πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Symmetry Systems Closes $17.7M To Scale its AI-Powered Data Security Platform πŸ•΄



πŸ“– Read

via "Dark Reading".
Dark Reading
Symmetry Systems Closes $17.7M To Scale its AI-Powered Data Security Platform
SAN JOSE, Calif., Aug. 9, 2023 /PRNewswire/ -- Symmetry Systems, a next generation AI-powered data-centric security company, today announced an $17.7 million inside round of funding with repeat participation from ForgePoint Capital and Prefix Capital and…
158 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Sweet Security Lands $12M in Seed Funding to Shift Cloud Security Right πŸ•΄



πŸ“– Read

via "Dark Reading".
Dark Reading
Sweet Security Lands $12M in Seed Funding to Shift Cloud Security Right
TEL AVIV, Israel, Aug. 9, 2023 /PRNewswire/ -- Sweet Security today announced $12 million in seed funding and the launch of its Cloud Runtime Security Suite. The round was led by Glilot Capital Partners with participation from CyberArk Ventures and angel…
144 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ DARPA Launches Two-Year Contest to Build AI Tools to Fix Vulnerabilities πŸ•΄

A challenge will be offered to teams to build tools using AI in order to solve open source's vulnerability challenges.

πŸ“– Read

via "Dark Reading".
Dark Reading
DARPA Launches 2-Year Contest to Build AI Tools to Fix Vulnerabilities
A challenge will be offered to teams to build tools using AI in order to solve open source's vulnerability challenges.
136 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ LastPass Announces Availability of FIDO2 Authenticators for Passwordless Login πŸ•΄



πŸ“– Read

via "Dark Reading".
Dark Reading
LastPass Announces Availability of FIDO2 Authenticators for Passwordless Login
BOSTON -- (BUSINESS WIRE) -- LastPass today announced the availability of FIDO2 authenticators, including biometrics, such as finger print or face ID, and hardware keys, for its Passwordless Login solution. This innovation allows LastPass customers to experience…
❀1
138 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Checkmarx CISO Study Finds 96% of CISOs Say Their Business Prospects Consider Their Organizations' AppSec Maturity When Making Deal Decisions πŸ•΄



πŸ“– Read

via "Dark Reading".
Dark Reading
Checkmarx CISO Study Finds 96% of CISOs Say Their Business Prospects Consider Their Organizations' AppSec Maturity When Making…
ATLANTA, Aug. 9, 2023 /PRNewswire/ -- Checkmarx today released its "Global CISO Survey: The Growing Impact of AppSec on Business" report, based on survey results from 200 CISOs and other senior security executives worldwide in March of this year. The survey…
164 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37068 β€Ό

Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username and password fields, enabling SQL Injection attacks.

πŸ“– Read

via "National Vulnerability Database".
175 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-33469 β€Ό

In instances where the screen is visible and remote mouse connection is enabled, KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 can be exploited to achieve local code execution at the root level.

πŸ“– Read

via "National Vulnerability Database".
192 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-38348 β€Ό

A CSRF issue was discovered in LWsystems Benno MailArchiv 2.10.1.

πŸ“– Read

via "National Vulnerability Database".
206 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-33468 β€Ό

KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the physical screen.

πŸ“– Read

via "National Vulnerability Database".
296 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-23347 β€Ό

HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.

πŸ“– Read

via "National Vulnerability Database".
303 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-38347 β€Ό

An issue was discovered in LWsystems Benno MailArchiv 2.10.1. Attackers can cause XSS via JavaScript content to a mailbox.

πŸ“– Read

via "National Vulnerability Database".
344 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30680 β€Ό

Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege.

πŸ“– Read

via "National Vulnerability Database".
278 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30704 β€Ό

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.

πŸ“– Read

via "National Vulnerability Database".
273 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30698 β€Ό

Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege.

πŸ“– Read

via "National Vulnerability Database".
255 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30654 β€Ό

Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.

πŸ“– Read

via "National Vulnerability Database".
195 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30695 β€Ό

Out-of-bounds Write vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
160 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30679 β€Ό

Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
❀1
141 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30694 β€Ό

Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
130 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30697 β€Ό

An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

πŸ“– Read

via "National Vulnerability Database".
122 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30689 β€Ό

Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
121 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30682 β€Ό

Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API without permission.

πŸ“– Read

via "National Vulnerability Database".
113 views