Today, CISA published a new dedicated High-Risk Communities webpage comprised of cybersecurity resources to support civil society communities at heighted risk of digital security threats, including cyber hygiene guidance, a repository of local cyber volunteer programs, and free or discounted tools and services. Despite their…
Rilevate 3 vulnerabilità in alcuni Network Video Recorder (NVR) di Hickvision, di cui una con gravità “alta”. Tale vulnerabilità, qualora sfruttata, potrebbe consentire a un utente autenticato con privilegi amministrativi di eseguire comandi arbitrari sui dispositivi interessati. Source link Author: csirt@pec.acn.gov.it Article used for cyber…
It happens occasionally that a customer has to choose between a Palo and a Forti. While I would always favour the Palo for good reasons, I can understand that the Forti is chosen for cost savings, for example. Fortunately, there is a hidden way of…
Apple released security updates to address a vulnerability (CVE-2024-1580) in Safari and macOS. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Safari 17.4.1 macOS…
È stata rilevata una campagna di phishing, volta a carpire le credenziali delle potenziali vittime, che esorta l’utente a visualizzare un presunto documento contenente delle fatture da liquidare. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow…
Ricercatori di sicurezza hanno rilevato la presenza di una backdoor nei tool di compressione dati XZ Utils utilizzati in diverse distribuzioni Linux Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Cisco released security updates to address vulnerabilities in Cisco IOS, IOS XE, and AP software. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco…
