ“– Read

via "National Vulnerability Database".
253 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25797 β€Ό

Auth. Stored Cross-Site Scripting (XSS) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <=Γ‚ 4.1.2 versions.

πŸ“– Read

via "National Vulnerability Database".
282 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Palo Alto Networks Unveils New Cloud Firewall for Azure πŸ•΄

The next-generation cloud firewall is a fully managed Azure-native ISV service.

πŸ“– Read

via "Dark Reading".
Dark Reading
Palo Alto Networks Unveils New Cloud Firewall for Azure
The next-generation cloud firewall is a fully managed Azure-native ISV service.
305 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Hotels at Risk From Bug in Oracle Property Management Software πŸ•΄

Oracle's characterization of the vulnerability in its Opera software as complex and hard to exploit is incorrect, researchers who found the flaw and reported it say.

πŸ“– Read

via "Dark Reading".
Dark Reading
Hotels at Risk From Bug in Oracle Property Management Software
Oracle's characterization of the vulnerability in its Opera software as complex and hard to exploit is incorrect, researchers who found the flaw and reported it say.
318 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Meta Expunges Multiple APT, Cybercrime Groups from Facebook, Instagram πŸ•΄

The company has removed three APTs and six potentially criminal networks from its platforms who leveraged elaborate campaigns of fake personas and profiles to lure and compromise users.

πŸ“– Read

via "Dark Reading".
Dark Reading
Meta Expunges Multiple APT, Cybercrime Groups From Facebook, Instagram
The company has removed three APTs and six potentially criminal networks from its platforms who leveraged elaborate campaigns of fake personas and profiles to lure and compromise users.
296 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Legitimate Software Abuse: A Disturbing Trend in Ransomware Attacks πŸ•΄

Build a culture of security so that everyone is on the lookout for suspect behavior. Implement least privilege, improve visibility.

πŸ“– Read

via "Dark Reading".
Dark Reading
Legitimate Software Abuse: A Disturbing Trend in Ransomware Attacks
Build a culture of security so that everyone is on the lookout for suspect behavior. Implement least privilege, improve visibility.
246 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-40302 β€Ό

An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case.

πŸ“– Read

via "National Vulnerability Database".
212 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-22713 β€Ό

Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in WordPress Download Manager Gutenberg Blocks by WordPress Download Manager plugin <=Γ‚ 2.1.8 versions.

πŸ“– Read

via "National Vulnerability Database".
199 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-43681 β€Ό

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition.

πŸ“– Read

via "National Vulnerability Database".
201 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-23820 β€Ό

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ProfilePress Membership Team ProfilePress plugin <=Γ‚ 4.5.4 versions.

πŸ“– Read

via "National Vulnerability Database".
192 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25796 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Include WP BaiDu Submit plugin <=Γ‚ 1.2.1 versions.

πŸ“– Read

via "National Vulnerability Database".
194 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25798 β€Ό

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Olevmedia Olevmedia Shortcodes plugin <=Γ‚ 1.1.9 versions.

πŸ“– Read

via "National Vulnerability Database".
197 views