Biztonsági szemle

Patch now: The Atlassian security vulnerability appears to be a remotely exploitable privilege-escalation bug that cyberattackers could use to crack collaboration environments wide open.

Cloud is the new data center, internet is the new network, and home is the new office. As infrastructure and working environments change, so must visibility into hops across the digital supply chain to ensure secure and exceptional experiences for...

With these five steps, organizations can develop stronger security practices and make the inevitable breaches inconsequential.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: AFS65x, AFF66x, AFS67x, AFR67x Series Vulnerabilities: Incorrect Calculation, Integer Overflow or Wraparound, Improper...

CISA released three Industrial Control Systems (ICS) advisories on October 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-278-01 Hitachi Energy AFS65x, AFF66x...

Atlassian released a security advisory to address a vulnerability affecting Confluence Data Center and Confluence Server. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Qognify Equipment: NiceVision Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability...

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation: CVE-2023-40044 Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability CVE-2023-42824 Apple iOS and...

Today, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the...

A plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: CC-Link IE TSN Industrial Managed Switch Vulnerabilities: Observable Timing Discrepancy, Double Free 2. RISK...

Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review...