CISA released one Industrial Control Systems (ICS) advisory on March 21, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-081-01 Advantech WebAccess/SCADA CISA encourages users and administrators to review the newly released ICS advisory for technical details and…
È stata rilevata una nuova campagna di phishing che sfrutta loghi e riferimenti riconducibili a Trenitalia, al fine di carpire le informazioni personali delle potenziali vittime, compresi gli estremi delle carte di credito. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Today, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an updated joint guide, Understanding and Responding to Distributed Denial-Of-Service Attacks, to address the specific needs and challenges faced by organizations in defending against DDoS attacks. The…
Mozilla ha rilasciato aggiornamenti di sicurezza per sanare 2 vulnerabilità nei prodotti Firefox e Firefox ESR. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Today, CISA, the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other U.S. and international partners are issuing a joint fact sheet, People’s Republic of China State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders. Partners of this publication include: U.S. Department of Energy…
Google ha rilasciato un aggiornamento per il browser Chrome al fine di correggere 12 vulnerabilità di sicurezza, di cui una con gravità “alta”. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Software producers who partner with the federal government can now upload their Secure Software Development Attestation Forms to CISA’s Repository for Software Attestation and Artifacts. Software producers that provide the government software can fill out the form to attest to implementation of specific security practices….
Disponibile un Proof of Concept (PoC) per la CVE-2024-23334 – già sanata dalla comunità di sviluppatori – presente nel framework AIOHTTP, utilizzato per creare applicazioni web ad alte prestazioni che richiedono la gestione di elevate richieste HTTP. Tale vulnerabilità – con score CVSS v3.x pari…
