es
Feedback
SysAdmin 24x7

SysAdmin 24x7

Ir al canal en Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

Mostrar más
España12 266Tecnologías y Aplicaciones20 549
4 391
Suscriptores
Sin datos24 horas
+17 días
+1830 días
Archivo de publicaciones
SysAdmin 24x7
SysAdmin 24x7
4 392
Western Digital customers have to update their My Cloud devices to latest firmware version. My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. https://securityaffairs.co/wordpress/125767/hacking/my-cloud-devices-firmaware-update.html

SysAdmin 24x7
SysAdmin 24x7
4 392
VMSA-2021-0028.4 CVSSv3 Range: 9.0-10.0 Issue Date: 2021-12-10 Updated On: 2021-12-17 CVE(s): CVE-2021-44228, CVE-2021-45046 Synopsis: VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046) https://www.vmware.com/security/advisories/VMSA-2021-0028.html

SysAdmin 24x7
SysAdmin 24x7
4 392
VMSA-2021-0029 CVSSv3 Range:9.1 Issue Date:2021-12-16 CVE(s):CVE-2021-22054 Synopsis: VMware Workspace ONE UEM console patches address SSRF vulnerability (CVE-2021-22054) https://www.vmware.com/security/advisories/VMSA-2021-0029.html

SysAdmin 24x7
SysAdmin 24x7
4 392
[Actualización 16/12/2021] Log4Shell: vulnerabilidad 0day de ejecución remota de código en Apache Log4j Fecha de publicación: 13/12/2021 Importancia: 5 - Crítica https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/log4shell-vulnerabilidad-0day-ejecucion-remota-codigo-apache-log4j

SysAdmin 24x7
SysAdmin 24x7
4 392
CISA Adds Two Known Exploited Vulnerabilities to Catalog CVE-2021-43890 CVE-2021-4102 https://www.cisa.gov/known-exploited-vulnerabilities-catalog

SysAdmin 24x7
SysAdmin 24x7
4 392
VMSA-2021-0028.3 CVSSv3 Range: 3.7-10.0 Issue Date: 2021-12-10 Updated On: 2021-12-15 CVE(s): CVE-2021-44228, CVE-2021-45046 Synopsis: VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046) https://www.vmware.com/security/advisories/VMSA-2021-0028.html

SysAdmin 24x7
SysAdmin 24x7
4 392
[Actualización 15/12/2021] Log4Shell: vulnerabilidad 0day de ejecución remota de código en Apache Log4j Fecha de publicación: 13/12/2021 Importancia: 5 - Crítica https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/log4shell-vulnerabilidad-0day-ejecucion-remota-codigo-apache-log4j

SysAdmin 24x7
SysAdmin 24x7
4 392
Actualización de seguridad de SAP de diciembre de 2021 Fecha de publicación: 15/12/2021 Importancia: 5 - Crítica https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-diciembre-2021

SysAdmin 24x7
SysAdmin 24x7
4 392
Log4j 2.15.0 and previously suggested mitigations may not be enough Published: 2021-12-14 https://isc.sans.edu/diary/Log4j+2.15.0+and+previously+suggested+mitigations+may+not+be+enough/28134

SysAdmin 24x7
SysAdmin 24x7
4 392
Apache Log4j allows insecure JNDI lookups Vulnerability Note VU#930724 Original Release Date: 2021-12-15 | Last Revised: 2021-12-15 https://kb.cert.org/vuls/id/930724

SysAdmin 24x7
SysAdmin 24x7
4 392

SysAdmin 24x7
SysAdmin 24x7
4 392

SysAdmin 24x7
SysAdmin 24x7
4 392

SysAdmin 24x7
SysAdmin 24x7
4 392
VMSA-2021-0028.2 CVSSv3 Range:10.0 Issue Date:2021-12-10 Updated On:2021-12-13 CVE(s):CVE-2021-44228 Synopsis: VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) https://www.vmware.com/security/advisories/VMSA-2021-0028.html

SysAdmin 24x7
SysAdmin 24x7
4 392
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-12 0023 UTC Listado de comunicaciones de cada fabricante sobre log4shell. https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592

SysAdmin 24x7
SysAdmin 24x7
4 392
Advisory ID:VMSA-2021-0028.1 CVSSv3 Range:10.0 Issue Date:2021-12-10 CVE(s):CVE-2021-44228 Synopsis: VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) https://www.vmware.com/security/advisories/VMSA-2021-0028.html

SysAdmin 24x7
SysAdmin 24x7
4 392
Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE. Cybereason researchers released a “vaccine” that mitigates the critical ‘Log4Shell’ Apache Log4j code execution vulnerability. Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell), in the Apache Log4j Java-based logging library. https://securityaffairs.co/wordpress/125512/hacking/logout4shell-vaccine-log4j-flaw.html

SysAdmin 24x7
SysAdmin 24x7
4 392
Vulnerabilidad en Apache Log4j 2 Fecha de publicación: 10/12/2021 Nivel de peligrosidad: CRÍTICO El Equipo de Respuesta a Incidentes del Centro Criptológico Nacional, CCN-CERT, alerta de la publicación de una vulnerabilidad que afecta a Apache Log4j 2. Se ha hecho pública una vulnerabilidad que afecta a la librería de registro de Java Apache Log4j 2, herramienta desarrollada por Apache Foundation que ayuda a los desarrolladores de software a escribir mensajes de registro, cuyo propósito es dejar constancia de una determinada transacción en tiempo de ejecución, además, Log4j permite filtrar los mensajes en función de su importancia. https://www.ccn-cert.cni.es/seguridad-al-dia/alertas-ccn-cert/11435-ccn-cert-al-09-21-vulnerabilidad-en-apache-log4j-2.html

SysAdmin 24x7
SysAdmin 24x7
4 392
Cisco Releases Security Advisory for Multiple Products Affected by Apache HTTP Server Vulnerabilities Cisco has released a security advisory to address Cisco products affected by multiple vulnerabilities in Apache HTTP Server 2.4.48 and earlier releases. An unauthenticated remote attacker could exploit this vulnerability to take control of an affected system. https://www.cisa.gov/uscert/ncas/current-activity/2021/12/09/cisco-releases-security-advisory-multiple-products-affected-apache

SysAdmin 24x7
SysAdmin 24x7
4 392
SonicWall Releases Security Advisory for SMA 100 Series Appliances SonicWall has released a security advisory to address vulnerabilities affecting SonicWall Secure Mobile Access (SMA) 100 series appliances. A remote attacker could exploit these vulnerabilities to take control of an affected system. SMA 100 series appliances provide an organization’s employees with remote access to internal resources. Note: although there are currently no reports of these vulnerabilities being exploited in the wild, in July 2021, CISA warned of threat actors actively targeting a known, previously patched, vulnerability in SonicWall SMA 100 series appliances. https://www.cisa.gov/uscert/ncas/current-activity/2021/12/08/sonicwall-releases-security-advisory-sma-100-series-appliances