Luca Donetti Dontin Il sito di un pazzo sistemista! - page 87

Feb062024

Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components

Moby and the Open Container Initiative (OCI) have released updates for multiple vulnerabilities (CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626) affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and…

Continue reading →

Feb062024

Rilevata vulnerabilità in Mastodon (AL02/240205/CSIRT-ITA)

Risolta vulnerabilità con gravità “critica” in Mastodon, noto social network di microblogging open source decentralizzato. Tale vulnerabilità, qualora sfruttata, potrebbe permettere – a un utente malintenzionato remoto – la possibilità di impersonare e prendere il controllo di qualsiasi account remoto. Source link Author: csirt@pec.acn.gov.it Article…

Continue reading →

Feb042024

Juniper Networks Releases Security Bulletin for Juniper Secure Analytics

Juniper Networks released a security bulletin to address multiple vulnerabilities affecting Juniper Secure Analytics optional applications. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Security Bulletin JSA76718 and…

Continue reading →

Feb042024

PoC pubblico per lo sfruttamento della CVE-2023-6246 relativa a glibc (AL02/240131/CSIRT-ITA)

Disponibile un Proof of Concept (PoC) per la vulnerabilità CVE-2023-6246 presente in GNU C Library, conosciuta anche come glibc, libreria software open-source che fornisce servizi di sistema essenziali per sistemi operativi Unix-like. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Feb022024

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems (ICS) advisories on February 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-032-01 Gessler GmbH WEB-MASTER  ICSA-24-032-03 AVEVA Edge products (formerly known as InduSoft Web Studio) CISA encourages users and administrators to review…

Continue reading →

Feb022024

Aggiornamenti di sicurezza Apple (AL01/221214/CSIRT-ITA) – Aggiornamento

Apple ha rilasciato aggiornamenti di sicurezza per sanare molteplici vulnerabilità che interessano i propri prodotti. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Gen312024

New Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways

CISA is releasing this alert to provide cyber defenders with new mitigations to defend against threat actors exploiting Ivanti Connect Secure and Policy Secure Gateways vulnerabilities in Ivanti devices (CVE-2023-46805 and CVE-2024-21887).   Threat actors are continuing to leverage vulnerabilities in Ivanti Connect Secure and…

Continue reading →

Gen312024

Rilevate nuove tecniche di distribuzione malware tramite campagne di malspam (AL02/240130/CSIRT-ITA)

È stata recentemente rilevata da questo CSIRT una nuova tecnica di distribuzione di codice malevolo tramite campagne di malspam a tema OneDrive. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Page 87 of 161 ← First ... 85 86 87 88 89 ... Last →