βΌοΈCVE-2023-6485βΌοΈ
π Read more
Via "National Vulnerability Database"
The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its player settings, which combined with missing capability checks around the plugin could allow any authenticated users, such as low as subscribers to perform Stored CrossSite Scripting attacks against high privilege users like adminsπ Read more
Via "National Vulnerability Database"
βΌοΈCVE-2024-0181βΌοΈ
π Read more
Via "National Vulnerability Database"
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file adminadminuser.php of the component Admin Panel. The manipulation of the argument FirstnameLastnameUsername leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB249433 was assigned to this vulnerability.π Read more
Via "National Vulnerability Database"
βΌοΈCVE-2023-50094βΌοΈ
π Read more
Via "National Vulnerability Database"
reNgine through 2.0.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an apitoolswafdetector?url string. The commands are executed as root via subprocess.checkoutput.π Read more
Via "National Vulnerability Database"
βΌοΈCVE-2023-50096βΌοΈ
π Read more
Via "National Vulnerability Database"
STMicroelectronics STSAFEA1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeAReceiveBytes buffer overflow in the XCUBESAFEA1 Software Package for STSAFEA sample applications 1.2.0, and thus can affect userwritten code that was derived from a published sample application.π Read more
Via "National Vulnerability Database"
βΌοΈCVE-2024-0182βΌοΈ
π Read more
Via "National Vulnerability Database"
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file admin of the component Admin Login. The manipulation of the argument usernamepassword leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB249440.π Read more
Via "National Vulnerability Database"
βΌοΈCVE-2024-0183βΌοΈ
π Read more
Via "National Vulnerability Database"
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. This affects an unknown part of the file adminstudents.php of the component NIA Office. The manipulation leads to basic cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB249441 was assigned to this vulnerability.π Read more
Via "National Vulnerability Database"
βΌοΈCVE-2024-0184βΌοΈ
π Read more
Via "National Vulnerability Database"
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admineditteacher.php of the component Add Enginer. The manipulation of the argument FirstnameLastname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB249442 is the identifier assigned to this vulnerability.π Read more
Via "National Vulnerability Database"
π Black Basta Ransomware Decryptor Published π
π Read
via "Infosecurity Magazine".
Researchers at SRLabs have revealed a new suite of decryption tools for Black Basta ransomwareπ Read
via "Infosecurity Magazine".
Infosecurity Magazine
Black Basta Ransomware Decryptor Published
Researchers at SRLabs have revealed a new suite of decryption tools for Black Basta ransomware
π Teen Found Alive After βCyber-Kidnappingβ Incident π
π Read
via "Infosecurity Magazine".
A Chinese foreign exchange student has been found after online scammers extorted money from his parentsπ Read
via "Infosecurity Magazine".
Infosecurity Magazine
Teen Found Alive After βCyber-Kidnappingβ Incident
A Chinese foreign exchange student has been found after online scammers extorted money from his parents
π1
π’ Google and the University of Cambridge deal looks to pioneer responsible AI research π’
π Read
via "ITPro".
Google will collaborate with university researchers on AI for good π Read
via "ITPro".
ITPro
Google and the University of Cambridge deal looks to pioneer responsible AI research
Google will collaborate with university researchers on AI for good
ποΈ The Definitive Enterprise Browser Buyer's Guide ποΈ
π Read
via "The Hacker News".
Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it is now clear that the partial protection these solutions provided is no longer sufficient. Therefore,π Read
via "The Hacker News".
β€1
ποΈ Google Settles $5 Billion Privacy Lawsuit Over Tracking Users in 'Incognito Mode' ποΈ
π Read
via "The Hacker News".
Google has agreed to settle a lawsuit filed in June 2020 that alleged that the company misled users by tracking their surfing activity who thought that their internet use remained private when using the βincognitoβ or βprivateβ mode on web browsers.The class-action lawsuit sought at least $5 billion in damages. The settlement terms were not disclosed.The plaintiffs hadπ Read
via "The Hacker News".
π Australian Court Service Hacked, Hearing Recordings at Risk π
π Read
via "Infosecurity Magazine".
Court Services Victoria said the incident may have compromised recordings involving people whose identities are protected π Read
via "Infosecurity Magazine".
Infosecurity Magazine
Australian Court Service Hacked, Hearing Recordings at Risk
Court Services Victoria said the incident may have compromised recordings involving people whose identities are protected
π’ Google settles $5 billion privacy lawsuit ahead of cookie phase-out π’
π Read
via "ITPro".
Google has agreed to settle a $5 billion lawsuit over claims the it covertly tracked millions of users π Read
via "ITPro".
ITPro
Google settles $5 billion privacy lawsuit ahead of cookie phase-out
Google has agreed to settle a $5 billion lawsuit over claims the it covertly tracked millions of users
π’ Generative AI poses a βmajor riskβ to UK national security as report warns over risk of radicalization π’
π Read
via "ITPro".
Terrorism tsar John Hall has called for new laws to mitigate the risks of generative AI π Read
via "ITPro".
ITPro
Generative AI poses a βmajor riskβ to UK national security as report warns over risk of radicalization
Terrorism tsar John Hall has called for new laws to mitigate the risks of generative AI
π’ Hackers use LinkedIn to target UK nuclear waste firm π’
π Read
via "ITPro".
Radioactive Waste Management said attackers have leveraged LinkedIn in a spear phishing campaign π Read
via "ITPro".
ITPro
Hackers use LinkedIn to target UK nuclear waste firm
Radioactive Waste Management said attackers have leveraged LinkedIn in a spear phishing campaign
π΄ 10 Years After Yahoo Breach, What's Changed? (Not Much) π΄
π Read
via "Dark Reading".
Yahoo customers suffered the largest data breaches in history by some measures. But a decade on, experts warn, we still haven't learned our lesson.π Read
via "Dark Reading".
Dark Reading
10 Years After Yahoo, Whatβs Changed? (Not Much)
Yahoo customers suffered the largest data breaches in history by some measures. But a decade on, experts warn, we still haven't learned our lesson.
π Stegano 0.11.3 π
π Read
via "Packet Storm Security".
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.π Read
via "Packet Storm Security".
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π Over $80m in Crypto Stolen in Cyber-Attack on Orbit Chain π
π Read
via "Infosecurity Magazine".
Orbit Chain said that the stolen cryptocurrency currently remains unmovedπ Read
via "Infosecurity Magazine".
Infosecurity Magazine
Over $80m in Crypto Stolen in Cyber-Attack on Orbit Chain
Orbit Chain said that the stolen cryptocurrency currently remains unmoved
π’ Russia-linked group could be behind Australian state court cyber attack π’
π Read
via "ITPro".
A ransomware group was able to gain access to a database containing courtroom recordings of trials between November and December π Read
via "ITPro".
ITPro
Russia-linked group could be behind Australian state court cyber attack
A ransomware group was able to gain access to a database containing courtroom recordings of trials between November and December
π΄ Startups Scramble to Build Immediate AI Security π΄
π Read
via "Dark Reading".
AI may be inherently insecure, but only a handful of startups have put forward real visions to mitigate AI's threats and keep data private.π Read
via "Dark Reading".
Darkreading
Startups Scramble to Build Immediate AI Security
AI may be inherently insecure, but only a handful of startups have put forward real visions to mitigate AI's threats and keep data private.