SysAdmin 24x7

رفتن به کانال در Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

نمایش بیشتر

إسبانيا12 276 فناوری و برنامه‌ها20 587

4 394

مشترکین

اطلاعاتی وجود ندارد24 ساعت

+47 روز

+2230 روز

606

نمایش های پست

اطلاعاتی وجود ندارد24 ساعت

اطلاعاتی وجود ندارد48 ساعت

13.79%

نرخ مشارکت

اطلاعاتی وجود ندارد

پست های در روز

Ads index

beta

آرشیو پست ها

4 394

Boletín de seguridad de Android de febrero de 2023 Fecha de publicación: 07/02/2023 Identificador: INCIBE-2023-0043 Importancia: Crítica Recursos afectados: Android Open Source Project (AOSP): versiones 10, 11, 12, 12L y 13. Componentes: framework, media framework, system, sistema de actualizaciones de Google Play, kernel, MediaTek, Unisoc, Qualcomm (incluidos closed-source). https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/boletin-seguridad-android-febrero-2023

4 394

Vulnerabilidad 0day en un plugin de Prestashop Fecha de publicación: 06/02/2023 Importancia: 3 - Media Recursos afectados: Plugin M4 PDF para sitios web Prestashop, versiones 3.2.3 y anteriores. Descripción: Se han detectado dos vulnerabilidades de tipo 0day, una de criticidad media y otra de criticidad baja, que afectan al Plugin M4 PDF para sitios web Prestashop. https://www.incibe.es/protege-tu-empresa/avisos-seguridad/vulnerabilidad-0day-plugin-prestashop

4 394

OpenSSH fixes double-free memory bug that’s pokable over the network. The open source operating system distribution OpenBSD is well-known amongst sysadmins, especially those who manage servers, for its focus on security over speed, features and fancy front-ends. https://nakedsecurity.sophos.com/2023/02/03/openssh-fixes-double-free-memory-bug-thats-pokable-over-the-network/

4 394

Fallo de autenticación en productos Jira de Atlassian Fecha de publicación: 03/02/2023 Identificador: INCIBE-2023-0039 Importancia: 5 - Crítica Descripción: Atlassian ha notificado una vulnerabilidad crítica de fallo de autenticación en Jira Service Management Server y Data Center, que podría permitir a un atacante suplantar a otro usuario y obtener acceso a una instancia de Jira Service Management. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/fallo-autenticacion-productos-jira-atlassian

4 394

A HIGH-SEVERITY BUG IN F5 BIG-IP CAN LEAD TO CODE EXECUTION AND DOS The flaw affects the following versions of BIG-IP: F5 BIG-IP 17.0.0 F5 BIG-IP 16.1.2.2 – 16.1.3 F5 BIG-IP 15.1.5.1 – 15.1.8 F5 BIG-IP 14.1.4.6 – 14.1.5 F5 BIG-IP 13.1.5 “The most likely impact of a successful attack is to crash the server process. A skilled attacker could potentially develop a remote code execution exploit, which would run code on the F5 BIG-IP device as the root user.” continues Rapid7’s advisory. https://securityaffairs.com/141728/security/f5-big-ip-bug.html https://my.f5.com/manage/s/article/K000130415

4 394

Apigee Edge - Moderately critical - Access bypass - SA-CONTRIB-2023-005 Project: Apigee Edge Date: 2023-February-01 Security risk: Moderately critical 13∕25 AC:None/A:User/CI:Some/II:None/E:Theoretical/TD:All Vulnerability: Access bypass Description: The Apigee Edge module allows connecting a Drupal site to Apigee X / Edge in order to build a developer portal. Previous module versions did not support entity query level access checking, which could have led to information disclosure or access bypass in various places. https://www.drupal.org/sa-contrib-2023-005

4 394

Cisco Releases Security Advisories for Multiple Products Cisco released security updates for vulnerabilities affecting multiple products. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates. https://www.cisa.gov/uscert/ncas/current-activity/2023/02/02/cisco-releases-security-advisories-multiple-products

4 394

Repost from Una al día

Vulnerabilidad zero-day en AWS Glue https://unaaldia.hispasec.com/2023/02/vulnerabilidad-zero-day-en-aws-glue.html?utm_source=rss&utm_medium=rss&utm_campaign=vulnerabilidad-zero-day-en-aws-glue

4 394

GitHub code-signing certificates stolen (but will be revoked this week) https://nakedsecurity.sophos.com/2023/01/31/github-code-signing-certificates-stolen-but-will-be-revoked-this-week/

4 394

New HeadCrab malware infects 1,200 Redis servers to mine Monero. New stealthy malware designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021 to build a botnet that mines for Monero cryptocurrency. https://www.bleepingcomputer.com/news/security/new-headcrab-malware-infects-1-200-redis-servers-to-mine-monero/

4 394

Password-stealing “vulnerability” reported in KeePass – bug or feature? It’s been a newsworthy few weeks for password managers – those handy utilities that help you come up with a different password for every website you use, and then to keep track of them all. https://nakedsecurity.sophos.com/2023/02/01/password-stealing-vulnerability-reported-in-keypass-bug-or-feature/

4 394

VMSA-2023-0003 CVSSv3 Range: 7.8 Issue Date: 2023-02-02 CVE(s): CVE-2023-20854 Synopsis: VMware Workstation update addresses an arbitrary file deletion vulnerability (CVE-2023-20854) Impacted Products VMware Workstation https://www.vmware.com/security/advisories/VMSA-2023-0003.html

4 394

Vulnerabilidad de inyección de comandos en Cisco IOx Fecha de publicación: 02/02/2023 Identificador: INCIBE-2023-0036 Importancia: 4 - Alta Recursos afectados: La vulnerabilidad afecta a los siguientes productos de Cisco, siempre y cuando cuenten con la función Cisco IOx activada y no tengan soporte nativo de docker: Dispositivos Cisco que cuenten con el software Cisco IOS XE. Dispositivos Cisco que cuenten con una versión de software vulnerable: 800 Series Industrial ISRs; Catalyst Access Points (COS-APs); CGR1000 Compute Modules; IC3000 Industrial Compute Gateways (versión de software inferior a la 1.2.1); IR510 WPAN Industrial Routers. Para más información acerca de las versiones concretas de software vulnerables, visitar el siguiente aviso. Descripción: Sam Quinn y Kasimir Schulz, del Centro de Investigación Avanzada de Trellix, han reportado una vulnerabilidad de severidad alta, que podría permitir a un atacante remoto, no autenticado, ejecutar comandos arbitrarios como root. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-inyeccion-comandos-cisco-iox

4 394

.NET Framework Information Disclosure Vulnerability CVE-2022-41064 Released: Nov 8, 2022 Last updated: Feb 1, 2023 v3.0 In the Security Updates table, added .NET Framework 3.5 AND 4.6.2/4.7/4.7.1/4.7.2 installed on supported editions of Windows Server 2016 and Windows 10 version 1607 as these versions of Windows with .NET Framework AND 4.6.2/4.7/4.7.1/4.7.2 installed are affected by this vulnerability. Customers running these versions of .NET Framework should install the November 2022 security updates to be protected from this vulnerability. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41064

4 394

VMSA-2023-0002 CVSSv3 Range:6.5 Issue Date:2023-01-31 CVE(s): CVE-2023-20856 Synopsis: VMware vRealize Operations (vROps) update addresses a CSRF bypass vulnerability (CVE-2023-20856) Impacted Products VMware vRealize Operations (vROps) https://www.vmware.com/security/advisories/VMSA-2023-0002.html

4 394

VMSA-2023-0001.1 CVSSv3 Range: 5.3-9.8 Issue Date:2023-01-24 Updated On:2023-01-31 CVE(s): CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, CVE-2022-31711 Impacted Products VMware vRealize Log Insight https://www.vmware.com/security/advisories/VMSA-2023-0001.html

4 394

Ejecución remota de código en múltiples productos ManageEngine Fecha de publicación: 31/01/2023 Identificador: INCIBE-2023-0033 Importancia: 5 - Crítica Descripción: El investigador Khoadha, de Viettel Cyber Security, ha reportado a través del programa bug bounty del fabricante, una vulnerabilidad de severidad crítica que podría permitir a un atacante, no autenticado, ejecutar código arbitrario en múltiples productos de ManageEngine cuando se cumplen los criterios sobre SAML SSO citados anteriormente. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/ejecucion-remota-codigo-multiples-productos-manageengine https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html

4 394

Vulnerabilidad que afecta a los dispositivos QNAP Fecha de publicación: 30/01/2023 Importancia: 5 - Crítica Recursos afectados: Dispositivos de QNAP con versiones: QTS 5.0.1; QuTS hero h5.0.1. Descripción: QNAP ha detectado una vulnerabilidad de severidad crítica que afecta a los dispositivos detallados anteriormente. https://www.incibe.es/protege-tu-empresa/avisos-seguridad/vulnerabilidad-afecta-los-dispositivos-qnap

4 394

Massive Microsoft 365 outage caused by WAN router IP change. https://www.bleepingcomputer.com/news/microsoft/massive-microsoft-365-outage-caused-by-wan-router-ip-change/

4 394

Mitigating RBAC-Based Privilege Escalation in Popular Kubernetes Platforms. https://unit42.paloaltonetworks.com/kubernetes-privilege-escalation/