Agent Tesla: rilevata campagna di distribuzione malware tramite email
(AL01/240521/CSIRT-ITA)
È stata recentemente rilevata una campagna di distribuzione malware tramite e-mail volta a carpire informazioni sensibili dei sistemi target.
by CSIRT - https://r.zerozone.it/post/ppjDRRfTeRc99eTmX
(AL01/240521/CSIRT-ITA)
È stata recentemente rilevata una campagna di distribuzione malware tramite e-mail volta a carpire informazioni sensibili dei sistemi target.
by CSIRT - https://r.zerozone.it/post/ppjDRRfTeRc99eTmX
Aggiornamenti per prodotti Zyxel
(AL04/240521/CSIRT-ITA)
Zyxel rilascia aggiornamenti di sicurezza per sanare 2 vulnerabilità presenti in molteplici prodotti di rete. Tali vulnerabilità potrebbero permettere la compromissione della disponibilità del servizio sui dispositivi target.
by CSIRT - https://r.zerozone.it/post/SM6uXZWcG7YKJZNzp
(AL04/240521/CSIRT-ITA)
Zyxel rilascia aggiornamenti di sicurezza per sanare 2 vulnerabilità presenti in molteplici prodotti di rete. Tali vulnerabilità potrebbero permettere la compromissione della disponibilità del servizio sui dispositivi target.
by CSIRT - https://r.zerozone.it/post/SM6uXZWcG7YKJZNzp
GitHub Enterprise Server: PoC pubblico per lo sfruttamento della CVE-2024-4985
(AL03/240521/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-4985 – già sanata dal vendor – presente in GitHub Enterprise Server (GHES), nota piattaforma di sviluppo software. Tale vulnerabilità interessa l’autenticazione SAML single sign-on (SSO) qualora sia abilitata la funzionalità opzionale encripted assertions e potrebbe permettere il bypass dei meccanismi di [...]
by CSIRT - https://r.zerozone.it/post/x0zZU6RYjeFYsJN84
(AL03/240521/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-4985 – già sanata dal vendor – presente in GitHub Enterprise Server (GHES), nota piattaforma di sviluppo software. Tale vulnerabilità interessa l’autenticazione SAML single sign-on (SSO) qualora sia abilitata la funzionalità opzionale encripted assertions e potrebbe permettere il bypass dei meccanismi di [...]
by CSIRT - https://r.zerozone.it/post/x0zZU6RYjeFYsJN84
Vulnerabilità in prodotti NextGen HealthCare
(AL03/231026/CSIRT-ITA) - Aggiornamento
Rilevata una vulnerabilità nel prodotto Mirth Connect di NextGen HealthCare, piattaforma open source di integrazione dati utilizzata tipicamente in ambito sanitario. Tale vulnerabilità, qualora sfruttata, potrebbe permettere a un utente malintenzionato remoto l’esecuzione di codice arbitrario sui prodotti target.
by CSIRT - https://r.zerozone.it/post/2TYU0jCQqCuzTTqKT
(AL03/231026/CSIRT-ITA) - Aggiornamento
Rilevata una vulnerabilità nel prodotto Mirth Connect di NextGen HealthCare, piattaforma open source di integrazione dati utilizzata tipicamente in ambito sanitario. Tale vulnerabilità, qualora sfruttata, potrebbe permettere a un utente malintenzionato remoto l’esecuzione di codice arbitrario sui prodotti target.
by CSIRT - https://r.zerozone.it/post/2TYU0jCQqCuzTTqKT
PoC pubblico per lo sfruttamento della CVE-2024-22120
(AL02/240521/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-22120 – già sanata dal vendor – presente in Zabbix, soluzione open source per il monitoraggio di reti e vari sistemi informatici.
by CSIRT - https://r.zerozone.it/post/yR7aHHWe1Wnda6c7K
(AL02/240521/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-22120 – già sanata dal vendor – presente in Zabbix, soluzione open source per il monitoraggio di reti e vari sistemi informatici.
by CSIRT - https://r.zerozone.it/post/yR7aHHWe1Wnda6c7K
Risolte vulnerabilità in Google Chrome
(AL01/240522/CSIRT-ITA)
Google ha rilasciato un aggiornamento per il browser Chrome al fine di correggere 6 vulnerabilità di sicurezza, di cui 4 con gravità “alta”.
by CSIRT - https://r.zerozone.it/post/K0bvGyw8aGxqgmsVs
(AL01/240522/CSIRT-ITA)
Google ha rilasciato un aggiornamento per il browser Chrome al fine di correggere 6 vulnerabilità di sicurezza, di cui 4 con gravità “alta”.
by CSIRT - https://r.zerozone.it/post/K0bvGyw8aGxqgmsVs
WordPress-XStore-Core-Plugin-SQL-Injection(CVE-2024-33551)
WordPress-XStore-Core-Plugin-SQL-Injection(CVE-2024-33551)
by SeeBug - https://r.zerozone.it/post/eVYFs1vVZgv94jeGg
WordPress-XStore-Core-Plugin-SQL-Injection(CVE-2024-33551)
by SeeBug - https://r.zerozone.it/post/eVYFs1vVZgv94jeGg
www.seebug.org
WordPress-XStore-Core-Plugin-SQL-Injection(CVE-2024-33551) - Knownsec Seebug Vulnerability Platform
Introduction:WordPress-XStore-Core-Plugin-SQL-Injection(CVE-2024-33551)
This media is not supported in your browser
VIEW IN TELEGRAM
Un grande classico da tenere sempre a mente
🔥1
Risolte vulnerabilità in prodotti Ivanti
(AL03/240522/CSIRT-ITA)
Ivanti rilascia aggiornamenti di sicurezza che risolvono 16 vulnerabilità, di cui 6 con gravità “critica”, nei prodotti Avalanche, Neurons for ITSM, Connect Secure, Secure Access Client ed Endpoint Manager.
by CSIRT - https://r.zerozone.it/post/jHJywZJXFk1Bx2azj
(AL03/240522/CSIRT-ITA)
Ivanti rilascia aggiornamenti di sicurezza che risolvono 16 vulnerabilità, di cui 6 con gravità “critica”, nei prodotti Avalanche, Neurons for ITSM, Connect Secure, Secure Access Client ed Endpoint Manager.
by CSIRT - https://r.zerozone.it/post/jHJywZJXFk1Bx2azj
Risolte vulnerabilità in prodotti VMware
(AL02/240522/CSIRT-ITA)
VMware ha rilasciato aggiornamenti di sicurezza per sanare 3 vulnerabilità, di cui 2 con gravità “alta”, nei prodotti VMware ESXi, Workstation, Fusion e vCenter Server.
by CSIRT - https://r.zerozone.it/post/T4xyKnzjG1GrxhU5F
(AL02/240522/CSIRT-ITA)
VMware ha rilasciato aggiornamenti di sicurezza per sanare 3 vulnerabilità, di cui 2 con gravità “alta”, nei prodotti VMware ESXi, Workstation, Fusion e vCenter Server.
by CSIRT - https://r.zerozone.it/post/T4xyKnzjG1GrxhU5F
Zabbix 后台延时注入(CVE-2024-22120)
Zabbix 后台延时注入(CVE-2024-22120)
by SeeBug - https://r.zerozone.it/post/rV7wxqBsuQKRM46tQ
Zabbix 后台延时注入(CVE-2024-22120)
by SeeBug - https://r.zerozone.it/post/rV7wxqBsuQKRM46tQ
www.seebug.org
Zabbix 后台延时注入(CVE-2024-22120) - Knownsec Seebug Vulnerability Platform
Introduction:Zabbix 后台延时注入(CVE-2024-22120)
Vulnerabilità in Veeam Backup Enterprise Manager
(AL04/230522/CSIRT-ITA)
Veeam ha reso noto, tramite un bollettino di sicurezza, la presenza di 4 vulnerabilità, di cui una con gravità “critica”, nel prodotto Backup Enterprise Manager che potrebbe permettere ad un utente remoto la possibilità di ottenere privilegi elevati sui sistemi target.
by CSIRT - https://r.zerozone.it/post/36RsmJ2g2puX1mA0B
(AL04/230522/CSIRT-ITA)
Veeam ha reso noto, tramite un bollettino di sicurezza, la presenza di 4 vulnerabilità, di cui una con gravità “critica”, nel prodotto Backup Enterprise Manager che potrebbe permettere ad un utente remoto la possibilità di ottenere privilegi elevati sui sistemi target.
by CSIRT - https://r.zerozone.it/post/36RsmJ2g2puX1mA0B
PoC pubblico per lo sfruttamento della CVE-2024-4323
(AL05/240522/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-4323 – già sanata dal vendor – presente in Fluent Bit, processore e forwarder di log.
by CSIRT - https://r.zerozone.it/post/EPBrTgR6VGKK0XW8T
(AL05/240522/CSIRT-ITA)
Disponibile un Proof of Concept (PoC) per la CVE-2024-4323 – già sanata dal vendor – presente in Fluent Bit, processore e forwarder di log.
by CSIRT - https://r.zerozone.it/post/EPBrTgR6VGKK0XW8T
🏴☠️ Play has just published a new victim : Ryder Scott Co.
United States
by Ransomware live - https://r.zerozone.it/post/9gH84Xe0H83k03rh4
United States
by Ransomware live - https://r.zerozone.it/post/9gH84Xe0H83k03rh4
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ 8base has just published a new victim : ALO diamonds
ALO diamonds, a Czech jewelry company since 1995, produces dazzling jewelry with diamonds and colorful gems of various collections and styles in one of the largest creative studios in central Europe. In the collections of ALO diamonds you can find engagement, wedding rings, chains, earrings and children's earrings, pendants, necklaces, [...]
by Ransomware live - https://r.zerozone.it/post/VrTWXRFBZTJV9CmXR
ALO diamonds, a Czech jewelry company since 1995, produces dazzling jewelry with diamonds and colorful gems of various collections and styles in one of the largest creative studios in central Europe. In the collections of ALO diamonds you can find engagement, wedding rings, chains, earrings and children's earrings, pendants, necklaces, [...]
by Ransomware live - https://r.zerozone.it/post/VrTWXRFBZTJV9CmXR
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Hunters has just published a new victim : Jess-link Products
Country : Taiwan - Exfiltraded data : yes - Encrypted data : yes
by Ransomware live - https://r.zerozone.it/post/eP995e4u9Pn06masG
Country : Taiwan - Exfiltraded data : yes - Encrypted data : yes
by Ransomware live - https://r.zerozone.it/post/eP995e4u9Pn06masG
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Blackbasta has just published a new victim : levian.com
Le Vian is a family-owned jewelry company with a long history, dating from the 15th century. As purveyors of fine jewelry, Le Vian had gained such a reputation that in 1746, Nadir Shah, one Persia’s most powerful rulers, chose them to safeguard the collection of jewels he had amassed — [...]
by Ransomware live - https://r.zerozone.it/post/YJ60Dkz6yUEv972BY
Le Vian is a family-owned jewelry company with a long history, dating from the 15th century. As purveyors of fine jewelry, Le Vian had gained such a reputation that in 1746, Nadir Shah, one Persia’s most powerful rulers, chose them to safeguard the collection of jewels he had amassed — [...]
by Ransomware live - https://r.zerozone.it/post/YJ60Dkz6yUEv972BY
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Akira has just published a new victim : Newman Ferrara
Newman Ferrara maintains a multifaceted practice based in New Yor k City with attorneys specializing in complex commercial and mult i-party litigation, securities fraud and shareholder litigation, consumer protection, civil rights, and real estate. More than 45G B of data will be publicly available soon. Court processes, heari ngs [...]
by Ransomware live - https://r.zerozone.it/post/SwuCS2qz4xS015geY
Newman Ferrara maintains a multifaceted practice based in New Yor k City with attorneys specializing in complex commercial and mult i-party litigation, securities fraud and shareholder litigation, consumer protection, civil rights, and real estate. More than 45G B of data will be publicly available soon. Court processes, heari ngs [...]
by Ransomware live - https://r.zerozone.it/post/SwuCS2qz4xS015geY
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Medusa has just published a new victim : Aztec Services Group
Aztec Services Group, Inc - the scope of the company is environmental remediation and demolition services. Aztec Services Group, Inc corporate office is located in 3814 William P Dooley Bypass, Cincinnati, OH 45223, USA. The total amount of data leakage is 398.38 GB
by Ransomware live - https://r.zerozone.it/post/q6gdB48wvYK28ekQq
Aztec Services Group, Inc - the scope of the company is environmental remediation and demolition services. Aztec Services Group, Inc corporate office is located in 3814 William P Dooley Bypass, Cincinnati, OH 45223, USA. The total amount of data leakage is 398.38 GB
by Ransomware live - https://r.zerozone.it/post/q6gdB48wvYK28ekQq
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Incransom has just published a new victim : Richland City Hall
The Richland Library continues to offer temporary digital library cards and will soon provide enhanced access to Ancestry.com. There are also future plans for drive-up or curbside capabilities.
by Ransomware live - https://r.zerozone.it/post/GyEb8ZWWEdGRA9ryY
The Richland Library continues to offer temporary digital library cards and will soon provide enhanced access to Ancestry.com. There are also future plans for drive-up or curbside capabilities.
by Ransomware live - https://r.zerozone.it/post/GyEb8ZWWEdGRA9ryY
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…
🏴☠️ Rhysida has just published a new victim : ICC
ICC ICC is a structured cabling solutions manufacturer of copper & fiber optic connectivity products for commercial & residential applications More
by Ransomware live - https://r.zerozone.it/post/xXGEubEQeBBMJDpn7
ICC ICC is a structured cabling solutions manufacturer of copper & fiber optic connectivity products for commercial & residential applications More
by Ransomware live - https://r.zerozone.it/post/xXGEubEQeBBMJDpn7
www.ransomware.live
Ransomware.live 👀
Ransomware.live tracks & monitors ransomware groups' victims and their activity. It was created by Julien Mousqueton, a security researcher. The website provides information on Ransomware groups, victims, negotiations, and payment demands. It also includes…