Aggiornamenti di sicurezza sanano 3 vulnerabilità con gravità “critica” presenti nei prodotti Confluence Data Center and Server, Companion App for MacOS e Assets Discovery. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Today, CISA released a Cybersecurity Advisory (CSA), Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs). The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and…
Google ha rilasciato gli aggiornamenti di sicurezza di dicembre per sanare molteplici vulnerabilità che interessano il sistema operativo Android, di cui 5 con gravità “critica”. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA is continually collaborating with partners across government and the private sector. As a result of this collaboration, CISA has concluded that there is insufficient evidence to keep the following CVE in the catalog and has removed it: CVE-2022-28958 DIR-816L Remote Code Execution Vulnerability Binding Operational…
Rilasciati aggiornamenti di sicurezza che risolvono diverse vulnerabilità, di cui 2 con gravità “alta”, in GitLab Community Edition (CE) e Enterprise Edition (EE). Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, iOS, and iPadOS. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply necessary…
Rilevata vulnerabilità di sicurezza con gravità “alta” nel prodotto SolarWinds Platform. Tale vulnerabilità, qualora sfruttata, potrebbe permettere a un utente malintenzionato remoto l’esecuzione di codice arbitrario sui sistemi interessati. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Today, CISA published guidance on How Software Manufacturers Can Shield Web Management Interfaces From Malicious Cyber Activity as a part of a new Secure by Design (SbD) Alert series. This SbD Alert urges software manufacturers to proactively prevent the exploitation of vulnerabilities in web…
