May 2023 - Page 86 of 100 - Cyber Security News

It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-28755) It...

May 4, 2023

News

Apple and Google join forces to combat AirTag stalking

Apple and Google have announced that they are teaming up in order to combat the safety risks associated with AirTags and other tracking devices. Read...

May 4, 2023

Advisories

ZDI-23-537: D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. Read More

May 4, 2023

Advisories

ZDI-23-538: D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. Read...

May 4, 2023

Advisories

ZDI-23-539: D-Link DIR-2640 LocalIPAddress Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the...

May 4, 2023

Advisories

ZDI-23-540: D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. Read More

May 4, 2023

Advisories

ZDI-23-541: D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Authentication is not required to exploit this vulnerability. Read...

May 4, 2023

Friday Squid Blogging: Female Gonatus Onyx Squid Carrying Her Eggs

Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

Good Essay on the History of Bad Password Policies

Ransomware Groups Use Cloud Services For Data Exfiltration

O2’s AI Granny Outsmarts Scam Callers with Knitting Tales

Safeguarding Healthcare Organizations from IoMT Risks

An Interview With the Target & Home Depot Hacker

Month: May 2023

Consumer Group Slams Bank App Fraud Failings

Malicious HTML Attachment Volumes Surge

US Authorities Dismantle Dark Web “Card Checking” Platform

USN-6055-1: Ruby vulnerabilities

Apple and Google join forces to combat AirTag stalking

ZDI-23-537: D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability

ZDI-23-538: D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability

ZDI-23-539: D-Link DIR-2640 LocalIPAddress Command Injection Remote Code Execution Vulnerability

ZDI-23-540: D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability

ZDI-23-541: D-Link DIR-2640 prog.cgi Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability