🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
15 JunChromium: CVE-2023-3214 Use after free in Autofill paymentsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
15 JunChromium: CVE-2023-3215 Use after free in WebRTCThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
15 JunChromium: CVE-2023-3216 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
15 JunChromium: CVE-2023-3217 Use after free in WebXRThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
15 JunCVE-2023-29363 Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityAdded acknowledgements. This is an informational change only.MSRC.MICROSOFT.COM
15 JunCVE-2023-29370 Windows Media Remote Code Execution VulnerabilityUpdated acknowledgment.MSRC.MICROSOFT.COM
📢 SECURITY ADVISORIES 1[−]
15 JunPalo Alto Networks Achieves Cyber Essentials Plus Certification in the UKDigital transformation and geopolitical tensions are fuelling a rapid evolution of the threat landscape, particularly impacting critical service providers and businesses. With this, building a resilient and secure digital UK has never … The post Palo Alto Networks Achieves …PALOALTONETWORKS.COM
🔥 INCIDENT REPORTING 2[−]
15 JunHave I Been Pwned Domain Searches: The Big 5 Announcements!Presently sponsored by: Kolide ensures that if a device isn't secure, it can't access your apps. It's Device Trust for Okta. Watch the demo today! There are presently 201k people monitoring domains in Have I Been Pwned (HIBP). That's massive! That's 201k people that hav…TROYHUNT.COM
15 JunPublic Cloud Security Breachessubmitted by 0xCBE to cloudsecurity 6 points | 0 comments https://www.breaches.cloud/ Very useful collection of security incidents involving public cloudsBREACHES.CLOUD
🕵️ THREAT INTELLIGENCE 2[−]
15 JunContainer security fundamentals seriessubmitted by 0xCBE to cloudsecurity 11 points | 0 comments https://securitylabs.datadoghq.com/articles/container-security-fundamentals-part-1/ This is an excellent series on container security fundamentals by Rory McCune who is a bit of an authority in this field: part 1 part 2 p…SECURITYLABS.DATADOGHQ.COM
15 JunHow to get rid of AWS access keys- Part 1: The easy winssubmitted by 0xCBE to cloudsecurity 6 points | 3 comments https://www.wiz.io/blog/how-to-get-rid-of-aws-access-keys-part-1-the-easy-wins? (I am not fond on vendor’s blogs as the signal to noise ratio is very low, since they are written to please search engines more than engineers…WIZ.IO
🌐 CYBER THREAT LANDSCAPE 1[−]
15 JunAndroid GravityRAT goes after WhatsApp backupsESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to delete filesWELIVESECURITY.COM