π COMMON VULNERABILITIES AND EXPOSURES 11[β]
5 MayChromium: CVE-2023-2459 Inappropriate implementation in PromptsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 MayChromium: CVE-2023-2460 Insufficient validation of untrusted input in ExtensionsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 MayChromium: CVE-2023-2462 Inappropriate implementation in PromptsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 MayChromium: CVE-2023-2463 Inappropriate implementation in Full Screen ModeThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 MayChromium: CVE-2023-2464 Inappropriate implementation in PictureInPictureThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 MayChromium: CVE-2023-2465 Inappropriate implementation in CORSThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 MayChromium: CVE-2023-2466 Inappropriate implementation in PromptsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 MayChromium: CVE-2023-2467 Inappropriate implementation in PromptsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 MayChromium: CVE-2023-2468 Inappropriate implementation in PictureInPictureThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 MayCVE-2023-29350 Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
5 MayCVE-2023-29354 Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
β οΈ VULNERABILITY DISCLOSURE 2[β]
5 MayWeekly Update 346Presently sponsored by: Kolide ensures that if a device isn't secure, it can't access your apps. It's Device Trust for Okta. Watch the demo today! It's a bit of a mixed bag this week with a very light-hearted look at the death of the browser padlock icon (which has been replβ¦TROYHUNT.COM
5 MayRSA 2023: Not Under the GenAI Influence Yet!Security business is booming! Reportedly 38K people showed up for RSA 2023, and 600+ vendors did too. It is very clear from observing the large booths of many vendors (including some that are doing well unexpectedly ) that βthere is lots of money in cyberland.β As somebody cynicaβ¦MEDIUM.COM
π₯ INCIDENT REPORTING 1[β]
5 MayCyber Security Today, May 5, 2023 - Data breach at the Metropolitan Opera, and more GoAnywhere MFT victimsThis episode reports on PayPal being used to send fake invoices and moreCYBERSECURITYTODAY.LIBSYN.COM
π΅οΈ THREAT INTELLIGENCE 1[β]
5 MayAPTs target MSP access to customer networks β Week in security with Tony AnscombeThe recent compromise of the networks of several companies via the abuse of a remote access tool used by MSPs exemplifies why state-aligned threat actors should be on the radars of IT service providersWELIVESECURITY.COM
ποΈ PODCASTS 1[β]
5 MayCyber Security Today, Week in Review for Friday May 5th, 2023This episode features a discussion on the latest news about ChatGPT, data thefts of from test and decommissioned servers and whether the FBI needs more money to fight cybercrimeCYBERSECURITYTODAY.LIBSYN.COM