Risolta vulnerabilità con gravità “critica” in Mastodon, noto social network di microblogging open source decentralizzato. Tale vulnerabilità, qualora sfruttata, potrebbe permettere – a un utente malintenzionato remoto – la possibilità di impersonare e prendere il controllo di qualsiasi account remoto. Source link Author: csirt@pec.acn.gov.it Article…
Juniper Networks released a security bulletin to address multiple vulnerabilities affecting Juniper Secure Analytics optional applications. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper Security Bulletin JSA76718 and…
Disponibile un Proof of Concept (PoC) per la vulnerabilità CVE-2023-6246 presente in GNU C Library, conosciuta anche come glibc, libreria software open-source che fornisce servizi di sistema essenziali per sistemi operativi Unix-like. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA released two Industrial Control Systems (ICS) advisories on February 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-032-01 Gessler GmbH WEB-MASTER ICSA-24-032-03 AVEVA Edge products (formerly known as InduSoft Web Studio) CISA encourages users and administrators to review…
Apple ha rilasciato aggiornamenti di sicurezza per sanare molteplici vulnerabilità che interessano i propri prodotti. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
CISA is releasing this alert to provide cyber defenders with new mitigations to defend against threat actors exploiting Ivanti Connect Secure and Policy Secure Gateways vulnerabilities in Ivanti devices (CVE-2023-46805 and CVE-2024-21887). Threat actors are continuing to leverage vulnerabilities in Ivanti Connect Secure and…
È stata recentemente rilevata da questo CSIRT una nuova tecnica di distribuzione di codice malevolo tramite campagne di malspam a tema OneDrive. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.
Cisco released a security advisory to address a vulnerability (CVE-2024-20253) affecting multiple Unified Communications Products. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unified Communications Products Remote Code Execution Vulnerability advisory…
