August 2022 - Page 7 of 75 - Cyber Security News

CVE-2021-38934

IBM Engineering Test Management 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web...

August 29, 2022

Advisories

CVE-2020-26938

In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI...

August 29, 2022

News

Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users

Authored by Oliver Devane and Vallabh Chole A few months ago, we blogged about malicious extensions redirecting users to phishing sites and inserting affiliate IDs...

August 29, 2022

Advisories

FEDORA-2022-de968d1b6c Packages in this update: rubygem-puma-4.3.6-5.fc35 Update description: Fix CVE-2022-23634 - information leak between requests. Fix CVE-2022-24790 - http request smuggling vulnerabilities Read More

August 29, 2022

News

Levels of Assurance for DoD Microelectronics

The NSA has has published criteria for evaluating levels of assurance required for DoD microelectronics. The introductory report in a DoD microelectronics series outlines the...

August 29, 2022

News

Global Ransomware Damages to Exceed $30bn by 2023

Six hundred malicious email campaigns made their way across the internet in the first half of 2022 Read More

August 29, 2022

News

US Cyber Command and NSA Partner On Defence Efforts For Midterms Elections

The group's main goal is to monitor foreign adversaries who may interfere with elections Read More

August 29, 2022

News

Facebook agrees to settle class action lawsuit related to Cambridge Analytica data breach

Facebook parent Meta Platforms agreed Friday to settle a class action lawsuit seeking damages for allowing British political consulting firm Cambridge Analytica access to the...

August 29, 2022

Advisories

rubygem-puma-5.5.2-3.fc36

FEDORA-2022-52d0032596 Packages in this update: rubygem-puma-5.5.2-3.fc36 Update description: Fix CVE-2022-23634 - information leak between requests. Fix CVE-2022-24790 - http request smuggling vulnerabilities. Read More

August 29, 2022

News

Crypto miners’ latest techniques

Executive summary Crypto miners are determined in their objective of mining in other people's resources. Proof of this is one of the latest samples identified...

August 29, 2022

Sitting Ducks DNS Attacks Put Global Domains at Risk

Microsoft Power Pages Misconfiguration Leads to Data Exposure

ShrinkLocker ransomware: what you need to know

Massive Telecom Hack Exposes US Officials to Chinese Espionage

IT specialist Jack Teixeira jailed for 15 years after leaking classified military documents on Discord

New iOS Security Feature Makes It Harder for Police to Unlock Seized Phones

API Security in Peril as 83% of Firms Suffer Incidents

Bank of England U-turns on Vulnerability Disclosure Rules

LevelBlue Cybersecurity Awareness Month Recap

Month: August 2022

CVE-2021-38934

CVE-2020-26938

Malicious Cookie Stuffing Chrome Extensions with 1.4 Million Users

rubygem-puma-4.3.6-5.fc35

Levels of Assurance for DoD Microelectronics

Global Ransomware Damages to Exceed $30bn by 2023

US Cyber Command and NSA Partner On Defence Efforts For Midterms Elections

Facebook agrees to settle class action lawsuit related to Cambridge Analytica data breach

rubygem-puma-5.5.2-3.fc36

Crypto miners’ latest techniques