SysAdmin 24x7 – Telegram

SysAdmin 24x7

4.34K subscribers

41 photos

2 videos

8 files

6.03K links

Noticias y alertas de seguridad informática.
Chat y contacto:
t.me/sysadmin24x7chat

Download Telegram

About

Blog

Apps

Platform

4.34K subscribers

Iberdrola comunica a sus clientes que ha sido víctima de un ciberataque

La empresa I-DE Redes Eléctricas Inteligentes, S.A.U., distribuidora de electricidad del grupo Iberdrola, ha explicado a sus clientes, a través de un comunicado, que ha sufrido un ciberataque. Los datos de los usuarios expuestos a raíz de este incidente son: nombre y apellido, DNI, domicilio, número de teléfono y dirección de correo electrónico.

Recursos afectados
Se ven afectados todos aquellos clientes de la empresa que hayan recibido el comunicado por parte de I-DE Redes Eléctricas Inteligentes, S.A.U.

https://www.osi.es/es/actualidad/avisos/2022/03/iberdrola-comunica-sus-clientes-que-ha-sido-victima-de-un-ciberataque

Iberdrola comunica a sus clientes que ha sido víctima de un

La empresa I-DE Redes Eléctricas Inteligentes, S.A.U., distribuidora de electricidad del grupo Iberdrola, ha explicado a sus clientes, a través de un comunicado, que ha sufrido un ciberataque. Los

588 views12:05

Spring Framework insecurely handles PropertyDescriptor objects with data binding

Vulnerability Note VU#970766
Original Release Date: 2022-03-31

https://kb.cert.org/vuls/id/970766

www.kb.cert.org

CERT/CC Vulnerability Note VU#970766

Spring Framework insecurely handles PropertyDescriptor objects with data binding

516 views15:56

[Precaución] Solicitud de aplicación de parche al confirmar un ataque que aprovecha la vulnerabilidad de Trend Micro Apex Central (CVE-2022-26871)

Hemos confirmado un ataque que aprovecha la vulnerabilidad (CVE-2022-26871) en Trend Micro Apex Central.
Hemos preparado un parche, así que aplique el último programa lo antes posible.

■ Productos objetivo
Trend Micro Apex Central (Apex Central) Compilación: Menos de 6016
Trend Micro Apex Central como servicio (Apex Central parte funcional de Apex One SaaS; en adelante, Apex Central SaaS) Compilación: menos de 202203

https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435

500 views18:20

CISA Releases Security Advisories for Rockwell Automation Products

Original release date: March 31, 2022

CISA has released two Industrial Controls Systems Advisories (ICSAs) detailing vulnerabilities in Rockwell Automation products. An attacker could exploit these vulnerabilities to inject code on affected system.

CISA encourages users and administrators to review ICSA-22-090-05: Rockwell Automation Logix Controllers and ICSA-22-090-07: Rockwell Automation Studio 5000 Logix Designer for more information and to apply the necessary mitigations and detection method.

https://www.cisa.gov/uscert/ncas/current-activity/2022/03/31/cisa-releases-security-advisories-rockwell-automation-products

493 views18:45

Critical SQL injection flaw fixed in Rapid7’s Nexpose vulnerability scanner.

Attacks could be mounted via manipulation of query operators in search criteria

Rapid7 has patched a critical SQL injection vulnerability in Nexpose, its on-premises vulnerability management software.

The flaw, which has a CVSS rating of 9.8, arose because valid search operators were not defined, according to the CVE description for the bug, which is tracked as CVE-2022-0757.

Consequently, attackers can inject SQL code after manipulating the ‘ALL’ or ‘ANY’ filter query operators in the SearchCriteria.

This issue affects all versions of Nexpose – alternately known as Security Console – up to and including 6.6.128.

https://portswigger.net/daily-swig/critical-sql-injection-flaw-fixed-in-rapid7s-nexpose-vulnerability-scanner

The Daily Swig | Cybersecurity news and views

Critical SQL injection flaw fixed in Rapid7’s Nexpose vulnerability scanner

Attacks could be mounted via manipulation of query operators in search criteria

450 views22:27

This new ransomware targets data visualization tool Jupyter Notebook.

https://www.zdnet.com/article/this-new-ransomware-targets-data-visualization-tool-jupyter-notebook/

This new ransomware targets data visualization tool Jupyter Notebook

Misconfigured environments are the entry point for the ransomware strain.

444 views22:28

Zlib data compressor fixes 17-year-old security bug – patch, errrm, now.

https://nakedsecurity.sophos.com/2022/03/29/zlib-data-compressor-fixes-17-year-old-security-bug-patch-errr-now/

Zlib data compressor fixes 17-year-old security bug – patch, errrm, now

This code is venerable! Surely all the bugs must be out by now?

542 views22:29

Raw Image Extension Remote Code Execution Vulnerability

CVE-2022-23295

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23295

463 views06:24

Zyxel Releases Patches for Critical Bug Affecting Business Firewall and VPN Devices

[...]
The flaw has been assigned the identifier CVE-2022-0342 and is rated 9.8 out of 10 for severity. Credited with reporting the bug are Alessandro Sgreccia from Tecnical Service Srl and Roberto Garcia H and Victor Garcia R from Innotec Security.
[...]

https://thehackernews.com/2022/03/zyxel-releases-patches-for-critical-bug.html

488 views06:26

About the security content of iOS 15.4.1 and iPadOS 15.4.1

Impact: An application may be able to execute arbitrary code with kernel privileges.

https://support.apple.com/en-us/HT213219

About the security content of iOS 15.4.1 and iPadOS 15.4.1

This document describes the security content of iOS 15.4.1 and iPadOS 15.4.1.

503 views06:33

About the security content of macOS Monterey 12.3.1

Impact: An application may be able to execute arbitrary code with kernel privileges

https://support.apple.com/en-us/HT213220

About the security content of macOS Monterey 12.3.1

This document describes the security content of macOS Monterey 12.3.1.

517 views06:34

Spring Framework insecurely handles PropertyDescriptor objects with data binding Vulnerability Note VU#970766 Original Release Date: 2022-03-31 https://kb.cert.org/vuls/id/970766

https://tanzu.vmware.com/security/cve-2022-22965

CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+

Level up your Java code and explore what Spring can do for you.

515 views13:08

Múltiples vulnerabilidades en productos Netgear

Fecha de publicación: 01/04/2022
Importancia: 5 - Crítica

Descripción:
Netgear ha publicado 12 vulnerabilidades, de severidad crítica, presentes en múltiples de sus productos.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-netgear-19

Múltiples vulnerabilidades en productos Netgear

Netgear ha publicado 12 vulnerabilidades, de severidad crítica, presentes en múltiples de sus productos.

519 views14:35

Múltiples vulnerabilidades en GitLab

Fecha de publicación: 01/04/2022
Importancia: 5 - Crítica

Recursos afectados:
Todas las versiones de:
GitLab CE/EE,
GitLab Omnibus,
GitLab Charts,
GitLab Pages.
Descripción:
GitLab ha publicado 17 vulnerabilidades: 1 de severidad crítica, 2 de severidad elevada, 9 de severidad media y 5 de severidad baja, por las que un atacante podría acceder a credenciales, ejecutar una vulnerabilidad tipo Cross-Site Scripting (XSS), acceder al token de registro y variables de entorno o causar una denegación de servicio entre otros.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-gitlab

Múltiples vulnerabilidades en GitLab

GitLab ha publicado 17 vulnerabilidades: 1 de severidad crítica, 2 de severidad elevada, 9 de severidad media y 5 de severidad baja, por las que un atacante podría acceder a credenciales, ejecutar

561 viewsedited 14:39

GitLab addresses critical account hijack bug.

https://portswigger.net/daily-swig/gitlab-addresses-critical-account-hijack-bug

The Daily Swig | Cybersecurity news and views

GitLab addresses critical account hijack bug

Monthly release also addresses pair of stored XSS flaws

527 views22:31

CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell)

https://unit42.paloaltonetworks.com/cve-2022-22965-springshell/

CVE-2022-22965: Spring Core Remote Code Execution Vulnerability Exploited In the Wild (SpringShell) (Updated)

CVE-2022-22965, aka SpringShell, is a remote code execution vulnerability in the Spring Framework. We provide a root cause analysis and mitigations.

580 views22:32

Spring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities

Original release date: April 01, 2022

https://www.cisa.gov/uscert/ncas/current-activity/2022/04/01/spring-releases-security-updates-addressing-spring4shell-and

Spring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities | CISA

Spring by VMWare has released Spring Cloud Function versions 3.1.7 and 3.2.3 to address remote code execution (RCE) vulnerability CVE-2022-22963 as well as Spring Framework versions 5.3.18 and 5.2.20 to address RCE vulnerability CVE-2022-22965, known as “Spring4Shell.”…

614 views22:51

VMSA-2022-0010

CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-02 (Initial Advisory)
CVE(s): CVE-2022-22965

Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965)

Impacted Products
VMware Tanzu Application Service for VMs
VMware Tanzu Operations Manager
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)

https://www.vmware.com/security/advisories/VMSA-2022-0010.html

806 views21:52

CVE-2022-26871 Detail

NVD Published Date: 03/29/2022
NVD Last Modified: 03/30/2022
Source: Trend Micro, Inc.

Description
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.

https://nvd.nist.gov/vuln/detail/CVE-2022-26871

685 views09:04

Boletín de seguridad de Android de abril de 2022

Fecha de publicación: 05/04/2022
Importancia: 4 - Alta

Recursos afectados:
Android Open Source Project (AOSP):

Versiones 10, 11, 12 y 12L.
Descripción:
El boletín mensual de Android de abril de 2022 soluciona 3 vulnerabilidades de severidad alta que afectan al sistema, y que podrían permitir a un cibedelincuente la escalada remota de privilegios, sin necesidad de privilegios de ejecución adicionales ni interacción por parte del usuario, y la divulgación de información.

https://www.incibe.es/protege-tu-empresa/avisos-seguridad/boletin-seguridad-android-abril-2022

Boletín de seguridad de Android de abril de 2022

619 views14:47

VMSA-2022-0010 CVSSv3 Range: 9.8 Issue Date: 2022-04-02 Updated On: 2022-04-02 (Initial Advisory) CVE(s): CVE-2022-22965 Synopsis: VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965) Impacted Products…

https://t.me/sysadmin24x7/4927
Actualización de contenido sobre vulnerabilidad

VMSA-2022-0010.1

CVSSv3 Range: 9.8
Issue Date: 2022-04-02

Updated On: 2022-04-06

CVE(s): CVE-2022-22965

Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)

Impacted Products
VMware Tanzu Application Service for VMs
VMware Tanzu Operations Manager
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)

https://www.vmware.com/security/advisories/VMSA-2022-0010.html

VMSA-2022-0010

CVSSv3 Range: 9.8
Issue Date: 2022-04-02
Updated On: 2022-04-02 (Initial Advisory)
CVE(s): CVE-2022-22965

Synopsis:
VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965)

Impacted Products…

560 views10:15