es
Feedback
SysAdmin 24x7

SysAdmin 24x7

Ir al canal en Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

Mostrar más
4 387
Suscriptores
-224 horas
-17 días
-230 días
Archivo de publicaciones
Actualización de seguridad 6.2.1 para WordPress Fecha de publicación: 17/05/2023 Importancia: 4 - Alta Recursos Afectados: WordPress, versiones anteriores a 6.2.1. Descripción Se ha publicado la última versión de WordPress que contiene correcciones de seguridad. Solución Actualizar a la versión 6.2.1 desde la página web de WordPress o en el panel de control hacer clicc en "Actualizaciones" y luego en "Actualizar ahora". https://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizacion-de-seguridad-621-para-wordpress

Múltiples vulnerabilidades detectadas en diferentes productos Autodesk Fecha de publicación: 15/05/2023 Descripción Autodesk ha publicado varias vulnerabilidades en sus productos. Estas podrían ser explotadas por un atacante malintencionado pudiendo lograr privilegios de administrador que no le corresponden para llevar a cabo acciones ilegítimas. Estas vulnerabilidades de importancia alta son de tipo: escritura y lectura fuera de límites, desbordamiento de datos, corrupción de memoria y escalada de privilegios. https://www.incibe.es/empresas/avisos/multiples-vulnerabilidades-detectadas-en-diferentes-productos-autodesk

Chaining Five Vulnerabilities to Exploit Netgear Nighthawk RAX30 Routers at Pwn2Own Toronto 2022 The Internet of Things (IoT) has become an increasingly popular target for cyber attacks in recent years because these devices are often poorly secured and can be easily compromised. To highlight the vulnerabilities of IoT devices and encourage better security practices from manufacturers, the Zero Day Initiative (ZDI) organized a Pwn2Own competition last fall in Toronto that focused on hacking into IoT devices such as printers, network-attached storage (NAS) devices, routers, and smart speakers. This competition brought together experienced hackers to demonstrate their skills in finding and exploiting vulnerabilities in these devices. https://claroty.com/team82/research/chaining-five-vulnerabilities-to-exploit-netgear-nighthawk-rax30-routers-at-pwn2own-toronto-2022

Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers https://www.sentinelone.com/labs/hypervisor-ransomware-multiple-threat-actor-groups-hop-on-leaked-babuk-code-to-build-esxi-lockers/

BPFDoor Malware Evolves – Stealthy Sniffing Backdoor Ups Its Game What is BPFdoor? BPFdoor is a Linux-specific, low-profile, passive backdoor intended to maintain a persistent, long-term foothold in already-breached networks and environments and functions primarily to ensure an attacker can re-enter an infected system over an extended period of time, post-compromise. https://www.deepinstinct.com/blog/bpfdoor-malware-evolves-stealthy-sniffing-backdoor-ups-its-game

New Linux kernel NetFilter flaw gives attackers root privileges A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system. The CVE-2023-32233 identifier has been reserved for the vulnerability, but a severity level is yet to be determined. https://www.bleepingcomputer.com/news/security/new-linux-kernel-netfilter-flaw-gives-attackers-root-privileges/

Actualización de seguridad de SAP de mayo de 2023 Fecha de publicación: 10/05/2023 Importancia: 5 - Crítica https://www.incibe.es/incibe-cert/alerta-temprana/avisos/actualizacion-de-seguridad-de-sap-de-mayo-de-2023

USN-6063-1: Ceph vulnerabilities 9 May 2023 Several security issues were fixed in Ceph. Releases Ubuntu 22.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM https://ubuntu.com/security/notices/USN-6063-1

FG-IR-22-297 Date May 3, 2023 Severity High CVSSv3 Score 7.6 Impact Execute unauthorized code or commands CVE ID CVE-2023-27999 Affected Products FortiADC : 7.2.0, 7.1.1, 7.1.0 https://www.fortiguard.com/psirt/FG-IR-22-297

Android’s May 2023 security patch prevents downgrades to infinitely old system app versions You can no longer downgrade system apps beyond the pre-installed version https://www.androidpolice.com/android-may-2023-security-patch-no-downgrades-infinitely-old-system-app-versions/

Elastic Security Labs discovers the LOBSHOT malware An analysis of LOBSHOT, an hVNC malware family spreading through Google Ads. https://www.elastic.co/security-labs/elastic-security-labs-discovers-lobshot-malware

Apple’s first Rapid Security Response patch fails to install on iPhones Apple has launched the first Rapid Security Response (RSR) patches for iOS 16.4.1 and macOS 13.3.1 devices, with some users having issues installing them on their iPhones. https://www.bleepingcomputer.com/news/apple/apples-first-rapid-security-response-patch-fails-to-install-on-iphones/

VMSA-2023-0008 CVSSv3 Range:7.3-9.3 Issue Date:2023-04-25 CVE(s): CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872 Synopsis: VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872) https://www.vmware.com/security/advisories/VMSA-2023-0008.html

Oracle Releases Security Updates Release DateApril 21, 2023 Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for April 2023 to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. https://www.cisa.gov/news-events/alerts/2023/04/21/oracle-releases-security-updates

Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Release DateApril 21, 2023 Drupal has released a security advisory to address an access bypass vulnerability affecting multiple Drupal versions. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Drupal security advisory SA-CORE-2023-005 for more information and apply the necessary updates. https://www.cisa.gov/news-events/alerts/2023/04/21/drupal-releases-security-advisory-address-vulnerability-drupal-core

Múltiples vulnerabilidades en VMware Aria Operations for Logs Fecha de publicación: 21/04/2023 Identificador: INCIBE-2023-0150 Importancia: 5 - Crítica Recursos afectados: VMware Aria Operations for Logs, versiones: 8.10.2; 8.10; 8.8.x; 8.6.x; 4.x. Descripción: Diversos investigadores han reportado 2 vulnerabilidades, 1 crítica y 1 alta, que afectan Aria Operations for Logs de VMware, cuya explotación podría permitir a un atacante ejecutar código/comandos arbitrarios como root. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-vmware-aria-operations-logs

Actualizaciones críticas en Oracle (abril 2023) Fecha de publicación: 19/04/2023 Identificador: INCIBE-2023-0144 Importancia: 5 - Crítica https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizaciones-criticas-oracle-abril-2023

Múltiples vulnerabilidades en Control de Ciber Fecha de publicación: 19/04/2023 Identificador: INCIBE-2023-0145 Importancia: 4 - Alta Recursos afectados: Control de Ciber, versión 1.650. Descripción: INCIBE ha coordinado la publicación de 3 vulnerabilidades en el aplicativo Control de Ciber, que han sido descubiertas por Sergio Apellániz. A estas vulnerabilidades se les han asignado los códigos: CVE-2022-4896, CVE-2022-48474 y CVE-2022-48475. Para las 3 vulnerabilidades, se ha calculado una puntuación base CVSS v3.1 de 7,3, siendo el cálculo del CVSS el siguiente: AV:N/AC:L/PR:N/UI:N/S:U/C:L/N:N/A:H. Solución: No hay solución identificada por el momento. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-control-ciber