Blog – Pagina 164 – Luca Donetti Dontin

Giu192022

Cisco Releases Security Updates for Multiple Products

in Cybersecurity
Tagged with Cisa

Original release date: June 16, 2022 Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page….

Continue reading →

Giu182022

PoC pubblico per lo sfruttamento della CVE-2022-25845 (AL01/220617/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

Disponibile un Proof of Concept (PoC) per la vulnerabilità CVE-2022-25845 presente nella libreria Java denominata Fastjson, utilizzata per convertire oggetti Java in formato JSON e viceversa. Tale vulnerabilità, qualora sfruttata, potrebbe permettere ad un utente malintenzionato remoto di eseguire codice arbitrario sui sistemi interessati. Source…

Continue reading →

Giu172022

CISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case

in Cybersecurity
Tagged with Cisa

Original release date: June 16, 2022 CISA has released Trusted Internet Connections (TIC) 3.0 Cloud Use Case for public comment. TIC is a federal cybersecurity initiative intended to secure federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications. TIC use…

Continue reading →

Giu162022

Rilevate vulnerabilità in prodotti Splunk (AL02/220616/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

Splunk ha rilasciato aggiornamenti di sicurezza per correggere 8 vulnerabilità nei propri prodotti, di cui una con gravità “critica”. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.

Continue reading →

Giu152022

Adobe Releases Security Updates for Multiple Products

in Cybersecurity
Tagged with Cisa

Original release date: June 14, 2022 Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Adobe Security Bulletins and…

Continue reading →

Giu142022

Aggiornamenti DRUPAL (AL01/220613/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

Aggiornamenti di sicurezza risolvono due vulnerabilità in Drupal Core. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.

Continue reading →

Giu132022

CISA Adds Three Known Exploited Vulnerabilities to Catalog  

in Cybersecurity
Tagged with Cisa

Original release date: June 9, 2022 CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise….

Continue reading →

Giu122022

Analisi dell’esposizione di Firewall Zyxel da parte di indirizzi IP italiani (BL01/220610/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

Lo CSIRT Italia rende disponibile un’analisi dei dispositivi Zyxel vulnerabili e/o non più supportati dal vendor presenti sul territorio nazionale. Source link Author: csirt@alfacert.gov.it(CSIRT Italia) Article used for cyber security disclosure.

Continue reading →