بروزرسانی امنیتی شرکت مایکروسافت برای چندین محصول
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
اطلاعات بیشتر:
https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar
@meshkatnet
t.me/meshkatnet
Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
اطلاعات بیشتر:
https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar
@meshkatnet
t.me/meshkatnet
Telegram
Meshkatnet
هر روز با مطالب جدید آموزنده همراه ما باشید
@meshkatnet
✅جهت اطلاع از قیمت روز تجهیزات شبکه با ما تماس بگیرید.
✉️: ceo@meshkatnet.ir
گروه پرسش و پاسخ سوالات شبکه و امنیت
https://t.me/joinchat/PxP8i8_KN1u7iWGS
مدیر گروه
@Seyedhossein2000
@meshkatnet
✅جهت اطلاع از قیمت روز تجهیزات شبکه با ما تماس بگیرید.
✉️: ceo@meshkatnet.ir
گروه پرسش و پاسخ سوالات شبکه و امنیت
https://t.me/joinchat/PxP8i8_KN1u7iWGS
مدیر گروه
@Seyedhossein2000
بروزرسانی امنیتی شرکت Fortinetبرای تعدادی از محصولاتش. با الویت بالا بروز رسانی کنید.
Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
اطلاعات بیشتر:
FortiClientEMS - CSV injection in log download feature (https://www.fortiguard.com/psirt/FG-IR-23-390)
Severity: High
CVSSv3 Score: 8.7
----
FortiOS & FortiProxy - Out-of-bounds Write in captive portal
(https://www.fortiguard.com/psirt/FG-IR-23-328)
Severity: Critical
CVSSv3 Score: 9.3
----
FortiOS & FortiProxy – Authorization bypass in SSLVPN bookmarks
(https://www.fortiguard.com/psirt/FG-IR-24-013)
Severity: High
CVSSv3 Score: 7.2
----
FortiWLM MEA for FortiManager - improper access control in backup and restore features (https://www.fortiguard.com/psirt/FG-IR-23-103)
Severity: High
CVSSv3 Score: 7.7
----
Pervasive SQL injection in DAS component (https://www.fortiguard.com/psirt/FG-IR-24-007)
Severity: Critical
CVSSv3 Score: 9.3
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
اطلاعات بیشتر:
FortiClientEMS - CSV injection in log download feature (https://www.fortiguard.com/psirt/FG-IR-23-390)
Severity: High
CVSSv3 Score: 8.7
----
FortiOS & FortiProxy - Out-of-bounds Write in captive portal
(https://www.fortiguard.com/psirt/FG-IR-23-328)
Severity: Critical
CVSSv3 Score: 9.3
----
FortiOS & FortiProxy – Authorization bypass in SSLVPN bookmarks
(https://www.fortiguard.com/psirt/FG-IR-24-013)
Severity: High
CVSSv3 Score: 7.2
----
FortiWLM MEA for FortiManager - improper access control in backup and restore features (https://www.fortiguard.com/psirt/FG-IR-23-103)
Severity: High
CVSSv3 Score: 7.7
----
Pervasive SQL injection in DAS component (https://www.fortiguard.com/psirt/FG-IR-24-007)
Severity: Critical
CVSSv3 Score: 9.3
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
FortiGuard Labs
PSIRT | FortiGuard Labs
None
🚨 Critical flaw discovered in miniOrange WordPress plugins.
If you're using miniOrange's Malware Scanner (≤ 4.7.2) or Web Application Firewall (≤ 2.1.1), DELETE THEM IMMEDIATELY.
The vulnerability allows attackers to take over your site.
https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
If you're using miniOrange's Malware Scanner (≤ 4.7.2) or Web Application Firewall (≤ 2.1.1), DELETE THEM IMMEDIATELY.
The vulnerability allows attackers to take over your site.
https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
سلام پیشاپیش عیدتون مبارک
امیدوارم سالی پر از خیر و برکت برای خودتون و خانوادتون باشه
و تو کارتون پیشرفت کنید 🌸🌺
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
امیدوارم سالی پر از خیر و برکت برای خودتون و خانوادتون باشه
و تو کارتون پیشرفت کنید 🌸🌺
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
🛑URGENT SECURITY ALERT!
آپدیت مهم امنیتی برای همه لینوکس هایی که Xz utils استفاده میکنن. سریعا آپدیت کنید.
Secret backdoor found in XZ Utils compression library used by major Linux distros, like Fedora, Kali Linux, and openSUSE. Attackers could breach SSH and take control of systems.
https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html
Update and review your systems immediately.
https://access.redhat.com/security/cve/CVE-2024-3094
****
https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
Critical CVSS 10
https://metadata.ftp-master.debian.org/changelogs//main/x/xz-utils/xz-utils_5.6.1+really5.4.5-1_changelog
https://www.openwall.com/lists/oss-security/2024/03/29/4
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
آپدیت مهم امنیتی برای همه لینوکس هایی که Xz utils استفاده میکنن. سریعا آپدیت کنید.
Secret backdoor found in XZ Utils compression library used by major Linux distros, like Fedora, Kali Linux, and openSUSE. Attackers could breach SSH and take control of systems.
https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html
Update and review your systems immediately.
https://access.redhat.com/security/cve/CVE-2024-3094
****
https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
Critical CVSS 10
https://metadata.ftp-master.debian.org/changelogs//main/x/xz-utils/xz-utils_5.6.1+really5.4.5-1_changelog
https://www.openwall.com/lists/oss-security/2024/03/29/4
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
Redhat
Urgent security alert for Fedora 40 and Fedora Rawhide users
Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access.
بروزرسانی امنیتی April 2024 شرکت Microsoft
Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
اطلاعات بیشتر:
Microsoft Security Update Guide for April
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
اطلاعات بیشتر:
Microsoft Security Update Guide for April
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
🚨قابل توجه دوستانی که از putty استفاده میکنن بخصوص نسخه نصب شده آن
Alert - A critical vulnerability in PuTTY versions 0.68 to 0.80 could lead to private key compromises.
Details: https://thehackernews.com/2024/04/widely-used-putty-ssh-client-found.html
Don't let hackers take control—update immediately.
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
Alert - A critical vulnerability in PuTTY versions 0.68 to 0.80 could lead to private key compromises.
Details: https://thehackernews.com/2024/04/widely-used-putty-ssh-client-found.html
Don't let hackers take control—update immediately.
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
♦️https://www.servethehome.com/new-vmware-esxi-to-proxmox-ve-import-wizard-available/
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
ServeTheHome
New VMware ESXi to Proxmox VE Import Wizard Available
A new import wizard is out to help users exfiltrate virtual machines from VMware ESXi to Proxmox VE making the process much easier
بروزرسانی امنیتی شرکت Cisco برای Cisco Integrated Management Controller
Cisco has released security advisories for vulnerabilities in the Cisco integrated management controller. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
اطلاعات بیشتر:
Cisco Integrated Management Controller CLI Command Injection Vulnerability
***
Cisco Integrated Management Controller Web-Based Management Interface Command Injection Vulnerability
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
Cisco has released security advisories for vulnerabilities in the Cisco integrated management controller. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.
اطلاعات بیشتر:
Cisco Integrated Management Controller CLI Command Injection Vulnerability
***
Cisco Integrated Management Controller Web-Based Management Interface Command Injection Vulnerability
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
🚨اصلاحیه فوری کاربران CRushftp
Urgent: If you use CrushFTP for file transfers, update to the latest version immediately!
A critical flaw is being actively exploited, letting attackers escape Virtual File System (VFS) to access system files.
Click to learn more: https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
Urgent: If you use CrushFTP for file transfers, update to the latest version immediately!
A critical flaw is being actively exploited, letting attackers escape Virtual File System (VFS) to access system files.
Click to learn more: https://thehackernews.com/2024/04/critical-update-crushftp-zero-day-flaw.html
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
♦️تفاوت دو پروتوکل در یک تصویر
OSPF VS. EIGRP
#CISCO
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
OSPF VS. EIGRP
#CISCO
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
بروزرسانی امنیتی شرکت Cisco
Today, Cisco released security updates to address ArcaneDoor—exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software. A cyber threat actor could exploit vulnerabilities (CVE-2024-20353, CVE-2024-20359, CVE-2024-20358) to take control of an affected system.
اطلاعات بیشتر:
Cisco Blog: ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
--
Cisco Event Response: Attacks Against Cisco Firewall Platforms
----
Canadian Centre for Cyber Security: Cyber Activity Impacting CISCO ASA VPNs
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
Today, Cisco released security updates to address ArcaneDoor—exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software. A cyber threat actor could exploit vulnerabilities (CVE-2024-20353, CVE-2024-20359, CVE-2024-20358) to take control of an affected system.
اطلاعات بیشتر:
Cisco Blog: ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
--
Cisco Event Response: Attacks Against Cisco Firewall Platforms
----
Canadian Centre for Cyber Security: Cyber Activity Impacting CISCO ASA VPNs
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
خطای بحرانی
Attention WordPress users!
A critical SQL injection vulnerability (CVE-2024-27956) in the WP-Automatic plugin is being actively exploited. With a max severity of 9.9/10, this bug enables site takeovers and malicious activities.
Details: https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
Attention WordPress users!
A critical SQL injection vulnerability (CVE-2024-27956) in the WP-Automatic plugin is being actively exploited. With a max severity of 9.9/10, this bug enables site takeovers and malicious activities.
Details: https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html
@meshkatnet
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
بهترین معلمان با قلبشان آموزش میدهند، نه با کتاب
تقدیم به قلب پر مهر معلمان
روزتان مبارک.
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet
تقدیم به قلب پر مهر معلمان
روزتان مبارک.
✉️ ceo@meshkatnet.ir
🌍 www.meshkatnet.ir
🆔 @meshkatnet