SysAdmin 24x7

رفتن به کانال در Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

نمایش بیشتر

إسبانيا12 266 فناوری و برنامه‌ها20 549

4 391

مشترکین

اطلاعاتی وجود ندارد24 ساعت

+17 روز

+1830 روز

628

نمایش های پست

اطلاعاتی وجود ندارد24 ساعت

اطلاعاتی وجود ندارد48 ساعت

14.31%

نرخ مشارکت

اطلاعاتی وجود ندارد

پست های در روز

Ads index

beta

آرشیو پست ها

4 392

Western Digital customers have to update their My Cloud devices to latest firmware version. My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud devices to the latest version. https://securityaffairs.co/wordpress/125767/hacking/my-cloud-devices-firmaware-update.html

4 392

VMSA-2021-0028.4 CVSSv3 Range: 9.0-10.0 Issue Date: 2021-12-10 Updated On: 2021-12-17 CVE(s): CVE-2021-44228, CVE-2021-45046 Synopsis: VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046) https://www.vmware.com/security/advisories/VMSA-2021-0028.html

4 392

VMSA-2021-0029 CVSSv3 Range:9.1 Issue Date:2021-12-16 CVE(s):CVE-2021-22054 Synopsis: VMware Workspace ONE UEM console patches address SSRF vulnerability (CVE-2021-22054) https://www.vmware.com/security/advisories/VMSA-2021-0029.html

4 392

[Actualización 16/12/2021] Log4Shell: vulnerabilidad 0day de ejecución remota de código en Apache Log4j Fecha de publicación: 13/12/2021 Importancia: 5 - Crítica https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/log4shell-vulnerabilidad-0day-ejecucion-remota-codigo-apache-log4j

4 392

CISA Adds Two Known Exploited Vulnerabilities to Catalog CVE-2021-43890 CVE-2021-4102 https://www.cisa.gov/known-exploited-vulnerabilities-catalog

4 392

VMSA-2021-0028.3 CVSSv3 Range: 3.7-10.0 Issue Date: 2021-12-10 Updated On: 2021-12-15 CVE(s): CVE-2021-44228, CVE-2021-45046 Synopsis: VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046) https://www.vmware.com/security/advisories/VMSA-2021-0028.html

4 392

[Actualización 15/12/2021] Log4Shell: vulnerabilidad 0day de ejecución remota de código en Apache Log4j Fecha de publicación: 13/12/2021 Importancia: 5 - Crítica https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/log4shell-vulnerabilidad-0day-ejecucion-remota-codigo-apache-log4j

4 392

Actualización de seguridad de SAP de diciembre de 2021 Fecha de publicación: 15/12/2021 Importancia: 5 - Crítica https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-diciembre-2021

4 392

Log4j 2.15.0 and previously suggested mitigations may not be enough Published: 2021-12-14 https://isc.sans.edu/diary/Log4j+2.15.0+and+previously+suggested+mitigations+may+not+be+enough/28134

4 392

Apache Log4j allows insecure JNDI lookups Vulnerability Note VU#930724 Original Release Date: 2021-12-15 | Last Revised: 2021-12-15 https://kb.cert.org/vuls/id/930724

4 392

December 2021 Security Updates https://msrc.microsoft.com/update-guide/releaseNote/2021-Dec

4 392

Microsoft fixes Windows AppX Installer zero-day used by Emotet https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-appx-installer-zero-day-used-by-emotet/

4 392

Adobe Releases Security Updates for Multiple Products https://www.cisa.gov/uscert/ncas/current-activity/2021/12/14/adobe-releases-security-updates-multiple-products

4 392

VMSA-2021-0028.2 CVSSv3 Range:10.0 Issue Date:2021-12-10 Updated On:2021-12-13 CVE(s):CVE-2021-44228 Synopsis: VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) https://www.vmware.com/security/advisories/VMSA-2021-0028.html

4 392

BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-12 0023 UTC Listado de comunicaciones de cada fabricante sobre log4shell. https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592

4 392

Advisory ID:VMSA-2021-0028.1 CVSSv3 Range:10.0 Issue Date:2021-12-10 CVE(s):CVE-2021-44228 Synopsis: VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) https://www.vmware.com/security/advisories/VMSA-2021-0028.html

4 392

Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE. Cybereason researchers released a “vaccine” that mitigates the critical ‘Log4Shell’ Apache Log4j code execution vulnerability. Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell), in the Apache Log4j Java-based logging library. https://securityaffairs.co/wordpress/125512/hacking/logout4shell-vaccine-log4j-flaw.html

4 392

Vulnerabilidad en Apache Log4j 2 Fecha de publicación: 10/12/2021 Nivel de peligrosidad: CRÍTICO El Equipo de Respuesta a Incidentes del Centro Criptológico Nacional, CCN-CERT, alerta de la publicación de una vulnerabilidad que afecta a Apache Log4j 2. Se ha hecho pública una vulnerabilidad que afecta a la librería de registro de Java Apache Log4j 2, herramienta desarrollada por Apache Foundation que ayuda a los desarrolladores de software a escribir mensajes de registro, cuyo propósito es dejar constancia de una determinada transacción en tiempo de ejecución, además, Log4j permite filtrar los mensajes en función de su importancia. https://www.ccn-cert.cni.es/seguridad-al-dia/alertas-ccn-cert/11435-ccn-cert-al-09-21-vulnerabilidad-en-apache-log4j-2.html

4 392

Cisco Releases Security Advisory for Multiple Products Affected by Apache HTTP Server Vulnerabilities Cisco has released a security advisory to address Cisco products affected by multiple vulnerabilities in Apache HTTP Server 2.4.48 and earlier releases. An unauthenticated remote attacker could exploit this vulnerability to take control of an affected system. https://www.cisa.gov/uscert/ncas/current-activity/2021/12/09/cisco-releases-security-advisory-multiple-products-affected-apache

4 392

SonicWall Releases Security Advisory for SMA 100 Series Appliances SonicWall has released a security advisory to address vulnerabilities affecting SonicWall Secure Mobile Access (SMA) 100 series appliances. A remote attacker could exploit these vulnerabilities to take control of an affected system. SMA 100 series appliances provide an organization’s employees with remote access to internal resources. Note: although there are currently no reports of these vulnerabilities being exploited in the wild, in July 2021, CISA warned of threat actors actively targeting a known, previously patched, vulnerability in SonicWall SMA 100 series appliances. https://www.cisa.gov/uscert/ncas/current-activity/2021/12/08/sonicwall-releases-security-advisory-sma-100-series-appliances