🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30697 ‼

An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

📖 Read

via "National Vulnerability Database".
122 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30689 ‼

Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
121 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30682 ‼

Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API without permission.

📖 Read

via "National Vulnerability Database".
113 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30685 ‼

Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mode.

📖 Read

via "National Vulnerability Database".
110 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30699 ‼

Out-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remote attackers.

📖 Read

via "National Vulnerability Database".
111 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30683 ‼

Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call endCall API without permission.

📖 Read

via "National Vulnerability Database".
114 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30701 ‼

PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access.

📖 Read

via "National Vulnerability Database".
113 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30684 ‼

Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission.

📖 Read

via "National Vulnerability Database".
114 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30693 ‼

Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
115 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30705 ‼

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.

📖 Read

via "National Vulnerability Database".
120 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30702 ‼

Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
125 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30696 ‼

An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

📖 Read

via "National Vulnerability Database".
135 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30686 ‼

Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
143 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30703 ‼

Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information.

📖 Read

via "National Vulnerability Database".
151 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30687 ‼

Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
171 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30681 ‼

An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

📖 Read

via "National Vulnerability Database".
215 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30691 ‼

Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation.

📖 Read

via "National Vulnerability Database".
276 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30700 ‼

PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission.

📖 Read

via "National Vulnerability Database".
290 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30688 ‼

Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
341 views
🛡 Cybersecurity & Privacy 🛡 - News
🦿 Quick Glossary: Cybersecurity Attack Response and Mitigation 🦿

Your computer network is under constant attack. The hard reality is that one of those cyberattacks will succeed, and you had better be prepared. This quick glossary from TechRepublic Premium explains the terminology used by security experts as they attempt to reduce the damage caused by a successful attack. From the glossary: EVIDENCE COLLECTION POLICY ...

📖 Read

via "Tech Republic".
TechRepublic
Quick Glossary: Cybersecurity Attack Response and Mitigation | TechRepublic
Your computer network is under constant attack. The hard reality is that one of those cyberattacks will succeed, and you had better be prepared. This
314 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 'MoustachedBouncer' APT Spies on Embassies, Likely via ISPs 🕴

Diplomats who didn't use VPNs may have lost sensitive state information to a Belarusian threat actor that wields the "Disco" and "Nightclub" malware.

📖 Read

via "Dark Reading".
Dark Reading
'MoustachedBouncer' APT Spies on Embassies, Likely via ISPs
Diplomats who didn't use VPNs may have lost sensitive state information to a Belarusian government-aligned threat actor, which wields the "Disco" and "Nightclub" malware.
306 views