πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.9K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.9K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2010-4662

PmWiki before 2.2.21 has XSS.

πŸ“– Read

via "National Vulnerability Database".
114 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ IoT Malware Campaign Infects Global Manufacturing Sites πŸ•΄

The infection uses Lemon_Duck PowerShell malware variant to exploit vulnerabilities in embedded devices at manufacturing sites.

πŸ“– Read

via "Dark Reading: ".
Darkreading
IoT Malware Campaign Infects Global Manufacturing Sites
The infection uses Lemon_Duck PowerShell malware variant to exploit vulnerabilities in embedded devices at manufacturing sites.
119 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Department of Energy Adds Attivo Decoys for Critical Infrastructure Security πŸ•΄

The decoys and lures will help redirect attacks away from devices that can't be protected through traditional means.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
Department of Energy Adds Attivo Decoys for Critical Infrastructure Security
The decoys and lures will help redirect attacks away from devices that can't be protected through traditional means.
118 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2011-1151

Joomla! 1.6.0 is vulnerable to SQL Injection via the filter_order and filer_order_Dir parameters.

πŸ“– Read

via "National Vulnerability Database".
114 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2011-1150

bbPress through 1.0.2 has XSS in /bb-login.php url via the re parameter.

πŸ“– Read

via "National Vulnerability Database".
112 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2011-1069

PHPShop through 0.8.1 has XSS.

πŸ“– Read

via "National Vulnerability Database".
119 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2011-1009

Vanilla Forums 2.0.17.1 through 2.0.17.5 has XSS in /vanilla/index.php via the p parameter.

πŸ“– Read

via "National Vulnerability Database".
125 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2011-0525

Batavi before 1.0 has CSRF.

πŸ“– Read

via "National Vulnerability Database".
125 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Majority of Network, App-Layer DDoS Attacks in 2019 Were Small πŸ•΄

Attacks turned to cheaper, shorter attacks to try and disrupt targets, Imperva analysis shows.

πŸ“– Read

via "Dark Reading: ".
Darkreading
Majority of Network, App-Layer DDoS Attacks in 2019 Were Small
Attacks turned to cheaper, shorter attacks to try and disrupt targets, Imperva analysis shows.
144 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Vixie: The Unintended Consequences of Internet Privacy Efforts πŸ•΄

Paul Vixie says emerging encryption protocols for endpoints could 'break' security in enterprise - and even home - networks.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
Vixie: The Unintended Consequences of Internet Privacy Efforts
Paul Vixie says emerging encryption protocols for endpoints could break security in enterprise - and even home - networks.
177 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2011-1597

OpenVAS Manager v2.0.3 allows plugin remote code execution.

πŸ“– Read

via "National Vulnerability Database".
180 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2011-1517

SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.

πŸ“– Read

via "National Vulnerability Database".
183 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Android pulls 24 β€˜dangerous’ malware-filled apps from Play Store ⚠

The malware-infected apps used to harvest data and sign users up to premium services have been downloaded more than 382 million times.

πŸ“– Read

via "Naked Security".
Sophos News
Naked Security – Sophos News
157 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Dropbox Passes $1M Milestone for Bug-Bounty Payouts ❌

The file-sharing service also disclosed details of past notable bugs for the first time.

πŸ“– Read

via "Threatpost".
Threat Post
Dropbox Passes $1M Milestone for Bug-Bounty Payouts
The file-sharing service also disclosed details of past notable bugs for the first time.
150 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Charming Kitten Uses Fake Interview Requests to Target Public Figures ❌

APT group poses as a former Wall Street Journal journalist to launch phishing campaigns and steal victim email account details.

πŸ“– Read

via "Threatpost".
Threat Post
Charming Kitten Uses Fake Interview Requests to Target Public Figures
APT group poses as a former Wall Street Journal journalist to launch phishing campaigns and steal victim email account details.
141 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Google’s Chrome 80 clamps down on cookies and notification spam ⚠

Version 80 of the Chrome browser is out with some new features designed to save your security and your sanity.

πŸ“– Read

via "Naked Security".
Naked Security
Google’s Chrome 80 clamps down on cookies and notification spam
Version 80 of the Chrome browser is out with some new features designed to save your security and your sanity.
141 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ RSAC Sets Finalists for Innovation Sandbox πŸ•΄

The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.

πŸ“– Read

via "Dark Reading: ".
135 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ Twitter bans deepfakes, but only those β€˜likely to cause harm’ ⚠

Twitter isn't interested in how the β€œsynthetic or manipulated” media is created, but if it has the potential to cause harm it'll be removed.

πŸ“– Read

via "Naked Security".
Naked Security
Twitter bans deepfakes, but only those β€˜likely to cause harm’
Twitter isn’t interested in how the β€œsynthetic or manipulated” media is created, but if it has the potential to cause harm it’ll be removed.
135 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ” IoT is a gold mine for hackers using fileless malware for cyberattacks πŸ”

Data exposure is one of the biggest threats from attacks on IoT devices. A new report recommends a shift to perimeter-less security strategies.

πŸ“– Read

via "Security on TechRepublic".
TechRepublic
IoT is a gold mine for hackers using fileless malware for cyberattacks
Data exposure is one of the biggest threats from attacks on IoT devices. A new report recommends a shift to perimeter-less security strategies.
123 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ How Can We Make Election Technology Secure? πŸ•΄

In Iowa this week, a smartphone app for reporting presidential caucus results debuted. It did not go well.

πŸ“– Read

via "Dark Reading: ".
Darkreading
How Can We Make Election Technology Secure?
In Iowa this week, a smartphone app for reporting presidential caucus results debuted. It did not go well.
126 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2012-2593

Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email.

πŸ“– Read

via "National Vulnerability Database".
124 views