Channel address:
Categories:
Technologies
Language: English
Subscribers:
19.31K
Description from channel
🗞 The finest daily news on cybersecurity and privacy.
🔔 Daily releases.
💻 Is your online life secure?
📩 lalilolalo.dev@gmail.com
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
0
4 stars
2
3 stars
0
2 stars
0
1 stars
1
The latest Messages 11
2021-10-27 21:16:18
CVE-2021-20526 IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. IBM X-Force ID: 198755.
Read
via "
National Vulnerability Database".
32 views18:16
2021-10-27 21:16:16
CVE-2021-37808 SQL Injection vulnerabilities exist in https://phpgurukul.com News Portal Project 3.1 via the (1) category, (2) subcategory, (3) sucatdescription, and (4) username parameters, the server response is about (N) seconds delay respectively which mean it is vulnerable to MySQL Blind (Time Based). An attacker can use sqlmap to further the exploitation for extracting sensitive information from the database.
Read
via "
National Vulnerability Database".
34 views18:16
2021-10-27 21:16:14
CVE-2021-37803 An SQL Injection vulnerability exists in Sourcecodester Online Covid Vaccination Scheduler System 1.0 via the username in lognin.php .
Read
via "
National Vulnerability Database".
34 views18:16
2021-10-27 21:16:12
CVE-2021-37807 An SQL Injection vulneraility exists in https://phpgurukul.com Online Shopping Portal 3.1 via the email parameter on the /check_availability.php endpoint that serves as a checker whether a new user's email is already exist within the database.
Read
via "
National Vulnerability Database".
39 views18:16
2021-10-27 21:04:16
Kaspersky Buys Brain4Net to Build SASE & XDR Tools Brain4Net builds tools to help enterprises and service providers add SD-WAN and NFV technologies to their existing infrastructure.
Read
via "
Dark Reading".
54 views18:04
2021-10-27 20:05:13
6 Eye-Opening Statistics About Software Supply Chain Security The latest facts and figures on the state of software supply chain security in the enterprise.
Read
via "
Dark Reading".
106 views17:05
2021-10-27 20:02:13
War-Driving Technique Allows Wi-Fi Password-Cracking at Scale A researcher was able to crack 70 percent of the gathered hashes in an experiment in a residential neighborhood.
Read
via "
Threat Post".
108 views17:02
2021-10-27 19:48:12
Zeek 4.1.1 Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
Read
via "
Packet Storm Security".
98 views16:48
2021-10-21 22:58:09
U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn Meanwhile, Zerodium's quest to buy VPN exploits is problematic, researchers said.
Read
via "
Threat Post".
34 views19:58
2021-10-21 22:58:08
TA551 Shifts Tactics to Install Sliver Red-Teaming Tool A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.
Read
via "
Threat Post".
35 views19:58
C
