Today, in a landmark collaboration, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (NCSC) are proud to announce the release of the Guidelines for Secure AI System Development. Co-sealed by 23 domestic and international cybersecurity organizations, this publication…
Scarica il riepilogo delle notizie pubblicate dallo CSIRT Italia dal 20 al 26 novembre 2023. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Firefox…
Microsoft ha rilasciato gli aggiornamenti di sicurezza mensili che risolvono un totale di 63 nuove vulnerabilità, 5 di tipo 0-day Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
On Nov. 14, 2023, Adobe released security updates addressing vulnerabilities affecting unpatched ColdFusion software. Exploitation of some of these vulnerabilities may allow a malicious cyber actor to take control of an affected system. CISA urges organizations to review Adobe ColdFusion security bulletin APSB23-52 for more…
Zoho ha rilasciato un bollettino di sicurezza per descrivere una vulnerabilità con gravità “alta” – identificata tramite la CVE-2023-48646 e già sanata dal vendor – presente nel prodotto RecoveryManager Plus. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA released five Industrial Control Systems (ICS) advisories on November 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-325-01 WAGO PFC200 Series ICSA-23-325-02 Fuji Electric Tellus Lite V-Simulator ICSA-23-208-03 Mitsubishi Electric CNC Series (Update C) ICSA-23-115-01 Keysight…
Zyxel rilascia aggiornamenti di sicurezza per sanare una vulnerabilità presente nel client SecuExtender SSL VPN. Tale vulnerabilità potrebbe consentire a un utente locale la possibilità di elevare i propri privilegi e l’esecuzione di comandi arbitrari sui sistemi interessati. Source link Author: csirt@pec.acn.gov.it Article used for…
