Deception: Confronto con gli Hacker sul Loro Terreno

Condividi

RSS

Piu’ articoli…

• CIS Controls e Vulnerability Assessment: guida pratica all’adozione delle best practice
• Analisi della postura di sicurezza: guida completa per rafforzare la cybersecurity
• Deception vs EDR: qual è la migliore strategia di difesa dalle minacce?
• Deception: Ingannare gli Hacker per Proteggere la Tua Rete
• Active Defence Deception: la cybersecurity che batte gli hacker con le loro stesse armi
• Decezione informatica: cos’è, come funziona e perché è fondamentale per la cybersecurity
• CSIRT e SOC: differenze tra gestione degli incidenti e monitoraggio della sicurezza
• CSIRT: rispondere agli incidenti IT per proteggere il business

Categorie …

• Backup as a Service (24)
  • Acronis Cloud Backup (18)
  • Veeam Cloud Connect (3)
• Cloud CRM (1)
• Cloud Server/VPS (23)
• Conferenza Cloud (4)
• Log Management (2)
• Monitoraggio ICT (4)
• Novita' (17)
• ownCloud (7)
• Privacy (8)
• Secure Online Desktop (14)
• Security (202)
  • Cyber Threat Intelligence (CTI) (8)
  • Decemption (4)
  • Ethical Phishing (9)
  • Penetration Test (15)
  • Posture Guard (1)
  • SOCaaS (65)
    • EDR (6)
    • SIEM (12)
    • SOAR (4)
    • UEBA (9)
  • Vulnerabilita' (83)
• Web Hosting (15)

Tags

CSIRT

• Aggiornamenti per Elasticsearch (AL01/230925/CSIRT-ITA) Settembre 25, 2023
  Elastic NV rilascia aggiornamenti di sicurezza per sanare una vulnerabilità in Elasticsearch, noto server di ricerca e analisi basato su Lucene. Tale vulnerabilità, qualora sfruttata, potrebbe permettere a un utente malintenzionato la compromissione della disponibilità del servizio sui dispositivi interessati.
• La Settimana Cibernetica del 24 settembre 2023 Settembre 25, 2023
  Scarica il riepilogo delle notizie pubblicate dallo CSIRT Italia dal 18 al 24 settembre 2023.
• Vulnerabilità in prodotti QNAP (AL02/230922/CSIRT-ITA) Settembre 22, 2023
  Aggiornamenti di sicurezza QNAP risolvono 2 vulnerabilità con gravità “alta” che interessano i prodotti QTS e Multimedia Console.
• Aggiornamenti di sicurezza Apple (AL01/230922/CSIRT-ITA) Settembre 22, 2023
  Apple ha rilasciato aggiornamenti di sicurezza per sanare 3 vulnerabilità di tipo 0-day che interessano i propri prodotti.
• Aggiornamenti per Kibana (AL05/230921/CSIRT-ITA) Settembre 21, 2023
  Elastic NV rilascia aggiornamenti di sicurezza per sanare una vulnerabilità con gravità “critica” in Kibana, nota piattaforma di visualizzazione dati. Tale vulnerabilità, qualora sfruttata, potrebbe permettere a un utente malintenzionato di accedere a informazioni sensibili nel file di log di Kibana.
• Rilevate vulnerabilità in prodotti Atlassian (AL04/230921/CSIRT-ITA) Settembre 21, 2023
  Aggiornamenti di sicurezza sanano 4 vulnerabilità presenti in vari prodotti Atlassian.
• Aggiornamenti per ISC BIND (AL03/230921/CSIRT-ITA) Settembre 21, 2023
  Aggiornamenti di sicurezza ISC sanano 2 vulnerabilità con gravità “alta” nel prodotto BIND che potrebbero comportare la compromissione della disponibilità del servizio.
• Aggiornamenti DRUPAL (AL02/230921/CSIRT-ITA) Settembre 21, 2023
  Aggiornamenti di sicurezza risolvono una vulnerabilità, con gravità “critica”, in Drupal Core.
• Aggiornamenti di sicurezza per Jenkins Core (AL01/230921/CSIRT-ITA) Settembre 21, 2023
  Rilasciato il Jenkins Security Advisory di settembre che risolve 2 vulnerabilità in Jenkins (Core) weekly e LTS.
• Rilevato sfruttamento in rete della CVE-2023-41179 relativa a prodotti Trend Micro (AL01/230920/CSIRT-ITA) Settembre 20, 2023
  Rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2023-41179 – già sanata dal vendor – presente in alcuni prodotti Trend Micro per la protezione degli endpoint.

Dark Reading

• When It Comes to Email Security, The Cloud You Pick Matters Settembre 25, 2023
  While cloud-based email offers more security than on-premises, insurance firms say it matters whether you use Microsoft 365 or Google Workspace.
• Xenomorph Android Malware Targets Customers of 30 US Banks Settembre 25, 2023
  The Trojan had mainly been infecting banks in Europe since it first surfaced more than one year ago.
• MOVEit Flaw Leads to 900 University Data Breaches Settembre 25, 2023
  National Student Clearinghouse, a nonprofit serving thousands of universities with enrollment services, exposes more than 900 schools within its MOVEit environment.
• UAE-Linked 'Stealth Falcon' APT Mimics Microsoft in Homoglyph Attack Settembre 25, 2023
  The cyberattackers are using the "Deadglyph" custom spyware, whose full capabilities have not yet been uncovered.
• The Hot Seat: CISO Accountability in a New Era of SEC Regulation Settembre 25, 2023
  Updated cybersecurity regulations herald a new era of transparency and accountability in the face of escalating industry vulnerabilities.
• Cyber Hygiene: A First Line of Defense Against Evolving Cyberattacks Settembre 25, 2023
  Back to basics is a good start, but too often security teams don't handle their deployment correctly. Here's how to avoid the common pitfalls.
• Don't Get Burned by CAPTCHAs: A Recipe for Accurate Bot Protection Settembre 25, 2023
  Traditional CAPTCHAs, such as reCAPTCHA, no longer protect online businesses adequately. Real users hate them. Bots bypass them. It's time to upgrade.
• ASPM Is Good, but It's Not a Cure-All for App Security Settembre 23, 2023
  What application security posture management does, it does well. But you'll still need to fill in some holes, especially concerning API security.
• Recast Software Acquires Liquit, Consolidating the Endpoint and Application Management Markets Settembre 22, 2023
• ClassLink Provides Cybersecurity Training Course to Help Schools Protect Public Directory Data Settembre 22, 2023

Full Disclosure

• [tool] WatchGuard Firebox Web Update Unpacker Settembre 25, 2023
  Posted by retset on Sep 25A small utility for extracting file system images from "sysa-dl" update files. https://github.com/ret5et/Watchguard_WebUI_Unpacker
• APPLE-SA-2023-09-21-6 macOS Ventura 13.6 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-6 macOS Ventura 13.6 macOS Ventura 13.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213931. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Additional CVE entries coming soon. Kernel Available for: macOS […]
• APPLE-SA-2023-09-21-7 macOS Monterey 12.7 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-7 macOS Monterey 12.7 macOS Monterey 12.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213932. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Additional CVE entries coming soon. Kernel Available for: macOS […]
• APPLE-SA-2023-09-21-5 watchOS 9.6.3 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-5 watchOS 9.6.3 watchOS 9.6.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213929. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Kernel Available for: Apple Watch Series 4 and later Impact: A […]
• APPLE-SA-2023-09-21-4 watchOS 10.0.1 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-4 watchOS 10.0.1 watchOS 10.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213928. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Kernel Available for: Apple Watch Series 4 and later Impact: A […]
• APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7 iOS 16.7 and iPadOS 16.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213927. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Additional CVE entries coming soon. […]
• APPLE-SA-2023-09-21-2 iOS 17.0.1 and iPadOS 17.0.1 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-2 iOS 17.0.1 and iPadOS 17.0.1 iOS 17.0.1 and iPadOS 17.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213926. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Kernel Available for: iPhone XS […]
• APPLE-SA-2023-09-21-1 Safari 16.6.1 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-1 Safari 16.6.1 Safari 16.6.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213930. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. WebKit Available for: macOS Big Sur and Monterey Impact: Processing web […]
• Advisory X41-2023-001: Two Vulnerabilities in OPNsense Settembre 23, 2023
  Posted by X41 D-Sec GmbH Advisories via Fulldisclosure on Sep 22Advisory X41-2023-001: Two Vulnerabilities in OPNsense =========================================================== Highest Severity Rating: High Confirmed Affected Versions: 23.1.11_1, 23.7.3, 23.7.4 Confirmed Patched Versions: Commit 484753b2abe3fd0fcdb73d8bf00c3fc3709eb8b7 Vendor: Deciso B.V. / OPNsense Vendor URL: https://opnsense.org Credit: X41 D-Sec GmbH, Yasar Klawohn and JM Status: Public Advisory-URL:...
• SEC Consult SA-20230918-0 :: Authenticated Remote Code Execution and Missing Authentication in Atos Unify OpenScape Settembre 18, 2023
  Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 18SEC Consult Vulnerability Lab Security Advisory < 20230918-0 > ======================================================================= title: Authenticated Remote Code Execution and Missing Authentication product: Atos Unify OpenScape Session Border Controller Atos Unify OpenScape Branch Atos Unify OpenScape BCF vulnerable version: OpenScape SBC...