Rilevate 5 vulnerabilità di sicurezza nel prodotto SolarWinds Access Rights Manager. Tali vulnerabilità, qualora sfruttate, potrebbero permettere a un utente malintenzionato remoto l’esecuzione di codice arbitrario sui sistemi interessati. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2020-3259 Cisco ASA and FTD Information Disclosure Vulnerability CVE-2024-21410 Microsoft Exchange Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and…
Eset corregge una vulnerabilità di sicurezza con gravità “alta” che interessa i propri prodotti di sicurezza. Tale vulnerabilità, qualora sfruttata, potrebbe consentire a un attaccante locale la possibilità di elevare i propri privilegi sui sistemi interessati. Source link Author: csirt@pec.acn.gov.it Article used for cyber security…
Today, CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization to provide network defenders with the tactics, techniques, and procedures (TTPs) utilized by a threat actor…
Microsoft ha rilasciato gli aggiornamenti di sicurezza mensili che risolvono un totale di 73 nuove vulnerabilità, di cui 2 di tipo 0-day. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to review the…
Rilevate nuove vulnerabilità, di cui una con gravità “critica” e una con gravità “alta”, in alcuni relativi alla suite di videoconferenza Zoom. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
JetBrains released a security advisory to address a vulnerability (CVE-2024-23917) in TeamCity On-Premises. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Critical Security Issue Affecting TeamCity On-Premises-CVE-2024-23917 and apply the necessary…
