Channel address:
Categories:
Technologies
Language: English
Subscribers:
19.31K
Description from channel
🗞 The finest daily news on cybersecurity and privacy.
🔔 Daily releases.
💻 Is your online life secure?
📩 lalilolalo.dev@gmail.com
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
0
4 stars
2
3 stars
0
2 stars
0
1 stars
1
The latest Messages 6
2021-10-28 22:35:59
What is Phishing? Common Attacks & How to Avoid Them The goal of nearly every phishing attempt is to steal information but attacks can come in different forms. In today's blog, we break down common phishing types, tactics and 50 examples of phishing attacks.
Read
via "".
23 views19:35
2021-10-28 21:17:27
CVE-2021-3745 flatcore-cms is vulnerable to Unrestricted Upload of File with Dangerous Type
Read
via "
National Vulnerability Database".
71 views18:17
2021-10-28 21:17:26
CVE-2020-7875 DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable in the activeX module. This can be leveraged for code execution.
Read
via "
National Vulnerability Database".
71 views18:17
2021-10-28 21:17:24
CVE-2021-22096 In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
Read
via "
National Vulnerability Database".
70 views18:17
2021-10-28 21:17:23
CVE-2021-22047 In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration.
Read
via "
National Vulnerability Database".
53 views18:17
2021-10-28 21:17:22
CVE-2021-22044 In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level `@RequestMapping`annotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to `@RequestMapping`-annotated interface methods.
Read
via "
National Vulnerability Database".
53 views18:17
2021-10-28 21:17:21
CVE-2021-22097 In Spring AMQP versions 2.2.0 - 2.2.18 and 2.3.0 - 2.3.10, the Spring AMQP Message object, in its toString() method, will deserialize a body for a message with content type application/x-java-serialized-object. It is possible to construct a malicious java.util.Dictionary object that can cause 100% CPU usage in the application if the toString() method is called.
Read
via "
National Vulnerability Database".
49 views18:17
2021-10-28 20:06:14
3 Security Lessons Learned From the Kaseya Ransomware Attack Organizations can better prepare themselves and their customers for these attacks with some strategies to identify threats before they become a widespread issue.
Read
via "
Dark Reading".
93 views17:06
2021-10-28 19:17:44
CVE-2018-14640 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
Read
via "
National Vulnerability Database".
132 views16:17
2021-10-28 19:17:43
CVE-2021-3579 Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 7.2.1.65.
Read
via "
National Vulnerability Database".
113 views16:17