🛡 Cybersecurity & Privacy 🛡 - News

🕴 2 Years After Colonial Pipeline, US Critical Infrastructure Still Not Ready for Ransomware 🕴

Sweeping changes implemented since the May 2021 cyberattack are helping -- but more work remains to be done, security experts say.

📖 Read

via "Dark Reading".

Dark Reading

2 Years After Colonial Pipeline, US Critical Infrastructure Still Not Ready for Ransomware

Sweeping changes implemented since the May 2021 cyberattack are helping — but more work remains to be done, security experts say.

👍1

367 views14:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-30242 ‼

NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin/add_ikev2.php.

📖 Read

via "National Vulnerability Database".

349 views14:24

🛡 Cybersecurity & Privacy 🛡 - News

🕴 New White House AI Initiatives Include AI Software-Vetting Event at DEF CON 🕴

The Biden administration outlined its plans to ensure responsible AI development — cyber-risk is a core element.

📖 Read

via "Dark Reading".

Dark Reading

New White House AI Initiatives Include AI Software-Vetting Event at DEF CON

The Biden administration outlined its plans to ensure responsible AI development — cyber-risk is a core element.

339 views15:50

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-43919 ‼

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354.

📖 Read

via "National Vulnerability Database".

284 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29935 ‼

llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.

📖 Read

via "National Vulnerability Database".

263 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29932 ‼

llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand.

📖 Read

via "National Vulnerability Database".

248 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-22874 ‼

IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216.

📖 Read

via "National Vulnerability Database".

228 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29934 ‼

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().

📖 Read

via "National Vulnerability Database".

210 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-30053 ‼

TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.

📖 Read

via "National Vulnerability Database".

217 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29939 ‼

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).

📖 Read

via "National Vulnerability Database".

215 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29941 ‼

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp.

📖 Read

via "National Vulnerability Database".

217 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29933 ‼

llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.

📖 Read

via "National Vulnerability Database".

220 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-30243 ‼

Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information.

📖 Read

via "National Vulnerability Database".

224 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-30434 ‼

IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187.

📖 Read

via "National Vulnerability Database".

242 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29942 ‼

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.

📖 Read

via "National Vulnerability Database".

245 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-30013 ‼

TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.

📖 Read

via "National Vulnerability Database".

267 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-30054 ‼

TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload.

📖 Read

via "National Vulnerability Database".

277 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-38707 ‼

IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179.

📖 Read

via "National Vulnerability Database".

285 views16:25

🛡 Cybersecurity & Privacy 🛡 - News

⚠ S3 Ep133: Apple takes “tight-lipped” to a whole new level ⚠

Entertaining, educational, and all in plain English 🎧📖

📖 Read

via "Naked Security".

Naked Security

S3 Ep133: Apple takes “tight-lipped” to a whole new level

Entertaining, educational, and all in plain English 🎧📖

318 views16:38

🛡 Cybersecurity & Privacy 🛡 - News

⚠ World Password Day: 2 + 2 = 4 ⚠

We've kept it short and simple, with no sermons, no judgmentalism, no tubthumping... and no BUY NOW buttons. Have a nice day!

📖 Read

via "Naked Security".

Naked Security

World Password Day: 2 + 2 = 4

We’ve kept it short and simple, with no sermons, no judgmentalism, no tubthumping… and no BUY NOW buttons. Have a nice day!

330 views16:38

🛡 Cybersecurity & Privacy 🛡 - News

⚠ PHP Packagist supply chain poisoned by hacker “looking for a job” ⚠

I pwned you! Gizza job! You know it makes sense!

📖 Read

via "Naked Security".

Sophos News

Naked Security – Sophos News

314 views17:15

About

Blog

Apps

Platform