Found 16 bookmarks
Custom sorting
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD)—hereafter referred to as "the authoring agencies"—are disseminating this joint Cybersecurity Advisory (CSA) to highlight continued malicious cyber activity against operational technology devices by Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated Advanced Persistent Threat (APT) cyber actors.
#cisa#US#EN#2023#FBI#IRGC#Iran#PLC#CyberAv3ngers#Advisory#Critical-infrastructure
·cisa.gov·
IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities
Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-27350. This vulnerability occurs in certain versions of PaperCut NG and PaperCut MF and enables an unauthenticated actor to execute malicious code remotely without credentials. PaperCut released a patch in March 2023.
#cisa#EN#2023#PaperCut#CVE-2023-27350#advisory
·cisa.gov·
Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA
Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors.
#cisa#US#2023#Advisory#Improve#Monitoring#Hardening
·cisa.gov·
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA
CVE-2023-27532
CVE-2023-27532
Vulnerability CVE-2023-27532 in a Veeam Backup & Replication component allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.
#veeam#EN#2023#advisory#vulnerability#Backup
·veeam.com·
CVE-2023-27532
Campagne d’exploitation d’une vulnérabilité affectant VMware ESXi
Campagne d’exploitation d’une vulnérabilité affectant VMware ESXi
Le 03 février 2023, le CERT-FR a pris connaissance de campagnes d'attaque ciblant les hyperviseurs VMware ESXi dans le but d'y déployer un rançongiciel. Dans l'état actuel des investigations, ces campagnes d'attaque semblent exploiter la vulnérabilité CVE-2021-21974, pour laquelle un correctif est disponible depuis le 23 février 2021. Cette vulnérabilité affecte le service Service Location Protocol (SLP) et permet à un attaquant de réaliser une exploitation de code arbitraire à distance. Les systèmes actuellement visés seraient des hyperviseurs ESXi en version 6.x et antérieures à 6.7.
#CERT-FR#FR#2023#VMware#ESXi#ESXiArgs#Advisory
·cert.ssi.gouv.fr·
Campagne d’exploitation d’une vulnérabilité affectant VMware ESXi
Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)
Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)
The Galaxy App Store is an alternative application store that comes pre-installed on Samsung Android devices. Several Android applications are available on both the Galaxy App Store and Google App Store, and users have the option to use either store to install specific applications. Two vulnerabilities were uncovered with the Galaxy App Store application: Technical…
#nccgroup#EN#2023#Samsung#Galaxy#App#Store#Android#Advisory#CVE-2023-21433#CVE-2023-21434
·research.nccgroup.com·
Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA
Today, CISA released a Cybersecurity Advisory, CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks. This advisory describes a red team assessment of a large critical infrastructure organization with a mature cyber posture. CISA is releasing this Cybersecurity Advisory (CSA) detailing the red team’s tactics, techniques, and procedures (TTPs) and key findings to provide network defenders proactive steps to reduce the threat of similar activity from malicious cyber actors.
#cisa#US#2023#Advisory#Improve#Monitoring#Hardening
·cisa.gov·
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA
CVE-2023-27532
CVE-2023-27532
Vulnerability CVE-2023-27532 in a Veeam Backup & Replication component allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.
#veeam#EN#2023#advisory#vulnerability#Backup
·veeam.com·
CVE-2023-27532
Campagne d’exploitation d’une vulnérabilité affectant VMware ESXi
Campagne d’exploitation d’une vulnérabilité affectant VMware ESXi
Le 03 février 2023, le CERT-FR a pris connaissance de campagnes d'attaque ciblant les hyperviseurs VMware ESXi dans le but d'y déployer un rançongiciel. Dans l'état actuel des investigations, ces campagnes d'attaque semblent exploiter la vulnérabilité CVE-2021-21974, pour laquelle un correctif est disponible depuis le 23 février 2021. Cette vulnérabilité affecte le service Service Location Protocol (SLP) et permet à un attaquant de réaliser une exploitation de code arbitraire à distance. Les systèmes actuellement visés seraient des hyperviseurs ESXi en version 6.x et antérieures à 6.7.
#CERT-FR#FR#2023#VMware#ESXi#ESXiArgs#Advisory
·cert.ssi.gouv.fr·
Campagne d’exploitation d’une vulnérabilité affectant VMware ESXi
Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)
Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)
The Galaxy App Store is an alternative application store that comes pre-installed on Samsung Android devices. Several Android applications are available on both the Galaxy App Store and Google App Store, and users have the option to use either store to install specific applications. Two vulnerabilities were uncovered with the Galaxy App Store application: Technical…
#nccgroup#EN#2023#Samsung#Galaxy#App#Store#Android#Advisory#CVE-2023-21433#CVE-2023-21434
·research.nccgroup.com·
Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)