🐛 COMMON VULNERABILITIES AND EXPOSURES 15[−]
2 JunCVE-2023-29345 Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
2 JunCVE-2023-33143 Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2929 Out of bounds write in SwiftshaderThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2930 Use after free in ExtensionsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2931 Use after free in PDFThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2932 Use after free in PDFThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2933 Use after free in PDFThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2934 Out of bounds memory access in MojoThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2935 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2936 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2937 Inappropriate implementation in Picture In PictureThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2938 Inappropriate implementation in Picture In PictureThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2939 Insufficient data validation in InstallerThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2940 Inappropriate implementation in DownloadsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
2 JunChromium: CVE-2023-2941 Inappropriate implementation in Extensions APIThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 3[−]
2 JunNational Internet Safety Month: Together, we can make our K-12 schools cybersecure. It’s fundamental.Use National Internet Safety Month to expand the conversations, build the relationships, and take the next steps in making our K-12 schools cybersecure. It truly is fundamental. It is also an opportune time to highlight free resources CISA provides to build K-12 cybersecurity.CISA.GOV
2 JunA Vulnerability in MOVEit Transfer that Could Allow for Remote Code ExecutionA Vulnerability has been discovered in Progress Moveit Transfer, which could allow for potential unauthorized access to the environment, escalated privileges, and remote code execution. MOVEit Transfer is a managed file transfer software that allows the enterprise to securely tra…CISECURITY.ORG
2 JunUsing Cloud Securely — The Config Doom QuestionUsing Cloud Securely — The Config Doom Question First, “Use Cloud Securely? What Does This Even Mean?!” and “How to Solve the Mystery of Cloud Defense in Depth?” (and “Where Does Shared Responsibility Model for Security Breaks in the Real World?” too) would make for good “recomme…MEDIUM.COM
🔥 INCIDENT REPORTING 2[−]
2 JunCyber Security Today, Week in Review for the week ending Friday, June 2, 2023This episode features a discussion on a report into the ransomware attack on Newfoundland's IT healthcare system, a penalty paid by a US medical billing supplier over a data breach, an Australian company's estimate of the costs of a ransomware attack and the sentencing in the U.S…CYBERSECURITYTODAY.LIBSYN.COM
2 JunCyber Security Today, June 2, 2023 - A new way of compromising the PyPI repository found, warning for MOVEit file transfer users, and moreThis episode reports on ransomware attacks, a proposed US$25 million fine against Amazon and moreCYBERSECURITYTODAY.LIBSYN.COM
🕵️ THREAT INTELLIGENCE 1[−]
2 JunWeekly Update 350Presently sponsored by: Kolide ensures that if a device isn't secure, it can't access your apps. It's Device Trust for Okta. Watch the demo today! And so ends a long period of back-to-back weeks of conferences and talks. It's funny how these things seem to cluster together a…TROYHUNT.COM
📡 INFOSEC NEWS 1[−]
2 JunAPI security in the spotlight – Week in security with Tony AnscombeGiven the reliance of today's digital world on APIs and the fact that attacks targeting them continue to rise sharply, API security cannot be an afterthought.WELIVESECURITY.COM