🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
📢 Iranian hackers targeted nuclear expert, ported Windows infection chain to Mac in a week 📢

Fresh research demonstrates the sophistication and capability of state-sponsored threat actors to compromise diverse targets

📖 Read

via "ITPro".
ITPro
Iranian hackers targeted nuclear expert, ported Windows infection chain to Mac in a week
Fresh research demonstrates the sophistication and capability of state-sponsored threat actors to compromise diverse targets
433 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-26138 ‼

All versions of the package drogonframework/drogon are vulnerable to CRLF Injection when untrusted user input is used to set request headers in the addHeader function. An attacker can add the \r\n (carriage return line feeds) characters and inject additional headers in the request sent.

📖 Read

via "National Vulnerability Database".
409 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-26137 ‼

All versions of the package drogonframework/drogon are vulnerable to HTTP Response Splitting when untrusted user input is used to build header values in the addHeader and addCookie functions. An attacker can add the \r\n (carriage return line feeds) characters to end the HTTP response headers and inject malicious content.

📖 Read

via "National Vulnerability Database".
448 views
🛡 Cybersecurity & Privacy 🛡 - News
📢 NCSC neutralizes fewer cyber crime campaigns for first time in six years 📢

Drop in takedowns may be due to short lifetimes of extortion email servers and crypto scams

📖 Read

via "ITPro".
ITPro
NCSC neutralizes fewer cyber crime campaigns for first time in six years
Drop in takedowns may be due to short lifetimes of extortion email servers and crypto scams
453 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-3523 ‼

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.

📖 Read

via "National Vulnerability Database".
424 views
🛡 Cybersecurity & Privacy 🛡 - News
âš  Firefox 115 is out, says farewell to older Windows and Mac users âš 

No zero-days this month, so you're patching to stay ahead, not merely to catch up!

📖 Read

via "Naked Security".
Sophos News
Naked Security – Sophos News
419 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 6 Steps To Outsmart Business Email Compromise Scammers 🕴

Email fraud is a confidence game that costs the economy billions. An effective defense takes technology and vigilance.

📖 Read

via "Dark Reading".
Dark Reading
6 Steps To Outsmart Business Email Compromise Scammers
Email fraud is a confidence game that costs the economy billions. An effective defense takes technology and vigilance.
364 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-48514 ‼

The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confidentiality.

📖 Read

via "National Vulnerability Database".
304 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-48518 ‼

Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, which affects system performance.

📖 Read

via "National Vulnerability Database".
293 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-46894 ‼

Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation.

📖 Read

via "National Vulnerability Database".
250 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-48512 ‼

Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally.

📖 Read

via "National Vulnerability Database".
224 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-37241 ‼

Input verification vulnerability in the WMS API. Successful exploitation of this vulnerability may cause the device to restart.

📖 Read

via "National Vulnerability Database".
210 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-48515 ‼

Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentiality.

📖 Read

via "National Vulnerability Database".
201 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-34164 ‼

Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability.

📖 Read

via "National Vulnerability Database".
187 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-48507 ‼

Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service confidentiality.

📖 Read

via "National Vulnerability Database".
185 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-46892 ‼

Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality.

📖 Read

via "National Vulnerability Database".
183 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-48510 ‼

Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations.

📖 Read

via "National Vulnerability Database".
184 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-37238 ‼

Vulnerability of apps' permission to access a certain API being incompletely verified in the wireless projection module. Successful exploitation of this vulnerability may affect some wireless projection features.

📖 Read

via "National Vulnerability Database".
184 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-48508 ‼

Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity.

📖 Read

via "National Vulnerability Database".
182 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-48520 ‼

Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality.

📖 Read

via "National Vulnerability Database".
189 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-48517 ‼

Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect availability.

📖 Read

via "National Vulnerability Database".
194 views