May 2023 - Page 28 of 100 - Cyber Security News

ZDI-23-717: D-Link D-View uploadFile Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. Read More

May 24, 2023

Advisories

ZDI-23-718: D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability

This vulnerability allows remote attackers to create and delete arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. Read...

May 24, 2023

Advisories

ZDI-23-719: D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. Read More

May 24, 2023

Advisories

ZDI-23-720: Moxa MXsecurity Series Hardcoded JWT Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Moxa MXsecurity Series appliances. Authentication is not required to exploit this vulnerability. Read...

May 24, 2023

Advisories

ZDI-23-721: Moxa MXsecurity Series Restricted Shell Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MXsecurity Series appliances. Authentication is required to exploit this vulnerability. Read...

May 24, 2023

Advisories

ZDI-23-722: Microsoft Windows Active Directory Certificate Services Improper Authorization Privilege Escalation Vulnerability

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of Microsoft Windows Active Directory Certificate Services. Authentication is required to exploit this vulnerability....

May 24, 2023

News

Former Uber CSO Joe Sullivan and lessons learned from the infamous 2016 Uber breach

Like most CSOs, Joe Sullivan was drawn to the role to help prevent cybercrimes. His role as CSO of Uber was something of a shift...

May 24, 2023

Advisories

DSA-5410 sofia-sip – security update

Multiple security issues were discovered in Sofia-SIP, a SIP User-Agent library, which could result in denial of service. Read More

May 24, 2023

Advisories

USN-6100-1: HTML::StripScripts vulnerability

It was discovered that HTML::StripScripts does not properly parse HTML content with certain style attributes. A remote attacker could use this issue to cause a...

May 23, 2023

News

Google Unveils Bug Bounty Program For Android Apps

Rewards range from $750 for certain MiTM scenarios to $30,000 for some ACE vulnerabilities Read More

May 23, 2023

Sitting Ducks DNS Attacks Put Global Domains at Risk

Microsoft Power Pages Misconfiguration Leads to Data Exposure

ShrinkLocker ransomware: what you need to know

Massive Telecom Hack Exposes US Officials to Chinese Espionage

IT specialist Jack Teixeira jailed for 15 years after leaking classified military documents on Discord

New iOS Security Feature Makes It Harder for Police to Unlock Seized Phones

API Security in Peril as 83% of Firms Suffer Incidents

Bank of England U-turns on Vulnerability Disclosure Rules

LevelBlue Cybersecurity Awareness Month Recap

Month: May 2023

ZDI-23-717: D-Link D-View uploadFile Directory Traversal Arbitrary File Creation Vulnerability

ZDI-23-718: D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability

ZDI-23-719: D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability

ZDI-23-720: Moxa MXsecurity Series Hardcoded JWT Key Authentication Bypass Vulnerability

ZDI-23-721: Moxa MXsecurity Series Restricted Shell Command Injection Remote Code Execution Vulnerability

ZDI-23-722: Microsoft Windows Active Directory Certificate Services Improper Authorization Privilege Escalation Vulnerability

Former Uber CSO Joe Sullivan and lessons learned from the infamous 2016 Uber breach

DSA-5410 sofia-sip – security update

USN-6100-1: HTML::StripScripts vulnerability

Google Unveils Bug Bounty Program For Android Apps