Rilevato lo sfruttamento attivo in rete di 2 vulnerabilità di tipo “0-day” presenti nel prodotto Microsoft Exchange server. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Rilevato lo sfruttamento attivo in rete di 2 vulnerabilità di tipo “0-day” presenti nel prodotto Microsoft Exchange server. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: September 30, 2022 Drupal has released a security update to address a vulnerability affecting multiple versions of Drupal. An attacker could exploit this vulnerability to access sensitive information. For advisories addressing lower severity vulnerabilities, see Drupal’s Security advisories. CISA encourages users and…
Ricercatori di sicurezza hanno recentemente rilevato la distribuzione di un nuovo malware, denominato Chaos, volto a compromettere i server Windows e Linux al fine di inserirli in una botnet per future attività di post-exploitation. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: September 27, 2022 | Last revised: September 28, 2022 CISA has released three (3) Industrial Control Systems (ICS) advisories on September 27th, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators…
Nuovo aggiornamento di Google Chrome per Windows, Mac e Linux corregge 20 vulnerabilità di sicurezza, di cui 5 con gravità “alta”. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: September 22, 2022 CISA and the National Security Agency (NSA) have published a joint cybersecurity advisory about control system defense for operational technology (OT) and industrial control systems (ICSs). Control System Defense: Know the Opponent is intended to provide critical infrastructure owners…
Rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2022-35405 – già sanata dal vendor – presente nei prodotti Zoho ManageEngine Password Manager Pro, PAM360 e Access Manager Plus. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.
Original release date: September 23, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise….
