CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow…
Ricercatori di sicurezza hanno rilevato la presenza di una backdoor nei tool di compressione dati XZ Utils utilizzati in diverse distribuzioni Linux Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Cisco released security updates to address vulnerabilities in Cisco IOS, IOS XE, and AP software. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco…
Splunk ha rilasciato aggiornamenti di sicurezza per correggere 2 vulnerabilità con gravità “alta” nel noto prodotto per l’analisi del traffico di rete Enterprise. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-24955 Microsoft SharePoint Server Code Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational…
Microsoft ha rilasciato gli aggiornamenti di sicurezza mensili che risolvono un totale di 38 nuove vulnerabilità, 3 di tipo 0-day. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Johannes published a basic NAT46 configuration for a Fortigate firewall with FortiOS 7.0 some time ago. I run such a service (legacy IPv4 access to IPv6-only resources) since FortiOS 5.6, which means more than six years; lastly with FortiOS 6.4. It’s running for more than…
CISA released one Industrial Control Systems (ICS) advisory on March 21, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-081-01 Advantech WebAccess/SCADA CISA encourages users and administrators to review the newly released ICS advisory for technical details and…
