🛡 Cybersecurity & Privacy 🛡 - News

⚠ Gozi banking malware “IT chief” finally jailed after more than 10 years ⚠

Gozi threesome from way back in the late 2000s and early 2010s now all charged, convicted and sentenced. The DOJ got there in the end...

📖 Read

via "Naked Security".

Naked Security

Gozi banking malware “IT chief” finally jailed after more than 10 years

Gozi threesome from way back in the late 2000s and early 2010s now all charged, convicted and sentenced. The DOJ got there in the end…

314 views23:15

🛡 Cybersecurity & Privacy 🛡 - News

⚠ Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes ⚠

No zero-days this month, if you ignore the Edge RCE hole patched last week

📖 Read

via "Naked Security".

Sophos News

Naked Security – Sophos News

320 views23:45

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-31142 ‼

Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, if a site has modified their general category permissions, they could be set back to the default. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. A workaround, only if you are modifying the general category permissions, is to use a new category for the same purpose.

📖 Read

via "National Vulnerability Database".

370 views00:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-32301 ‼

Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, multiple duplicate topics could be created if topic embedding is enabled. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. As a workaround, disable topic embedding if it has been enabled.

📖 Read

via "National Vulnerability Database".

383 views00:20

🛡 Cybersecurity & Privacy 🛡 - News

🛠 AIDE 0.18.4 🛠

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

📖 Read

via "Packet Storm Security".

Packetstormsecurity

AIDE 0.18.4 ≈ Packet Storm

Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

👍1

332 views05:23

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29357 ‼

Microsoft SharePoint Server Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".

307 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29364 ‼

Windows Authentication Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".

271 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29366 ‼

Windows Geolocation Service Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

253 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24938 ‼

Windows CryptoAPI Denial of Service Vulnerability

📖 Read

via "National Vulnerability Database".

232 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29353 ‼

Sysinternals Process Monitor for Windows Denial of Service Vulnerability

📖 Read

via "National Vulnerability Database".

230 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-32010 ‼

Windows Bus Filter Driver Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".

229 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-32011 ‼

Windows iSCSI Discovery Service Denial of Service Vulnerability

📖 Read

via "National Vulnerability Database".

223 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29372 ‼

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

219 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-32032 ‼

.NET and Visual Studio Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".

214 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-32017 ‼

Microsoft PostScript Printer Driver Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

210 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-32015 ‼

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

207 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29363 ‼

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

207 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29367 ‼

iSCSI Target WMI Provider Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

206 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29355 ‼

DHCP Server Service Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

207 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-3198 ‼

The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_status_order_message function. This makes it possible for unauthenticated attackers to update status order message via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

📖 Read

via "National Vulnerability Database".

209 views05:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-33145 ‼

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

196 views05:33

About

Blog

Apps

Platform