Luca Donetti Dontin Il sito di un pazzo sistemista! - page 6

Campagna phishing volta a carpire credenziali utente (AL03/240112/CSIRT-ITA)

È stato rilevato il riacutizzarsi di una campagna di phishing volta a carpire le credenziali utente delle potenziali vittime mediante form opportunamente predisposti che ripropongono loghi e riferimenti di note aziende del settore IT. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational…

Continue reading →

Vulnerabilità Zoom (AL05/240110/CSIRT-ITA)

Rilevata nuova vulnerabilità con gravità “alta” nel noto software di videoconferenza Zoom. Tale vulnerabilità, qualora sfruttata, potrebbe permettere a un utente autenticato di elevare i propri privilegi. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38203 Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-29300 Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-27524 Apache Superset Insecure Default Initialization of Resource Vulnerability CVE-2023-41990 Apple Multiple Products Code Execution Vulnerability…

Continue reading →

La Settimana Cibernetica del 7 gennaio 2024

Scarica il riepilogo delle notizie pubblicate dallo CSIRT Italia dal 1° al 7 gennaio 2024. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-7024 Google Chromium WebRTC Heap Buffer Overflow Vulnerability CVE-2023-7101 Spreadsheet::ParseExcel Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks…

Continue reading →

Aggiornamenti di sicurezza Android (AL02/240105/CSIRT-ITA)

Google ha rilasciato gli aggiornamenti di sicurezza di dicembre per sanare molteplici vulnerabilità che interessano il sistema operativo Android, di cui 3 con gravità “critica”. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems (ICS) advisories on January 4, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-004-01 Rockwell Automation FactoryTalk Activation ICSA-24-004-02 Mitsubishi Electric Factory Automation Products ICSA-23-348-15 Unitronics Vision and Samba Series (Update A)…

Continue reading →

Page 6 of 77 ← First ... 4 5 6 7 8 ... Last →