🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30702 ‼

Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
125 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30696 ‼

An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

📖 Read

via "National Vulnerability Database".
135 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30686 ‼

Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
143 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30703 ‼

Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information.

📖 Read

via "National Vulnerability Database".
151 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30687 ‼

Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
171 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30681 ‼

An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

📖 Read

via "National Vulnerability Database".
215 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30691 ‼

Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation.

📖 Read

via "National Vulnerability Database".
276 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30700 ‼

PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission.

📖 Read

via "National Vulnerability Database".
290 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30688 ‼

Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
341 views
🛡 Cybersecurity & Privacy 🛡 - News
🦿 Quick Glossary: Cybersecurity Attack Response and Mitigation 🦿

Your computer network is under constant attack. The hard reality is that one of those cyberattacks will succeed, and you had better be prepared. This quick glossary from TechRepublic Premium explains the terminology used by security experts as they attempt to reduce the damage caused by a successful attack. From the glossary: EVIDENCE COLLECTION POLICY ...

📖 Read

via "Tech Republic".
TechRepublic
Quick Glossary: Cybersecurity Attack Response and Mitigation | TechRepublic
Your computer network is under constant attack. The hard reality is that one of those cyberattacks will succeed, and you had better be prepared. This
314 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 'MoustachedBouncer' APT Spies on Embassies, Likely via ISPs 🕴

Diplomats who didn't use VPNs may have lost sensitive state information to a Belarusian threat actor that wields the "Disco" and "Nightclub" malware.

📖 Read

via "Dark Reading".
Dark Reading
'MoustachedBouncer' APT Spies on Embassies, Likely via ISPs
Diplomats who didn't use VPNs may have lost sensitive state information to a Belarusian government-aligned threat actor, which wields the "Disco" and "Nightclub" malware.
306 views
🛡 Cybersecurity & Privacy 🛡 - News
📢 Veritas targets mutual growth with new MSP partner program 📢

The revamped initiative will help MSPs capitalize on the growing demand for cloud-native cyber resilience solutions, vendor says

📖 Read

via "ITPro".
channelpro
Veritas targets mutual growth with new MSP partner program
The revamped initiative will help MSPs capitalize on the growing demand for cloud-native cyber resilience solutions, vendor says
238 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-26309 ‼

A remote code execution vulnerability in the webview component of OnePlus Mall app.

📖 Read

via "National Vulnerability Database".
213 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-4277 ‼

The Realia plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.0. This is due to missing nonce validation on the 'process_change_profile_form' function. This makes it possible for unauthenticated attackers to change user email via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

📖 Read

via "National Vulnerability Database".
223 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-4276 ‼

The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abpr_profileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

📖 Read

via "National Vulnerability Database".
228 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-31209 ‼

Improper neutralization of active check command arguments in Checkmk < 2.1.0p32, < 2.0.0p38, < 2.2.0p4 leads to arbitrary command execution for authenticated users.

📖 Read

via "National Vulnerability Database".
258 views
🛡 Cybersecurity & Privacy 🛡 - News
📢 ICO threatens enforcement action against websites with 'harmful' cookie banners 📢

Cookie banners and defaults among practices coming under greater scrutiny

📖 Read

via "ITPro".
ITPro
ICO threatens enforcement action against websites with 'harmful' cookie banners
Cookie banners and defaults among practices coming under greater scrutiny
272 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-24009 ‼

Auth. (subscriber+) Reflected Cross-site Scripting (XSS) vulnerability in Wpazure Themes Upfrontwp theme <= 1.1 versions.

📖 Read

via "National Vulnerability Database".
233 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-37988 ‼

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Creative Solutions Contact Form Generator plugin <= 2.5.5 versions.

📖 Read

via "National Vulnerability Database".
230 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-23871 ‼

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Webdzier Button plugin <= 1.1.23 versions.

📖 Read

via "National Vulnerability Database".
231 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-23798 ‼

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions.

📖 Read

via "National Vulnerability Database".
197 views