fa
Feedback
SysAdmin 24x7

SysAdmin 24x7

رفتن به کانال در Telegram

Noticias y alertas de seguridad informática. Chat y contacto: t.me/sysadmin24x7chat

نمایش بیشتر
إسبانيا12 276فناوری و برنامه‌ها20 587
4 394
مشترکین
اطلاعاتی وجود ندارد24 ساعت
+47 روز
+2230 روز
آرشیو پست ها
SysAdmin 24x7
SysAdmin 24x7
4 390
Fortinet has patched a critical authentication bypass in its FortiOS and FortiProxy products that could lead to administrator access. On October 7, public reports began to circulate that Fortinet communicated directly with customers about a critical vulnerability in its FortiOS and FortiProxy products. This vulnerability, CVE-2022-40684, has been patched, but Fortinet has not released a full advisory yet via its Product Security Incident Response Team. https://www.tenable.com/blog/cve-2022-40684-critical-authentication-bypass-in-fortios-and-fortiproxy https://docs.fortinet.com/document/fortigate/7.2.2/fortios-release-notes/289806/resolved-issues

SysAdmin 24x7
SysAdmin 24x7
4 390
Vulnerabilidad 0day de RCE en Zimbra Collaboration Suite Fecha de publicación: 07/10/2022 Identificador: INCIBE-2022-0957 Importancia: 5 - Crítica Recursos afectados: Zimbra Collaboration Suite (ZCS), versiones 8.8.15 y 9.0 en las distribuciones de Linux: Oracle Linux 8, Red Hat Enterprise Linux 8, Rocky Linux 8, CentOS 8. Descripción: Rapid7 ha reportado una vulnerabilidad 0day de ejecución remota de código (RCE) en Zimbra Collaboration Suite (ZCS), que surge del uso inseguro de la utilidad cpio para analizar los correos electrónicos entrantes, específicamente del uso del motor antivirus de Zimbra (Amavis) en dicha utilidad. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-0day-rce-zimbra-collaboration-suite

SysAdmin 24x7
SysAdmin 24x7
4 390
Múltiples vulnerabilidades en GLPI Fecha de publicación: 07/10/2022 Identificador: INCIBE-2022-0956 Importancia: 5 - Crítica Recursos afectados: GLPI, versiones anteriores a 9.5.9 o 10.0.3. Descripción: Se han identificados 2 vulnerabilidades de severidad crítica en GLPI, una de ellas en la librería de terceros HTMLAWED usada por GLPI, cuyas explotaciones podrían permitir a un atacante realizar inyección SQL y ejecución remota de código. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-glpi

SysAdmin 24x7
SysAdmin 24x7
4 390
VMSA-2022-0025 CVSSv3 Range: 3.8-7.2 Issue Date: 2022-10-06 CVE(s): CVE-2022-31680, CVE-2022-31681 Synopsis: VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2022-31680, CVE-2022-31681) Impacted Products VMware ESXi VMware vCenter Server (vCenter Server) VMware Cloud Foundation (Cloud Foundation) https://www.vmware.com/security/advisories/VMSA-2022-0025.html

SysAdmin 24x7
SysAdmin 24x7
4 390
Cisco Releases Security Updates for Multiple Products Original release date: October 06, 2022 https://www.cisa.gov/uscert/ncas/current-activity/2022/10/06/cisco-releases-security-updates-multiple-products

SysAdmin 24x7
SysAdmin 24x7
4 390
Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2022-41082 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082

SysAdmin 24x7
SysAdmin 24x7
4 390
Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2022-41040 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040

SysAdmin 24x7
SysAdmin 24x7
4 390
Drupal Releases Security Update Original release date: September 30, 2022 Drupal has released a security update to address a vulnerability affecting multiple versions of Drupal. An attacker could exploit this vulnerability to access sensitive information. For advisories addressing lower severity vulnerabilities, see Drupal’s Security advisories. CISA encourages users and administrators to review Drupal’s security advisory SA-CORE-2022-016 and apply the necessary update. https://www.cisa.gov/uscert/ncas/current-activity/2022/09/30/drupal-releases-security-update

SysAdmin 24x7
SysAdmin 24x7
4 390
Cisco Releases Security Updates for Multiple Products Original release date: September 30, 2022 Cisco has released security updates for vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing high and low severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and administrators to review the advisories and apply the necessary updates. https://www.cisa.gov/uscert/ncas/current-activity/2022/09/30/cisco-releases-security-updates-multiple-products

SysAdmin 24x7
SysAdmin 24x7
4 390

SysAdmin 24x7
SysAdmin 24x7
4 390
Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server Microsoft has released Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server. According to the blog post, “Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users’ systems.” The two vulnerabilities are CVE-2022-41040 and CVE-2022-41082, affecting on-premises Microsoft Exchange Server 2013, 2016, and 2019. Note: Microsoft Exchange Online is not affected. An attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s Security Advisory and apply the necessary mitigations until patches are made available. https://www.cisa.gov/uscert/ncas/current-activity/2022/09/30/microsoft-releases-guidance-zero-day-vulnerabilities-microsoft

SysAdmin 24x7
SysAdmin 24x7
4 390
Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082) Attackers are leveraging two zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) to breach Microsoft Exchange servers. https://www.helpnetsecurity.com/2022/09/30/cve-2022-41040-cve-2022-41082/

SysAdmin 24x7
SysAdmin 24x7
4 390

SysAdmin 24x7
SysAdmin 24x7
4 390
Vulnerabilidades 0day en Microsoft Exchange Server Fecha de publicación: 30/09/2022 Identificador: INCIBE-2022-0947 Importancia: 5 - Crítica Recursos afectados: Microsoft Exchange Server, versiones 2013, 2016 y 2019. Para ayudar a las organizaciones a comprobar si sus servidores Exchange han sido explotados por este fallo, GTSC ha publicado una guía y una herramienta para escanear los archivos de registro de IIS: Ejecutar el comando de PowerShell: Get-ChildItem -Recurse -Path <Path_IIS_Logs> -Filter "*.log" | Select-String -Pattern 'powershell.*autodiscover\.json.*\@.*200 Utilizar la herramienta NCSE0Scanner desarrollada por GTSC. Descripción: GTSC Cyber Security ha informado de una nueva campaña de ataque que explota 2 vulnerabilidades 0-day afectando a Microsoft Exchange Server, que fueron notificadas a Microsoft a través del programa ZDI de Trend Micro: ZDI-CAN-18333 (CVSS 8.8) y ZDI-CAN-18802 (CVSS 6.3). La explotación de estas vulnerabilidades podría permitir a un atacante ejecutar código remoto. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidades-0day-microsoft-exchange-server

SysAdmin 24x7
SysAdmin 24x7
4 390
Ethernet VLAN Stacking flaws let hackers launch DoS, MiTM attacks. Four vulnerabilities in the widely adopted 'Stacked VLAN' Ethernet feature allows attackers to perform denial-of-service (DoS) or man-in-the-middle (MitM) attacks against network targets using custom-crafted packets. https://www.bleepingcomputer.com/news/security/ethernet-vlan-stacking-flaws-let-hackers-launch-dos-mitm-attacks/

SysAdmin 24x7
SysAdmin 24x7
4 390
Vulnerability in Apache Pulsar allowed manipulator-in-the-middle attacks. Clients vulnerable due to improper certificate validation A newly-discovered vulnerability in Apache Pulsar allows a remote attacker to carry out a manipulator-in-the-middle (MitM) attack due to improper certificate validation. Apache Pulsar is a distributed, open source solution for server-to-server messaging and queuing built on the publisher-subscribe pattern. https://portswigger.net/daily-swig/vulnerability-in-apache-pulsar-allowed-manipulator-in-the-middle-attacks

SysAdmin 24x7
SysAdmin 24x7
4 390
Múltiples vulnerabilidades en productos HPE y Aruba Fecha de publicación: 28/09/2022 Identificador: INCIBE-2022-0941 Importancia: 5 - Crítica Recursos afectados: HP-UX OpenSSL Software, versiones anteriores a A.01.01.01p.001; Aruba InstantOS, versiones: 6.4.4.8-4.2.4.20 y anteriores; 6.5.4.23 y anteriores; 8.6.0.18 y anteriores; 8.7.1.9 y anteriores; 8.10.0.1 y anteriores; 10.3.1.0 y anteriores; branches que se encuentran en fin de soporte (EOL). Descripción: Se han identificado 16 vulnerabilidades en productos HPE y Aruba: 9 de severidad crítica, 4 altas y 3 medias. https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-hpe-y-aruba-0

SysAdmin 24x7
SysAdmin 24x7
4 390
Resolved RCE in Sophos Firewall (CVE-2022-3236) Product(s) Sophos Firewall Publication ID: sophos-sa-20220923-sfos-rce Article Version: 1 First Published: 2022 Sep 23 Workaround: Yes Remediation Ensure you are running a supported version Hotfixes for the following versions published on September 21, 2022: v19.0 GA, MR1, and MR1-1 v18.5 GA, MR1, MR1-1, MR2, MR3, and MR4 Hotfixes for the following versions published on September 23, 2022: v18.0 MR3, MR4, MR5, and MR6 v17.5 MR12, MR13, MR14, MR15, MR16, and MR17 v17.0 MR10 Fix included in v18.5 MR5 (18.5.5), v19.0 MR2 (19.0.2), and v19.5 GA Users of older versions of Sophos Firewall are required to upgrade to receive the latest protections, and this fix https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce

SysAdmin 24x7
SysAdmin 24x7
4 390
ISC Releases Security Advisories for Multiple Versions of BIND 9 The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions. For advisories addressing lower severity vulnerabilities, see the BIND 9 Security Vulnerability Matrix. CISA encourages users and administrators to review the following ISC advisories CVE-2022-2906, CVE-2022-3080, CVE-2022-38177, and CVE-2022-38178 and apply the necessary mitigations. https://www.cisa.gov/uscert/ncas/current-activity/2022/09/22/isc-releases-security-advisories-multiple-versions-bind-9

SysAdmin 24x7
SysAdmin 24x7
4 390
RHSA-2022:6681 - Security Advisory Synopsis Important: OpenShift Virtualization 4.9.6 Images security and bug fix update Affected Products Red Hat Container Native Virtualization 4.9 for RHEL 8 x86_64 Red Hat Container Native Virtualization 4.9 for RHEL 7 x86_64 https://access.redhat.com/errata/RHSA-2022:6681