Cross-Site Scripting in Magic Fields 1 WordPress Plugin
Home » Cross-Site Scripting in Magic Fields 1 WordPress Plugin
Cross-Site Scripting in Magic Fields 1 WordPress Plugin
Condividi
RSS
Piu’ articoli…
- Analisi della postura di sicurezza: guida al confronto tra BAS e penetration test
- CIS Controls e Vulnerability Assessment: guida pratica all’adozione delle best practice
- Analisi della postura di sicurezza: guida completa per rafforzare la cybersecurity
- Deception vs EDR: qual è la migliore strategia di difesa dalle minacce?
- Deception: Ingannare gli Hacker per Proteggere la Tua Rete
- Active Defence Deception: la cybersecurity che batte gli hacker con le loro stesse armi
- Decezione informatica: cos’è, come funziona e perché è fondamentale per la cybersecurity
- CSIRT e SOC: differenze tra gestione degli incidenti e monitoraggio della sicurezza
Categorie …
- Backup as a Service (24)
- Acronis Cloud Backup (18)
- Veeam Cloud Connect (3)
- Cloud CRM (1)
- Cloud Server/VPS (23)
- Conferenza Cloud (4)
- Log Management (2)
- Monitoraggio ICT (4)
- Novita' (17)
- ownCloud (7)
- Privacy (8)
- Secure Online Desktop (14)
- Security (203)
- Cyber Threat Intelligence (CTI) (8)
- Decemption (4)
- Ethical Phishing (9)
- Penetration Test (15)
- Posture Guard (2)
- SOCaaS (65)
- Vulnerabilita' (83)
- Web Hosting (15)
Tags
CSIRT
- Rilevate vulnerabilità in Progress WS_FTP Server
(AL01/230929/CSIRT-ITA) - Aggiornamento Ottobre 2, 2023Aggiornamenti di sicurezza Progress sanano alcune vulnerabilità, di cui due con gravità “critica” e 3 con gravità “alta”, presenti in WS_FTP Server, software server FTP per il trasferimento di file in modo sicuro e affidabile. Tali vulnerabilità, qualora sfruttate, potrebbero consentire a un utente malintenzionato remoto l’esecuzione di codice arbitrario e l’accesso a file sensibili […]
- La Settimana Cibernetica del 1 ottobre 2023 Ottobre 2, 2023Scarica il riepilogo delle notizie pubblicate dallo CSIRT Italia dal 25 settembre al 1 ottobre 2023.
- Rilevate vulnerabilità zero-day in Exim
(AL01/230930/CSIRT-ITA) Settembre 30, 2023Sono stata rilevate diverse vulnerabilità zero-day impattanti il server di posta Exim, di cui una con gravità “critica” e due con gravità “alta”.
- Aggiornamenti di sicurezza per prodotti Mozilla
(AL03/230929/CSIRT-ITA) Settembre 29, 2023Mozilla ha rilasciato aggiornamenti di sicurezza per sanare una vulnerabilità con gravità “critica” nei prodotti Firefox, Firefox ESR, Firefox Focus e Firefox per Android.
- Sanate vulnerabilità su GitLab CE/EE
(AL02/230929/CSIRT-ITA) Settembre 29, 2023Rilasciati aggiornamenti di sicurezza che risolvono diverse vulnerabilità, di cui 3 con gravità “alta”, in GitLab Community Edition (CE) e Enterprise Edition (EE).
- PoC pubblico per lo sfruttamento della CVE-2023-42793
(AL03/230928/CSIRT-ITA) Settembre 28, 2023Disponibile un Proof of Concept (PoC) per la vulnerabilità CVE-2023-42793 – già sanata dal vendor – presente in Teamcity, piattaforma software CI/CD general-purpose di JetBrains. Tale vulnerabilità, qualora sfruttata, potrebbe permettere a un utente malintenzionato remoto non autenticato, il bypass dei meccanismi di sicurezza e l’esecuzione di codice arbitrario sui server Teamcity.
- Rilevato sfruttamento in rete della CVE-2023-5187 relativa a Google Chrome
(AL02/230928/CSIRT-ITA) Settembre 28, 2023Rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2023-5187 – già sanata dal vendor – presente nel noto browser Chrome di Google.
- Rilevate vulnerabilità in prodotti Cisco
(AL01/230928/CSIRT-ITA) Settembre 28, 2023Aggiornamenti di sicurezza Cisco sanano alcune vulnerabilità, di cui una con gravità “critica” e 10 con gravità “alta”, presenti in vari prodotti.
- Aggiornamenti di sicurezza per prodotti Mozilla
(AL02/230927/CSIRT-ITA) Settembre 27, 2023Mozilla ha rilasciato aggiornamenti di sicurezza per sanare molteplici vulnerabilità, di cui 6 con gravità “alta”, nei prodotti Firefox, Firefox ESR e Thunderbird.
- Aggiornamenti di sicurezza Apple
(AL01/230927/CSIRT-ITA) Settembre 27, 2023Apple ha rilasciato aggiornamenti di sicurezza per sanare molteplici che interessano i prodotti Safari e macOS Sonoma.
Dark Reading
- The Silent Threat of APIs: What the New Data Reveals About Unknown Risk Ottobre 2, 2023The rapid growth of APIs creates a widening attack surface and increasing unknown cybersecurity risks.
- Securing AI: What You Should Know Settembre 29, 2023Securing AI within your organization starts with understanding how AI differs from traditional business tools. Google's Secure AI Framework provides a model for what to do next.
- How Can Your Security Team Help Developers Shift Left? Settembre 29, 2023Implementing a shift-left process in cybersecurity requires pulling together people, processes, and technology.
- Spyware Vendor Targets Egyptian Orgs With Rare iOS Exploit Chain Settembre 29, 2023The Israeli company developed highly-targeted, mobile malware that would make any APT jealous.
- DHS: Physical Security a Concern in Johnson Controls Cyberattack Settembre 29, 2023An internal memo cites DHS floor plans that could have been accessed in the breach.
- Cybersecurity Gaps Plague US State Department, GAO Report Warns Settembre 29, 2023The federal department that oversees the US diplomatic corps abroad suffers a serious lack of visibility into the cyber threats it faces and the security vulnerabilities it's harboring.
- Move Over, MOVEit: Critical Progress Bug Infests WS_FTP Software Settembre 29, 2023In the wake of Cl0p's MOVEit rampage, Progress Software is sending file-transfer customers scrambling again — this time to patch a critical bug that is easily exploitable with a specially crafted HTTPS POST request.
- People Still Matter in Cybersecurity Management Settembre 29, 2023Cybersecurity's constant stream of shiny new things shouldn't distract managers from their focus on the people they're protecting.
- Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files Settembre 29, 2023Images purporting to be of the Armenia and Azerbaijan conflict were malware downloaders in disguise.
- QR Code 101: What the Threats Look Like Settembre 29, 2023Because QR codes can be used for phishing as easily as an email or text can, organizations must remain vigilant when dealing with them.
Full Disclosure
- [tool] WatchGuard Firebox Web Update Unpacker Settembre 25, 2023Posted by retset on Sep 25A small utility for extracting file system images from "sysa-dl" update files. https://github.com/ret5et/Watchguard_WebUI_Unpacker
- APPLE-SA-2023-09-21-6 macOS Ventura 13.6 Settembre 23, 2023Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-6 macOS Ventura 13.6 macOS Ventura 13.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213931. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Additional CVE entries coming soon. Kernel Available for: macOS […]
- APPLE-SA-2023-09-21-7 macOS Monterey 12.7 Settembre 23, 2023Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-7 macOS Monterey 12.7 macOS Monterey 12.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213932. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Additional CVE entries coming soon. Kernel Available for: macOS […]
- APPLE-SA-2023-09-21-5 watchOS 9.6.3 Settembre 23, 2023Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-5 watchOS 9.6.3 watchOS 9.6.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213929. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Kernel Available for: Apple Watch Series 4 and later Impact: A […]
- APPLE-SA-2023-09-21-4 watchOS 10.0.1 Settembre 23, 2023Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-4 watchOS 10.0.1 watchOS 10.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213928. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Kernel Available for: Apple Watch Series 4 and later Impact: A […]
- APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7 Settembre 23, 2023Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7 iOS 16.7 and iPadOS 16.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213927. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Additional CVE entries coming soon. […]
- APPLE-SA-2023-09-21-2 iOS 17.0.1 and iPadOS 17.0.1 Settembre 23, 2023Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-2 iOS 17.0.1 and iPadOS 17.0.1 iOS 17.0.1 and iPadOS 17.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213926. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Kernel Available for: iPhone XS […]
- APPLE-SA-2023-09-21-1 Safari 16.6.1 Settembre 23, 2023Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-1 Safari 16.6.1 Safari 16.6.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213930. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. WebKit Available for: macOS Big Sur and Monterey Impact: Processing web […]
- Advisory X41-2023-001: Two Vulnerabilities in OPNsense Settembre 23, 2023Posted by X41 D-Sec GmbH Advisories via Fulldisclosure on Sep 22Advisory X41-2023-001: Two Vulnerabilities in OPNsense =========================================================== Highest Severity Rating: High Confirmed Affected Versions: 23.1.11_1, 23.7.3, 23.7.4 Confirmed Patched Versions: Commit 484753b2abe3fd0fcdb73d8bf00c3fc3709eb8b7 Vendor: Deciso B.V. / OPNsense Vendor URL: https://opnsense.org Credit: X41 D-Sec GmbH, Yasar Klawohn and JM Status: Public Advisory-URL:...
- SEC Consult SA-20230918-0 :: Authenticated Remote Code Execution and Missing Authentication in Atos Unify OpenScape Settembre 18, 2023Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 18SEC Consult Vulnerability Lab Security Advisory < 20230918-0 > ======================================================================= title: Authenticated Remote Code Execution and Missing Authentication product: Atos Unify OpenScape Session Border Controller Atos Unify OpenScape Branch Atos Unify OpenScape BCF vulnerable version: OpenScape SBC...
Customers
Twitter FEED
Recent activity
-
SecureOnlineDesktop
Estimated reading time: 6 minutes L'impatto crescente delle minacce informatiche, su sistemi operativi privati op… https://t.co/FimxTS4o9G
-
SecureOnlineDesktop
Estimated reading time: 6 minutes The growing impact of cyber threats, on private or corporate operating systems… https://t.co/y6G6RYA9n1
-
SecureOnlineDesktop
Tempo di lettura stimato: 6 minuti Today we are talking about the CTI update of our services. Data security is… https://t.co/YAZkn7iFqa
-
SecureOnlineDesktop
Estimated reading time: 6 minutes Il tema della sicurezza delle informazioni è di grande attualità in questo peri… https://t.co/tfve5Kzr09
-
SecureOnlineDesktop
Estimated reading time: 6 minutes The issue of information security is very topical in this historical period ch… https://t.co/TP8gvdRcrF
Newsletter
Prodotti e Soluzioni
News
- Analisi della postura di sicurezza: guida al confronto tra BAS e penetration test Settembre 27, 2023
- CIS Controls e Vulnerability Assessment: guida pratica all’adozione delle best practice Settembre 25, 2023
- Analisi della postura di sicurezza: guida completa per rafforzare la cybersecurity Agosto 21, 2023
- Deception vs EDR: qual è la migliore strategia di difesa dalle minacce? Agosto 16, 2023
- Deception: Ingannare gli Hacker per Proteggere la Tua Rete Agosto 14, 2023
Recensioni Google
















© 2023 Secure Online Desktop s.r.l. All Rights Reserved. Registered Office: via dell'Annunciata 27 – 20121 Milan (MI), Operational Office: via statuto 3 - 42121 Reggio Emilia (RE) – PEC [email protected] Tax code and VAT number 07485920966 – R.E.A. MI-1962358 Privacy Policy - ISO Certifications