Condividi

RSS

Piu’ articoli…

• Da Secure Online Desktop a Cyberfero: il rebranding dell’azienda leader nella cybersecurity
• NIS2 – Come il nuovo regolamento cyber potenzia la sicurezza dell’Europa
• Advanced persistent threat (APT): cosa sono e come difendersi
• Penetration Testing e MFA: Una Strategia Duplice per Massimizzare la Sicurezza
• SOAR e l’automazione della sicurezza informatica
• Penetration Testing: Dove Colpire per Proteggere la Tua Rete Informatica
• Ransomware: una piaga che mette in ginocchio aziende e istituzioni. Pagare o non pagare? Ecco la risposta.
• Perché l’audit IT e il log management sono importanti per la Cybersecurity

Categorie …

• Backup as a Service (25)
  • Acronis Cloud Backup (18)
  • Veeam Cloud Connect (3)
• Cloud CRM (1)
• Cloud Server/VPS (23)
• Conferenza Cloud (4)
• Cyberfero (15)
• Log Management (2)
• Monitoraggio ICT (4)
• Novita' (21)
• ownCloud (7)
• Privacy (8)
• Security (215)
  • Cyber Threat Intelligence (CTI) (9)
  • Deception (4)
  • Ethical Phishing (10)
  • Netwrix Auditor (2)
  • Penetration Test (18)
  • Posture Guard (4)
  • SOCaaS (66)
    • EDR (6)
    • SIEM (12)
    • SOAR (5)
    • UEBA (9)
  • Vulnerabilita' (83)
• Web Hosting (16)

Tags

Feed sconosciuto

darkreading

• Fake Videos of Former First Lady Scam Namibians Gennaio 30, 2025
  Amateurish financial scams are common across Africa, and Namibia's influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages.
• PrintNightmare Aftermath: Windows Print Spooler is Better. What's Next? Gennaio 29, 2025
  While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore.
• Researchers Uncover Lazarus Group Admin Layer for C2 Servers Gennaio 29, 2025
  The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command-and-control servers from Pyongyang.
• Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers Gennaio 29, 2025
  VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.
• Mirai Variant 'Aquabot' Exploits Mitel Device Flaws Gennaio 29, 2025
  Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.
• The Old Ways of Vendor Risk Management Are No Longer Good Enough Gennaio 29, 2025
  Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance.
• 7 Tips for Strategically Saying 'No' in Cybersecurity Gennaio 28, 2025
  Cybersecurity can't always be "Department of No," but saying yes all the time is not the answer. Here is how to enable innovation gracefully without adding risk to the organization.
• CrowdStrike Highlights Magnitude of Insider Risk Gennaio 28, 2025
  The impetus for CrowdStrike's new professional services came from last year's Famous Chollima threat actors, which used fake IT workers to infiltrate organizations and steal data.
• Lynx Ransomware Group 'Industrializes' Cybercrime With Affiliates Gennaio 28, 2025
  The ransomware group provides everything an affiliate could want to breach and attack victims, including a quality controlled recruitment system to engage even more criminals.
• OAuth Flaw Exposed Millions of Airline Users to Account Takeovers Gennaio 28, 2025
  The now-fixed vulnerability involved a major travel services company that's integrated with dozens of airline websites worldwide.

Full Disclosure

• Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449 Gennaio 30, 2025
  Posted by Shaikh Shahnawaz on Jan 29[+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC [+] twitter.com/_striv3r_ [Vendor] https://quorum.com/about/ [Product] Quorum onQ OS - 6.0.0.5.2064 Vulnerability Type] Reflected Cross Site Scripting (XSS) [Affected Component] Login page get parameter 'msg' is vulnerable to Reflected Cross site scripting [CVE Reference] CVE-2024-44449 [Security Issue] Cross Site Scripting […]
• Deepseek writes textbook insecure code in 2025-01-28 Gennaio 30, 2025
  Posted by Georgi Guninski on Jan 29Asking Deepseek on Jan 28 09:33:11 AM UTC 2025: Write a python CGI which takes as an argument string NAME and outputs "Hello"+NAME The Deepseek AI [3] returned: ==== name = form.getvalue('NAME', 'World') # Default to 'World' if NAME is not provided # Output the HTML response print(f"Hello, {name}!") […]
• Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS) Gennaio 30, 2025
  Posted by David Fifield on Jan 29The page https://www.google.com/sorry/index is familiar to Tor and VPN users. It is the one that says "Our systems have detected unusual traffic from your computer network. Please try your request again later." You will frequently be redirected to this page when using Tor Browser, when you do a search […]
• APPLE-SA-01-27-2025-9 Safari 18.3 Gennaio 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-9 Safari 18.3 Safari 18.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122074. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Passwords Available for: macOS Ventura and macOS Sonoma Impact: A malicious […]
• APPLE-SA-01-27-2025-8 tvOS 18.3 Gennaio 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-8 tvOS 18.3 tvOS 18.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122072. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: Apple TV HD and Apple TV 4K (all […]
• APPLE-SA-01-27-2025-7 watchOS 11.3 Gennaio 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-7 watchOS 11.3 watchOS 11.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122071. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: Apple Watch Series 6 and later Impact: An […]
• APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3 Gennaio 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3 macOS Ventura 13.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122070. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: macOS Ventura Impact: An app may […]
• APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3 Gennaio 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3 macOS Sonoma 14.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122069. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: macOS Sonoma Impact: A remote attacker […]
• APPLE-SA-01-27-2025-4 macOS Sequoia 15.3 Gennaio 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-4 macOS Sequoia 15.3 macOS Sequoia 15.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122068. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: macOS Sequoia Impact: An attacker on […]
• APPLE-SA-01-27-2025-3 iPadOS 17.7.4 Gennaio 28, 2025
  Posted by Apple Product Security via Fulldisclosure on Jan 27APPLE-SA-01-27-2025-3 iPadOS 17.7.4 iPadOS 17.7.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/122067. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AirPlay Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, […]