Original release date: October 7, 2022 The Federal Bureau of Investigation (FBI) and CISA have published a joint public service announcement that: Describes methods that foreign actors use to spread and amplify false information—including reports of alleged malicious cyber activity—in attempts to undermine trust in election infrastructure….
VMware ha rilasciato aggiornamenti di sicurezza per sanare 2 vulnerabilità nei prodotti ESXi, vCenter Server e Cloud Foundation. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: October 6, 2022 CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA) providing the top Common Vulnerabilities and Exposures (CVEs) used since 2020 by People’s Republic of China (PRC) state-sponsored cyber…
Rilevata una vulnerabilità nell’installer relativo ai software per la gestione remota dei dispositivi RealVNC VNC Server e VNC Viewer. Tale vulnerabilità, qualora sfruttata, potrebbe permettere l’elevazione dei privilegi sui dispositivi interessati tramite la manipolazione del componente MSI installer Repair. Source link Author: csirt@alfacert.gov.it Article used…
Original release date: October 4, 2022 CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have released a joint Cybersecurity Advisory (CSA), Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization, highlighting advanced persistent threat (APT)…
Aggiornamenti di sicurezza WithSecure – precedentemente noto come F-Secure – risolvono una vulnerabilità di sicurezza nei prodotti Endpoint Protection. Tale vulnerabilità, qualora sfruttata, potrebbe permettere la compromissione della disponibilità del servizio sui dispositivi interessati. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: September 30, 2022 | Last revised: October 1, 2022 Microsoft has released Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server. According to the blog post, “Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users’…
Rilevato lo sfruttamento attivo in rete di 2 vulnerabilità di tipo “0-day” presenti nel prodotto Microsoft Exchange server. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
