现已上线!2025 年 Telegram 研究 — 年度关键洞察 
SysAdmin 24x7
前往频道在 Telegram
Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat
显示更多4 392
订阅者
+224 小时
+27 天
+1930 天
帖子存档
4 391
Threat actors are actively scanning for the Microsoft Exchange ProxyShell RCE flaws after technical details were released at the Black Hat conference.
Threat actors started actively scanning for the Microsoft Exchange ProxyShell remote code execution flaws after researchers released technical details at the Black Hat hacking conference.
https://securityaffairs.co/wordpress/120931/hacking/microsoft-exchange-proxyshell-flaws.html
4 391
Go, Rust "net" library affected by critical IP address validation vulnerability.
https://www.bleepingcomputer.com/news/security/go-rust-net-library-affected-by-critical-ip-address-validation-vulnerability/
4 391
Microsoft Exchange servers scanned for ProxyShell vulnerability, Patch Now
https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-scanned-for-proxyshell-vulnerability-patch-now/
4 391
Linux version of BlackMatter ransomware targets VMware ESXi servers.
https://www.bleepingcomputer.com/news/security/linux-version-of-blackmatter-ransomware-targets-vmware-esxi-servers/
4 391
New DNS vulnerability allows 'nation-state level spying' on companies.
https://www.bleepingcomputer.com/news/security/new-dns-vulnerability-allows-nation-state-level-spying-on-companies/
4 391
Múltiples vulnerabilidades en Pulse Connect Secure
Fecha de publicación: 06/08/2021
Importancia: 5 - Crítica
Recursos afectados:
Pulse Connect Secure, versiones anteriores a 9.1R12.
Descripción:
Diversos investigadores, incluyendo a Richard Warren de NCC Group, han notificado 6 vulnerabilidades, 2 críticas y 4 altas, que afectan a Pulse Connect Secure.
Solución:
Actualizar Pulse Connect Secure a la versión 9.1R12.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-pulse-connect-secure
4 391
Advisory ID: VMSA-2021-0016
CVSSv3 Range: 3.7-8.6
Issue Date: 2021-08-05
CVE(s): CVE-2021-22002, CVE-2021-22003
Synopsis:
VMware Workspace One Access, Identity Manager and vRealize Automation address multiple vulnerabilities (CVE-2021-22002, CVE-2021-22003)
Impacted Products
VMware Workspace One Access (Access)
VMware Identity Manager (vIDM)
VMware vRealize Automation (vRA)
VMware Cloud Foundation
vRealize Suite Lifecycle Manager
https://www.vmware.com/security/advisories/VMSA-2021-0016.html
4 391
Unpatched Security Flaws Expose Mitsubishi Safety PLCs to Remote Attacks
https://thehackernews.com/2021/08/unpatched-security-flaws-expose.html
4 391
New Robocall Bot on Telegram can Trick Targets Into Giving Up Their Password
Researchers at CyberNews have identified a new form of automated social engineering tool that can harvest one-time passwords (OTPs) from users in the United States, the United Kingdom, and Canada.
https://www.ehackingnews.com/2021/08/new-robocall-bot-on-telegram-can-trick.html
4 391
Vulnerabilities in NicheStack TCP/IP Stack Affect Many OT Device Vendors.
https://www.securityweek.com/vulnerabilities-nichestack-tcpip-stack-affect-many-ot-device-vendors
4 391
Black Hat: Security Bugs Allow Takeover of Capsule Hotel Rooms.
https://threatpost.com/security-bugs-takeover-capsule-hotel/168376/
4 391
Vulnerability Spotlight: Use-after-free vulnerability in tinyobjloader.
https://blog.talosintelligence.com/2021/08/vuln-spotlight-.html
4 391
Google Releases Security Updates for Chrome
Google has released Chrome version 92.0.4515.131 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates.
https://us-cert.cisa.gov/ncas/current-activity/2021/08/04/google-releases-security-updates-chrome
4 391
Several Malware Families Targeting IIS Web Servers With Malicious Modules
https://thehackernews.com/2021/08/several-malware-families-targeting-iis.html
4 391
Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability
CVSS Score: Base 8.2
Vulnerable Products
This vulnerability affects the following Cisco Small Business RV Series Routers if they are running firmware releases earlier than 1.0.01.04:
RV160 VPN Routers
RV160W Wireless-AC VPN Routers
RV260 VPN Routers
RV260P VPN Router with PoE
RV260W Wireless-AC VPN Routers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-code-execution-9UVJr7k4
4 391
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities
CVSS Score: Base 9.8
CVE-2021-1609: Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Remote Code Execution and Denial of Service Vulnerability
CVE-2021-1610: Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv340-cmdinj-rcedos-pY8J3qfy
4 391
Cisco fixes critical, high severity pre-auth flaws in VPN routers
Cisco has addressed pre-auth security vulnerabilities impacting multiple Small Business VPN routers and allowing remote attackers to trigger a denial of service condition or execute commands and arbitrary code on vulnerable devices.
CVE-2021-1609 (rated 9.8/10)
CVE-2021-1602 (8.2/10)
https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-high-severity-pre-auth-flaws-in-vpn-routers/
4 391
Un nuevo grupo APT compromete servidores Microsoft IIS utilizando exploits ASP.NET
https://unaaldia.hispasec.com/2021/08/un-nuevo-grupo-apt-compromete-servidores-microsoft-iis-utilizando-exploits-asp-net.html
4 391
Vulnerabilidad CSRF en productos NETGEAR
Fecha de publicación: 04/08/2021
Importancia: 5 - Crítica
Recursos afectados:
EX3700,
EX3800,
EX6120,
EX6130
Descripción:
El investigador, Joel St. John, de Include Security, ha reportado a NETGEAR una vulnerabilidad de severidad crítica que podría permitir a un atacante comprometer los productos afectados.
Solución:
Actualizar
EX3700, a la versión 1.0.0.90;
EX3800, a la versión 1.0.0.90;
EX6120, a la versión 1.0.0.64;
EX6130, a la versión 1.0.0.44.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-csrf-productos-netgear
4 391
Múltiples vulnerabilidades en FortiPortal de Fortinet
Fecha de publicación: 04/08/2021
Importancia: 5 - Crítica
Recursos afectados:
FortiPortal, versiones:
6.0.4 y anteriores,
5.3.5 y anteriores,
5.2.5 y anteriores,
5.1.2 y anteriores,
5.0.3 y anteriores,
4.2.4 y anteriores,
4.1.2 y anteriores,
4.0.4 y anteriores,
3.2.2 y anteriores,
5.0.x,
5.1.x.
Descripción:
Ben Knight, de CyberCX New Zealand, y Giuseppe Cocomazzi, del equipo Fortinet Product Security, han reportado 2 vulnerabilidades, ambas de severidad crítica, que podrían permitir a un atacante omitir la autenticación, ejecutar comandos como root, ejecutar código arbitrario o divulgar información.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-fortiportal-fortinet
