Cybersecurity – Pagina 102 – Luca Donetti Dontin

Apr062024

Google Pixel: rilevato sfruttamento in rete delle CVE-2024-29745 e CVE-2024-29748 (AL03/240404/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

Aggiornamenti di sicurezza Google risolvono 24 vulnerabilità nei dispositivi Pixel. Di tali vulnerabilità si evidenziano le CVE-2024-29745 e CVE-2024-29748, per le quali il vendor afferma la presenza di evidenze di sfruttamento attivo in rete che potrebbero permettere la divulgazione di informazioni sensibili e la possibilità…

Continue reading →

Apr042024

CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities

in Cybersecurity
Tagged with Cisa

Today, CISA published a new dedicated High-Risk Communities webpage comprised of cybersecurity resources to support civil society communities at heighted risk of digital security threats, including cyber hygiene guidance, a repository of local cyber volunteer programs, and free or discounted tools and services. Despite their…

Continue reading →

Apr042024

Vulnerabilità in prodotti Hikvision (AL04/240403/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

Rilevate 3 vulnerabilità in alcuni Network Video Recorder (NVR) di Hickvision, di cui una con gravità “alta”. Tale vulnerabilità, qualora sfruttata, potrebbe consentire a un utente autenticato con privilegi amministrativi di eseguire comandi arbitrari sui dispositivi interessati. Source link Author: csirt@pec.acn.gov.it Article used for cyber…

Continue reading →

Apr022024

Apple Released Security Updates for Safari and macOS

in Cybersecurity
Tagged with Cisa

Apple released security updates to address a vulnerability (CVE-2024-1580) in Safari and macOS. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Safari 17.4.1 macOS…

Continue reading →

Apr022024

Campagna phishing a tema “liquidazione fatture” (AL02/240329/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

È stata rilevata una campagna di phishing, volta a carpire le credenziali delle potenziali vittime, che esorta l’utente a visualizzare un presunto documento contenente delle fatture da liquidare. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Mar312024

Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094

in Cybersecurity
Tagged with Cisa

CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow…

Continue reading →

Mar312024

Rilevata backdoor in XZ Utils (AL01/240330/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

Ricercatori di sicurezza hanno rilevato la presenza di una backdoor nei tool di compressione dati XZ Utils utilizzati in diverse distribuzioni Linux Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Mar292024

Cisco Releases Security Updates for Multiple Products

in Cybersecurity
Tagged with Cisa

Cisco released security updates to address vulnerabilities in Cisco IOS, IOS XE, and AP software. A cyber threat actor could exploit some of these vulnerabilities to cause a denial-of-service. CISA encourages users and administrators to review the following advisories and apply the necessary updates: Cisco…

Continue reading →