Cisco fixes SQL Injection flaw in Unified CM

GlobalDefenseBot 20 January

2 minutes

A high-severity flaw (CVE-2023-20010) was found in Cisco Unified Communications Manager and Unified Communications Manager Session Management Edition. Cisco fixed a high-severity SQL injection flaw, tracked as CVE-2023-20010 (CVSS score of 8.1), in Unified Communications Manager and Unified Communications Manager Session Management Edition. Unified Communications Manager solutions provide reliable, secure, scalable, and manageable call control […]

The post Cisco fixes SQL Injection flaw in Unified CM appeared first on Security Affairs.

Hacker Accesses 37M Customers’ Data Amid T-Mobile Data Breach

CySecBot 20 January

1 minute

On Thursday, the 20th of January, 2023, T-Mobile, a telecom giant, has revealed that a hacker had managed to gain access to an entire trove of personal data. According to the filing, the hacker had managed to breach the data of $37 million people. 37 M…

What can I do with a custom security key?

CySecBot 20 January

1 minute

I have a security key issued by my company which I no longer need to use. The key has been de-registered from my work portal.

Previously I was using it to authenticate to websites; I assume it’s using WebAuthN protocol.

The key still generates random codes.

What can I use the key for? The key is manufactured by my company, so I can’t use it for apps as most seem to require a Yubikey. I don’t want to throw away the hardware unnecessarily.

Furthermore, are there any websites/Linux apps I can use to get more information about the key?

submitted by /u/blowfish00
[link] [comments]

Getting admin passsword

CySecBot 20 January

1 minute

Didnt know where to come to so I came here. I am on a L13 yoga gen1 laptop but it is a school laptop. I want the admin password and of course they wont just give it to us. Is there a way I could make a fake admin popup and get the admin or do soemthing…

Nim reverse shell. Now with more features.

CySecBot 20 January

1 minute

submitted by /u/His_son [link] [comments]

Stay vigilant.

CySecBot 20 January

1 minute

Hackers are always looking for flaws. submitted by /u/Sociablegorgon [link] [comments]

PayPal Notifies 35,000 Users of Data Breach

CySecBot 20 January

1 minute

By Habiba Rashid
According to PayPal, hackers managed to access the personal information of 34,942 users; however, no transactions were performed from the breached accounts.
This is a post from HackRead.com Read the original post: PayPal Notifies 35,00…

Somebody pirated my app

CySecBot 20 January

1 minute

Hi. I know this is off topic for this subreddit, I didn’t know where to post it. I made an app a while ago, and some website called luckymodapk is letting people download an ad free version. How do I stop this? I can’t find any contact details. https://www.luckymodapk.com/kendasi-mod/kendasi.kendasi.kendasi/

submitted by /u/JakeStBu
[link] [comments]

breaking news

Experts released PoC exploit for critical Zoho ManageEngine RCE flaw

GlobalDefenseBot 19 January

3 minutes

Researchers released Proof-of-concept exploit code for remote code execution flaw CVE-2022-47966 impacting multiple Zoho ManageEngine products. The CVE-2022-47966 flaw is an unauthenticated remote code execution vulnerability that impacts multiple Zoho products with SAML SSO enabled in the ManageEngine setup. The issue also impacts products that had the feature enabled in the past. The root cause of […]

The post Experts released PoC exploit for critical Zoho ManageEngine RCE flaw appeared first on Security Affairs.

Attempting to control my macbook power light

CySecBot 19 January

1 minute

So given that I have sudo access on my machine. I want to be able to make my laptop power light to flash, encoding a string in the flash that I can then read using an OpticSpy. I bought the OpticSpy on the link below but I am having a hard time working…