Cisco released a security advisory to address a vulnerability (CVE-2024-20253) affecting multiple Unified Communications Products. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unified Communications Products Remote Code Execution Vulnerability advisory…
Rilasciati aggiornamenti di sicurezza che risolvono diverse vulnerabilità, di cui una con gravità “critica”, in GitLab Community Edition (CE) e Enterprise Edition (EE). Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Today, CISA published Guidance on Assembling a Group of Products created by the Software Bill of Materials (SBOM) Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by CISA. CISA’s community-driven working groups publish documents and reports to advance and refine SBOM and…
Rilasciato il Jenkins Security Advisory di gennaio che risolve 2 vulnerabilità, di cui una con gravità “critica”, in Jenkins (Core) weekly e LTS. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Mozilla has released security updates to address vulnerabilities in Thunderbird and Firefox. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Thunderbird…
Apple ha rilasciato aggiornamenti di sicurezza per sanare 43 vulnerabilità nei propri prodotti. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-34048 VMware vCenter Server Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational…
È stato rilevato il riacutizzarsi di una campagna di smishing a tema corrispondenza che sfrutta nomi e loghi riferibili ai servizi erogati da Poste Italiane. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
