Aggiornamenti di sicurezza WithSecure – precedentemente noto come F-Secure – risolvono una vulnerabilità di sicurezza nei prodotti Endpoint Protection. Tale vulnerabilità, qualora sfruttata, potrebbe permettere la compromissione della disponibilità del servizio sui dispositivi interessati. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: September 30, 2022 | Last revised: October 1, 2022 Microsoft has released Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server. According to the blog post, “Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users’…
Rilevato lo sfruttamento attivo in rete di 2 vulnerabilità di tipo “0-day” presenti nel prodotto Microsoft Exchange server. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: September 30, 2022 Drupal has released a security update to address a vulnerability affecting multiple versions of Drupal. An attacker could exploit this vulnerability to access sensitive information. For advisories addressing lower severity vulnerabilities, see Drupal’s Security advisories. CISA encourages users and…
Ricercatori di sicurezza hanno recentemente rilevato la distribuzione di un nuovo malware, denominato Chaos, volto a compromettere i server Windows e Linux al fine di inserirli in una botnet per future attività di post-exploitation. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: September 27, 2022 | Last revised: September 28, 2022 CISA has released three (3) Industrial Control Systems (ICS) advisories on September 27th, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators…
Nuovo aggiornamento di Google Chrome per Windows, Mac e Linux corregge 20 vulnerabilità di sicurezza, di cui 5 con gravità “alta”. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: September 22, 2022 CISA and the National Security Agency (NSA) have published a joint cybersecurity advisory about control system defense for operational technology (OT) and industrial control systems (ICSs). Control System Defense: Know the Opponent is intended to provide critical infrastructure owners…
