Cybersecurity – Pagina 142 – Luca Donetti Dontin

Gen012023

CISA Adds One Known Exploited Vulnerability to Catalog

in Cybersecurity
Tagged with Cisa

Original release date: December 14, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and poses a significant risk to the federal enterprise….

Continue reading →

Dic312022

Risolta vulnerabilità in Apache Karaf (AL01/221230/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

Rilasciati aggiornamenti di sicurezza che sanano una vulnerabilità con gravità “critica” nel prodotto Apache Karaf. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Dic302022

CISA Adds Two Known Exploited Vulnerabilities to Catalog

in Cybersecurity
Tagged with Cisa

Original release date: December 29, 2022 CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To…

Continue reading →

Dic292022

Rilevato nuovo exploit OWASSRF in grado di aggirare le mitigazioni per ProxyNotShell (AL01/221227/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

Rilevato un nuovo metodo di exploitation, denominato “OWASSRF”, in grado di aggirare le contromisure proposte da Microsoft come mitigazione alla vulnerabilità di Exchange denominata ProxyNotShell. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Dic282022

CISA Consolidates Twitter Accounts

in Cybersecurity
Tagged with Cisa

Original release date: December 15, 2022 CISA has consolidated its social media presence on Twitter. Three accounts — @ICSCERT, @Cyber, and @CISAInfraSec — are no longer active. Additionally, the @USCERT_gov Twitter account is now renamed @CISACyber. The following current active Twitter accounts will include posts…

Continue reading →

Dic272022

Disponibili aggiornamenti per Samba (AL01/221216/CSIRT-ITA

in Cybersecurity
Tagged with csirt

Disponibili aggiornamenti di sicurezza per Samba che sanano 4 vulnerabilità con gravità “alta”. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →

Dic262022

Drupal Releases Security Updates to Address Vulnerabilities in H5P and File (Field) Paths

in Cybersecurity
Tagged with Cisa

Original release date: December 15, 2022 Drupal has released security updates to address vulnerabilities affecting H5P and the File (Field) Paths modules for Drupal 7.x. An attacker could exploit these vulnerabilities to access sensitive information and remotely execute code. CISA encourages users and administrators to…

Continue reading →

Dic252022

Risolte multiple vulnerabilità nel kernel Linux (AL01/221223/CSIRT-ITA)

in Cybersecurity
Tagged with csirt

Risolte 5 vulnerabilità che impattano il kernel Linux. Tali vulnerabilità risiedono in ksmbd, un file server CIFS/SMB3 che è stato integrato nel Kernel a partire dalla versione 5.15. Source link Author: csirt@pec.acn.gov.it Article used for cyber security disclosure.

Continue reading →