Luca Donetti Dontin Il sito di un pazzo sistemista! - page 20

CISA Adds One Known Exploited Vulnerability to Catalog

Original release date: July 1, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise….

Continue reading →

MedusaLocker: rilasciati dettagli sul ransomware (BL01/220701/CSIRT-ITA)

Il Federal Bureau of Investigation (FBI), la Cybersecurity and Infrastructure Security Agency (CISA), il Dipartimento del Tesoro statunitense e la Financial Crimes Enforcement Network (FinCEN) hanno recentemente pubblicato un Cybersecurity Advisory (CSA) congiunto in cui evidenziano dettagli inerenti al Ransomware-as-a-Service (RaaS) denominato “MedusaLocker”. Source link…

Continue reading →

#StopRansomware: MedusaLocker

Original release date: June 30, 2022 CISA, the Federal Bureau of Investigation (FBI), the Department of the Treasury (Treasury), and the Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory (CSA), #StopRansomware: MedusaLocker, to provide information on MedusaLocker ransomware. MedusaLocker actors target vulnerabilities…

Continue reading →

La Settimana Cibernetica del 26 giugno 2022

Scarica il riepilogo delle notizie pubblicate dallo CSIRT Italia dal 20 al 26 giugno 2022 Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.

Continue reading →

CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1

Original release date: June 28, 2022  CISA has released guidance on switching from Basic Authentication (“Basic Auth”) in Microsoft Exchange Online to Modern Authentication (“Modern Auth”) before Microsoft begins permanently disabling Basic Auth on October 1, 2022. Basic Auth is a legacy authentication method that…

Continue reading →

PoC pubblico per lo sfruttamento della CVE-2022-31626 (AL01/220627/CSIRT-ITA)

Disponibile un Proof of Concept (PoC) per la vulnerabilità CVE-2022-31626 – già sanata dal vendor – presente in PHP. Tale vulnerabilità, qualora sfruttata, potrebbe permettere ad un utente malintenzionato remoto di eseguire codice arbitrario sui sistemi target. Source link Author: csirt@alfacert.gov.it Article used for cyber…

Continue reading →

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

Original release date: June 23, 2022  CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit CVE-2021-44228 (Log4Shell) in…

Continue reading →

Rilasciati aggiornamenti di sicurezza per Jenkins e Jenkins LTS (AL05/220623/CSIRT-ITA)

Rilasciato il Jenkins Security Advisory di giugno che risolve molteplici vulnerabilità in Jenkins weekly e Jenkins LTS. Source link Author: csirt@alfacert.gov.it Article used for cyber security disclosure.

Continue reading →

Page 20 of 35 ← First ... 18 19 20 21 22 ... Last →