Luca Donetti Dontin Il sito di un pazzo sistemista! - page 10

Feb102024

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-21762 Fortinet FortiOS Out-of-Bound Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive…

Continue reading →

Feb102024

Rilevate vulnerabilità in prodotti Fortinet (AL03/240209/CSIRT-ITA)

Rilevate nuove vulnerabilità in alcuni prodotti Fortinet, di cui una con gravità “critica” e una con gravità “alta”. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Feb082024

CISA and Partners Release Advisory on PRC-sponsored Volt Typhoon Activity and Supplemental Living Off the Land Guidance

Today, CISA, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure alongside supplemental Joint Guidance: Identifying and Mitigating Living off the Land Techniques. The following…

Continue reading →

Feb082024

Risolte vulnerabilità in Google Chrome (AL04/240207/CSIRT-ITA)

Google ha rilasciato un aggiornamento per il browser Chrome al fine di correggere 3 vulnerabilità di sicurezza, di cui 2 con gravità “alta”. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Feb062024

Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components

Moby and the Open Container Initiative (OCI) have released updates for multiple vulnerabilities (CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626) affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and…

Continue reading →

Feb062024

Rilevata vulnerabilità in Mastodon (AL02/240205/CSIRT-ITA)

Risolta vulnerabilità con gravità “critica” in Mastodon, noto social network di microblogging open source decentralizzato. Tale vulnerabilità, qualora sfruttata, potrebbe permettere – a un utente malintenzionato remoto – la possibilità di impersonare e prendere il controllo di qualsiasi account remoto. Source link Author: csirt@pec.acn.gov.it Article…

Continue reading →

Feb042024

Juniper Networks Releases Security Bulletin for Juniper Secure Analytics

Juniper Networks released a security bulletin to address multiple vulnerabilities affecting Juniper Secure Analytics optional applications. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Security Bulletin JSA76718 and…

Continue reading →

Feb042024

PoC pubblico per lo sfruttamento della CVE-2023-6246 relativa a glibc (AL02/240131/CSIRT-ITA)

Disponibile un Proof of Concept (PoC) per la vulnerabilità CVE-2023-6246 presente in GNU C Library, conosciuta anche come glibc, libreria software open-source che fornisce servizi di sistema essenziali per sistemi operativi Unix-like. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Page 10 of 84 ← First ... 8 9 10 11 12 ... Last →