🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
🦿 Just in time for Christmas, Kronos payroll and HR cloud software goes offline due to ransomware 🦿

The attack has led to an outage expected to last weeks, leaving companies scrambling to make payroll with the holidays right around the corner.

📖 Read

via "Tech Republic".
TechRepublic
Just in time for Christmas, Kronos payroll and HR cloud software goes offline due to ransomware
The attack has led to an outage expected to last weeks, leaving companies scrambling to make payroll with the holidays right around the corner.
211 views
🛡 Cybersecurity & Privacy 🛡 - News
🛠 Log4j Recognizer 🛠

This utility looks for log4j in the currently running JVM. It is useful for systems that allow plugins to introduce their own jars. Therefore, you can find if someone is using log4j with a dangerous version.

📖 Read

via "Packet Storm Security".
Packetstormsecurity
Log4j Recognizer ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
188 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43237 ‼

Windows Setup Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".
181 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43893 ‼

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".
178 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43227 ‼

Storage Spaces Controller Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-43235.

📖 Read

via "National Vulnerability Database".
174 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43877 ‼

ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".
148 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43907 ‼

Visual Studio Code WSL Extension Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".
142 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-41333 ‼

Windows Print Spooler Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".
140 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43892 ‼

Microsoft BizTalk ESB Toolkit Spoofing Vulnerability

📖 Read

via "National Vulnerability Database".
135 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43243 ‼

VP9 Video Extensions Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".
130 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43908 ‼

Visual Studio Code Spoofing Vulnerability

📖 Read

via "National Vulnerability Database".
127 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-42312 ‼

Microsoft Defender for IOT Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".
130 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43889 ‼

Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-41365, CVE-2021-42310, CVE-2021-42311, CVE-2021-42313, CVE-2021-42314, CVE-2021-42315, CVE-2021-43882.

📖 Read

via "National Vulnerability Database".
125 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43216 ‼

Microsoft Local Security Authority Server (lsasrv) Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".
122 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43675 ‼

Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user.

📖 Read

via "National Vulnerability Database".
122 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-42320 ‼

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-43242.

📖 Read

via "National Vulnerability Database".
120 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43256 ‼

Microsoft Excel Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".
122 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43905 ‼

Microsoft Office app Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".
122 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-44657 ‼

In StackStorm versions prior to 3.6.0, the jinja interpreter was not run in sandbox mode and thus allows execution of unsafe system commands. Jinja does not enable sandboxed mode by default due to backwards compatibility. Stackstorm now sets sandboxed mode for jinja by default.

📖 Read

via "National Vulnerability Database".
122 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43240 ‼

NTFS Set Short Name Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".
127 views