Condividi

RSS

Piu’ articoli…

• Analisi della postura di sicurezza: guida al confronto tra BAS e penetration test
• CIS Controls e Vulnerability Assessment: guida pratica all’adozione delle best practice
• Analisi della postura di sicurezza: guida completa per rafforzare la cybersecurity
• Deception vs EDR: qual è la migliore strategia di difesa dalle minacce?
• Deception: Ingannare gli Hacker per Proteggere la Tua Rete
• Active Defence Deception: la cybersecurity che batte gli hacker con le loro stesse armi
• Decezione informatica: cos’è, come funziona e perché è fondamentale per la cybersecurity
• CSIRT e SOC: differenze tra gestione degli incidenti e monitoraggio della sicurezza

Categorie …

• Backup as a Service (24)
  • Acronis Cloud Backup (18)
  • Veeam Cloud Connect (3)
• Cloud CRM (1)
• Cloud Server/VPS (23)
• Conferenza Cloud (4)
• Log Management (2)
• Monitoraggio ICT (4)
• Novita' (17)
• ownCloud (7)
• Privacy (8)
• Secure Online Desktop (14)
• Security (203)
  • Cyber Threat Intelligence (CTI) (8)
  • Decemption (4)
  • Ethical Phishing (9)
  • Penetration Test (15)
  • Posture Guard (2)
  • SOCaaS (65)
    • EDR (6)
    • SIEM (12)
    • SOAR (4)
    • UEBA (9)
  • Vulnerabilita' (83)
• Web Hosting (15)

Tags

CSIRT

• Rilevate vulnerabilità in Progress WS_FTP Server (AL01/230929/CSIRT-ITA) - Aggiornamento Ottobre 2, 2023
  Aggiornamenti di sicurezza Progress sanano alcune vulnerabilità, di cui due con gravità “critica” e 3 con gravità “alta”, presenti in WS_FTP Server, software server FTP per il trasferimento di file in modo sicuro e affidabile. Tali vulnerabilità, qualora sfruttate, potrebbero consentire a un utente malintenzionato remoto l’esecuzione di codice arbitrario e l’accesso a file sensibili […]
• La Settimana Cibernetica del 1 ottobre 2023 Ottobre 2, 2023
  Scarica il riepilogo delle notizie pubblicate dallo CSIRT Italia dal 25 settembre al 1 ottobre 2023.
• Rilevate vulnerabilità zero-day in Exim (AL01/230930/CSIRT-ITA) Settembre 30, 2023
  Sono stata rilevate diverse vulnerabilità zero-day impattanti il server di posta Exim, di cui una con gravità “critica” e due con gravità “alta”.
• Aggiornamenti di sicurezza per prodotti Mozilla (AL03/230929/CSIRT-ITA) Settembre 29, 2023
  Mozilla ha rilasciato aggiornamenti di sicurezza per sanare una vulnerabilità con gravità “critica” nei prodotti Firefox, Firefox ESR, Firefox Focus e Firefox per Android.
• Sanate vulnerabilità su GitLab CE/EE (AL02/230929/CSIRT-ITA) Settembre 29, 2023
  Rilasciati aggiornamenti di sicurezza che risolvono diverse vulnerabilità, di cui 3 con gravità “alta”, in GitLab Community Edition (CE) e Enterprise Edition (EE).
• PoC pubblico per lo sfruttamento della CVE-2023-42793 (AL03/230928/CSIRT-ITA) Settembre 28, 2023
  Disponibile un Proof of Concept (PoC) per la vulnerabilità CVE-2023-42793 – già sanata dal vendor – presente in Teamcity, piattaforma software CI/CD general-purpose di JetBrains. Tale vulnerabilità, qualora sfruttata, potrebbe permettere a un utente malintenzionato remoto non autenticato, il bypass dei meccanismi di sicurezza e l’esecuzione di codice arbitrario sui server Teamcity.
• Rilevato sfruttamento in rete della CVE-2023-5187 relativa a Google Chrome (AL02/230928/CSIRT-ITA) Settembre 28, 2023
  Rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2023-5187 – già sanata dal vendor – presente nel noto browser Chrome di Google.
• Rilevate vulnerabilità in prodotti Cisco (AL01/230928/CSIRT-ITA) Settembre 28, 2023
  Aggiornamenti di sicurezza Cisco sanano alcune vulnerabilità, di cui una con gravità “critica” e 10 con gravità “alta”, presenti in vari prodotti.
• Aggiornamenti di sicurezza per prodotti Mozilla (AL02/230927/CSIRT-ITA) Settembre 27, 2023
  Mozilla ha rilasciato aggiornamenti di sicurezza per sanare molteplici vulnerabilità, di cui 6 con gravità “alta”, nei prodotti Firefox, Firefox ESR e Thunderbird.
• Aggiornamenti di sicurezza Apple (AL01/230927/CSIRT-ITA) Settembre 27, 2023
  Apple ha rilasciato aggiornamenti di sicurezza per sanare molteplici che interessano i prodotti Safari e macOS Sonoma.

Dark Reading

• The Silent Threat of APIs: What the New Data Reveals About Unknown Risk Ottobre 2, 2023
  The rapid growth of APIs creates a widening attack surface and increasing unknown cybersecurity risks.
• Securing AI: What You Should Know Settembre 29, 2023
  Securing AI within your organization starts with understanding how AI differs from traditional business tools. Google's Secure AI Framework provides a model for what to do next.
• How Can Your Security Team Help Developers Shift Left? Settembre 29, 2023
  Implementing a shift-left process in cybersecurity requires pulling together people, processes, and technology.
• Spyware Vendor Targets Egyptian Orgs With Rare iOS Exploit Chain Settembre 29, 2023
  The Israeli company developed highly-targeted, mobile malware that would make any APT jealous.
• DHS: Physical Security a Concern in Johnson Controls Cyberattack Settembre 29, 2023
  An internal memo cites DHS floor plans that could have been accessed in the breach.
• Cybersecurity Gaps Plague US State Department, GAO Report Warns Settembre 29, 2023
  The federal department that oversees the US diplomatic corps abroad suffers a serious lack of visibility into the cyber threats it faces and the security vulnerabilities it's harboring.
• Move Over, MOVEit: Critical Progress Bug Infests WS_FTP Software Settembre 29, 2023
  In the wake of Cl0p's MOVEit rampage, Progress Software is sending file-transfer customers scrambling again — this time to patch a critical bug that is easily exploitable with a specially crafted HTTPS POST request.
• People Still Matter in Cybersecurity Management Settembre 29, 2023
  Cybersecurity's constant stream of shiny new things shouldn't distract managers from their focus on the people they're protecting.
• Attacks on Azerbaijan Businesses Drop Malware via Fake Image Files Settembre 29, 2023
  Images purporting to be of the Armenia and Azerbaijan conflict were malware downloaders in disguise.
• QR Code 101: What the Threats Look Like Settembre 29, 2023
  Because QR codes can be used for phishing as easily as an email or text can, organizations must remain vigilant when dealing with them.

Full Disclosure

• [tool] WatchGuard Firebox Web Update Unpacker Settembre 25, 2023
  Posted by retset on Sep 25A small utility for extracting file system images from "sysa-dl" update files. https://github.com/ret5et/Watchguard_WebUI_Unpacker
• APPLE-SA-2023-09-21-6 macOS Ventura 13.6 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-6 macOS Ventura 13.6 macOS Ventura 13.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213931. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Additional CVE entries coming soon. Kernel Available for: macOS […]
• APPLE-SA-2023-09-21-7 macOS Monterey 12.7 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-7 macOS Monterey 12.7 macOS Monterey 12.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213932. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Additional CVE entries coming soon. Kernel Available for: macOS […]
• APPLE-SA-2023-09-21-5 watchOS 9.6.3 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-5 watchOS 9.6.3 watchOS 9.6.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213929. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Kernel Available for: Apple Watch Series 4 and later Impact: A […]
• APPLE-SA-2023-09-21-4 watchOS 10.0.1 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-4 watchOS 10.0.1 watchOS 10.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213928. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Kernel Available for: Apple Watch Series 4 and later Impact: A […]
• APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7 iOS 16.7 and iPadOS 16.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213927. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Additional CVE entries coming soon. […]
• APPLE-SA-2023-09-21-2 iOS 17.0.1 and iPadOS 17.0.1 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-2 iOS 17.0.1 and iPadOS 17.0.1 iOS 17.0.1 and iPadOS 17.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213926. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Kernel Available for: iPhone XS […]
• APPLE-SA-2023-09-21-1 Safari 16.6.1 Settembre 23, 2023
  Posted by Apple Product Security via Fulldisclosure on Sep 22APPLE-SA-2023-09-21-1 Safari 16.6.1 Safari 16.6.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213930. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. WebKit Available for: macOS Big Sur and Monterey Impact: Processing web […]
• Advisory X41-2023-001: Two Vulnerabilities in OPNsense Settembre 23, 2023
  Posted by X41 D-Sec GmbH Advisories via Fulldisclosure on Sep 22Advisory X41-2023-001: Two Vulnerabilities in OPNsense =========================================================== Highest Severity Rating: High Confirmed Affected Versions: 23.1.11_1, 23.7.3, 23.7.4 Confirmed Patched Versions: Commit 484753b2abe3fd0fcdb73d8bf00c3fc3709eb8b7 Vendor: Deciso B.V. / OPNsense Vendor URL: https://opnsense.org Credit: X41 D-Sec GmbH, Yasar Klawohn and JM Status: Public Advisory-URL:...
• SEC Consult SA-20230918-0 :: Authenticated Remote Code Execution and Missing Authentication in Atos Unify OpenScape Settembre 18, 2023
  Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Sep 18SEC Consult Vulnerability Lab Security Advisory < 20230918-0 > ======================================================================= title: Authenticated Remote Code Execution and Missing Authentication product: Atos Unify OpenScape Session Border Controller Atos Unify OpenScape Branch Atos Unify OpenScape BCF vulnerable version: OpenScape SBC...