(Update) Zyxel security advisory for the remote code execution vulnerability of NAS and firewall products
CVE: CVE-2020-9054
Summary
Zyxel NAS (Network Attached Storage) and firewall products are affected by a remote code execution vulnerability. Users are advised to install the standard firmware patches or follow the workaround immediately for optimal protection.
What is the vulnerability?
A remote code execution vulnerability was identified in the weblogin.cgi program used in Zyxel NAS and firewall products. Missing authentication for the program could allow attackers to perform remote code execution via OS command injection.
https://www.zyxel.com/global/en/support/security-advisories/update-zyxel-security-advisory-for-the-remote-code-execution-vulnerability-of-nas-and-firewall-products
CVE: CVE-2020-9054
Summary
Zyxel NAS (Network Attached Storage) and firewall products are affected by a remote code execution vulnerability. Users are advised to install the standard firmware patches or follow the workaround immediately for optimal protection.
What is the vulnerability?
A remote code execution vulnerability was identified in the weblogin.cgi program used in Zyxel NAS and firewall products. Missing authentication for the program could allow attackers to perform remote code execution via OS command injection.
https://www.zyxel.com/global/en/support/security-advisories/update-zyxel-security-advisory-for-the-remote-code-execution-vulnerability-of-nas-and-firewall-products
Zyxel
(Update) Zyxel security advisory for the remote code execution vulnerability of NAS and firewall products | Zyxel Networks
CVE: CVE-2020-9054 Summary Zyxel NAS (Network Attached Storage) and firewall products are affected by a remote code execution vulnerability. Users are advised to install the standard firmware patches or follow the workaround immediately for optimal protection.…
VMSA-2024-0005
CVSSv3 Range: 5.9
Issue Date: 2024-02-27
CVE(s): CVE-2024-22251
Synopsis:
VMware Workstation and Fusion updates address an out-of-bounds read vulnerability (CVE-2024-22251)
Impacted Products
VMware Workstation Pro / Player (Workstation)
VMware Fusion
Introduction
An out-of-bounds read vulnerability in VMware Workstation and Fusion was privately reported to VMware. Updates are available to remediate this vulnerability in the affected VMware products.
https://www.vmware.com/security/advisories/VMSA-2024-0005.html
CVSSv3 Range: 5.9
Issue Date: 2024-02-27
CVE(s): CVE-2024-22251
Synopsis:
VMware Workstation and Fusion updates address an out-of-bounds read vulnerability (CVE-2024-22251)
Impacted Products
VMware Workstation Pro / Player (Workstation)
VMware Fusion
Introduction
An out-of-bounds read vulnerability in VMware Workstation and Fusion was privately reported to VMware. Updates are available to remediate this vulnerability in the affected VMware products.
https://www.vmware.com/security/advisories/VMSA-2024-0005.html
Ejecución remota de código en Azure de Microsoft
Fecha 27/02/2024
Importancia 5 - Crítica
Recursos Afectados
MCR VSTS CLI para Microsoft Azure
Descripción
Nitesh Surana (@_niteshsurana) de Trend Micro Research, ha notificado una vulnerabilidad de severidad crítica que podría permitir a un atacante remoto ejecutar código arbitrario.
Solución
Microsoft ha publicado una actualización para corregir esta vulnerabilidad.
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/ejecucion-remota-de-codigo-en-azure-de-microsoft
Fecha 27/02/2024
Importancia 5 - Crítica
Recursos Afectados
MCR VSTS CLI para Microsoft Azure
Descripción
Nitesh Surana (@_niteshsurana) de Trend Micro Research, ha notificado una vulnerabilidad de severidad crítica que podría permitir a un atacante remoto ejecutar código arbitrario.
Solución
Microsoft ha publicado una actualización para corregir esta vulnerabilidad.
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/ejecucion-remota-de-codigo-en-azure-de-microsoft
www.incibe.es
Ejecución remota de código en Azure de Microsoft
Nitesh Surana (@_niteshsurana) de Trend Micro Research, ha notificado una vulnerabilidad de severidad
Múltiples vulnerabilidades en Secure Analytics de Juniper
Fecha 29/02/2024
Importancia 5 - Crítica
Recursos Afectados
Estos problemas afectan a Juniper Networks Juniper Secure Analytics en todas las versiones anteriores a 7.5.0 UP7.
Descripción
Juniper ha publicado 14 vulnerabilidades de las cuales 2 de ellas son de severidad crítica y el resto altas y medias.
Solución
Actualizar a Juniper Secure Analytics en 7.5.0 UP7 IF05 a una versión posterior.
Las actualizaciones de software están disponibles para descargar en https://support.juniper.net/support/downloads/
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-secure-analytics-de-juniper
Fecha 29/02/2024
Importancia 5 - Crítica
Recursos Afectados
Estos problemas afectan a Juniper Networks Juniper Secure Analytics en todas las versiones anteriores a 7.5.0 UP7.
Descripción
Juniper ha publicado 14 vulnerabilidades de las cuales 2 de ellas son de severidad crítica y el resto altas y medias.
Solución
Actualizar a Juniper Secure Analytics en 7.5.0 UP7 IF05 a una versión posterior.
Las actualizaciones de software están disponibles para descargar en https://support.juniper.net/support/downloads/
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-secure-analytics-de-juniper
www.incibe.es
Múltiples vulnerabilidades en Secure Analytics de Juniper
Juniper ha publicado 14 vulnerabilidades de las cuales 2 de ellas son de severidad crítica y el resto
VMSA-2024-0006.1
CVSSv3 Range: 7.1-9.3
Issue Date: 2024-03-05
CVE(s): CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255
Synopsis:
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
VMware Cloud Foundation (Cloud Foundation)
Introduction
Multiple vulnerabilities in VMware ESXi, Workstation, and Fusion were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
The individual vulnerabilities documented on this VMSA for ESXi have severity Important but combining these issues will result in Critical severity.
https://www.vmware.com/security/advisories/VMSA-2024-0006.html
CVSSv3 Range: 7.1-9.3
Issue Date: 2024-03-05
CVE(s): CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255
Synopsis:
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
VMware Cloud Foundation (Cloud Foundation)
Introduction
Multiple vulnerabilities in VMware ESXi, Workstation, and Fusion were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
The individual vulnerabilities documented on this VMSA for ESXi have severity Important but combining these issues will result in Critical severity.
https://www.vmware.com/security/advisories/VMSA-2024-0006.html
VMSA-2024-0006.1
CVSSv3 Range: 7.1-9.3
Issue Date: 2024-03-05
CVE(s):CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255
Synopsis:
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
VMware Cloud Foundation (Cloud Foundation)
Introduction
Multiple vulnerabilities in VMware ESXi, Workstation, and Fusion were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
The individual vulnerabilities documented on this VMSA for ESXi have severity Important but combining these issues will result in Critical severity.
https://www.vmware.com/security/advisories/VMSA-2024-0006.html
CVSSv3 Range: 7.1-9.3
Issue Date: 2024-03-05
CVE(s):CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255
Synopsis:
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255)
Impacted Products
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion Pro / Fusion (Fusion)
VMware Cloud Foundation (Cloud Foundation)
Introduction
Multiple vulnerabilities in VMware ESXi, Workstation, and Fusion were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
The individual vulnerabilities documented on this VMSA for ESXi have severity Important but combining these issues will result in Critical severity.
https://www.vmware.com/security/advisories/VMSA-2024-0006.html
Múltiples vulnerabilidades 0day en productos de Apple
Fecha 06/03/2024
Importancia 5 - Crítica
Recursos Afectados
iOS 16.7.6 y iPadOS 16.7.6
iOS 17.4 y iPadOS 17.4
Descripción
Apple ha publicado 4 vulnerabilidades, 2 de ellas de tipo 0day, que podrían permitir a un atacante eludir las protecciones de la memoria del kernel.
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-0day-en-productos-de-apple-1
Fecha 06/03/2024
Importancia 5 - Crítica
Recursos Afectados
iOS 16.7.6 y iPadOS 16.7.6
iOS 17.4 y iPadOS 17.4
Descripción
Apple ha publicado 4 vulnerabilidades, 2 de ellas de tipo 0day, que podrían permitir a un atacante eludir las protecciones de la memoria del kernel.
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-0day-en-productos-de-apple-1
www.incibe.es
[Actualización 08/03/2024] Múltiples vulnerabilidades 0day en productos de Apple
Apple ha publicado 4 vulnerabilidades, 2 de ellas de tipo 0day, que podrían permitir a un atacante elu
VMSA-2024-0007
CVSSv3 Range: 4.3
Issue Date: 2024-03-07
CVE(s): CVE-2024-22256
Synopsis:
VMware Cloud Director updates address a partial information disclosure vulnerability (CVE-2024-22256).
Impacted Products
VMware Cloud Director
Introduction
A partial information disclosure vulnerability in VMware Cloud Director was privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
https://www.vmware.com/security/advisories/VMSA-2024-0007.html
CVSSv3 Range: 4.3
Issue Date: 2024-03-07
CVE(s): CVE-2024-22256
Synopsis:
VMware Cloud Director updates address a partial information disclosure vulnerability (CVE-2024-22256).
Impacted Products
VMware Cloud Director
Introduction
A partial information disclosure vulnerability in VMware Cloud Director was privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
https://www.vmware.com/security/advisories/VMSA-2024-0007.html
Cybersecurity and Infrastructure Security Agency (CISA)
You are subscribed to Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.
Apple Released Security Updates for Multiple Products
03/08/2024 01:00 PM EST
Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following advisories and apply the necessary updates:
Safari 17.4
macOS Sonoma 14.4
macOS Ventura 13.6.5
macOS Monterey 12.7.4
watchOS 10.4
tvOS 17.4
visionOS 1.1
https://www.cisa.gov/news-events/alerts/2024/03/08/apple-released-security-updates-multiple-products
You are subscribed to Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.
Apple Released Security Updates for Multiple Products
03/08/2024 01:00 PM EST
Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following advisories and apply the necessary updates:
Safari 17.4
macOS Sonoma 14.4
macOS Ventura 13.6.5
macOS Monterey 12.7.4
watchOS 10.4
tvOS 17.4
visionOS 1.1
https://www.cisa.gov/news-events/alerts/2024/03/08/apple-released-security-updates-multiple-products
Critical Fortinet flaw may impact 150,000 exposed devices
Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication.
https://www.bleepingcomputer.com/news/security/critical-fortinet-flaw-may-impact-150-000-exposed-devices/
Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication.
https://www.bleepingcomputer.com/news/security/critical-fortinet-flaw-may-impact-150-000-exposed-devices/
BleepingComputer
Critical Fortinet flaw may impact 150,000 exposed devices
Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue that allows executing code without authentication.
Security ID : QSA-24-09
Multiple Vulnerabilities in QTS, QuTS hero, QuTScloud, and myQNAPcloud
Release date : March 9, 2024
CVE identifier : CVE-2024-21899 | CVE-2024-21900 | CVE-2024-21901
Affected products: QTS 5.1.x, 4.5.x; QuTS hero h5.1.x, h4.5.x; QuTScloud c5.x; myQNAPcloud 1.0.x
https://www.qnap.com/en/security-advisory/qsa-24-09
Multiple Vulnerabilities in QTS, QuTS hero, QuTScloud, and myQNAPcloud
Release date : March 9, 2024
CVE identifier : CVE-2024-21899 | CVE-2024-21900 | CVE-2024-21901
Affected products: QTS 5.1.x, 4.5.x; QuTS hero h5.1.x, h4.5.x; QuTScloud c5.x; myQNAPcloud 1.0.x
https://www.qnap.com/en/security-advisory/qsa-24-09
Vulnerabilidad de subida de ficheros sin restricción en ManageEngine Desktop Central
Fecha 11/03/2024
Importancia 5 - Crítica
Recursos Afectados
ManageEngine Desktop Central, versión 9, build 90055.
Descripción
INCIBE ha coordinado la publicación de una vulnerabilidad de severidad critica que afecta a ManageEngine Desktop Central (ahora conocida como Endpoint Central), una solución de seguridad y gestión de endpoints unificada que ayuda a administrar equipos de escritorio, portátiles, servidores, dispositivos móviles y tablets desde una ubicación central, la cual ha sido descubierta por Rafael Pedrero.
A esta vulnerabilidad se le ha asignado el siguiente código, puntuación base CVSS v3.1, vector del CVSS y tipo de vulnerabilidad CWE:
CVE-2024-2370: 9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | CWE-434.
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/vulnerabilidad-de-subida-de-ficheros-sin-restriccion-en-manageengine-desktop
Fecha 11/03/2024
Importancia 5 - Crítica
Recursos Afectados
ManageEngine Desktop Central, versión 9, build 90055.
Descripción
INCIBE ha coordinado la publicación de una vulnerabilidad de severidad critica que afecta a ManageEngine Desktop Central (ahora conocida como Endpoint Central), una solución de seguridad y gestión de endpoints unificada que ayuda a administrar equipos de escritorio, portátiles, servidores, dispositivos móviles y tablets desde una ubicación central, la cual ha sido descubierta por Rafael Pedrero.
A esta vulnerabilidad se le ha asignado el siguiente código, puntuación base CVSS v3.1, vector del CVSS y tipo de vulnerabilidad CWE:
CVE-2024-2370: 9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | CWE-434.
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/vulnerabilidad-de-subida-de-ficheros-sin-restriccion-en-manageengine-desktop
www.incibe.es
Vulnerabilidad de subida de ficheros sin restricción en ManageEngine Desktop Central
INCIBE ha coordinado la publicación de una vulnerabilidad de severidad critica que afe
Arcserve Unified Data Protection 9.2 Multiple Vulnerabilities
Synopsis
Multiple vulnerabilities exist in Arcserve Unified Data Protection (UDP) 9.2.
CVE-2024-0799 - wizardLogin Authentication Bypass (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
An authentication bypass vulnerability exists in edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin(). When a NULL password is passed to the method, a UUID is used for authentication
https://www.tenable.com/security/research/tra-2024-07
Synopsis
Multiple vulnerabilities exist in Arcserve Unified Data Protection (UDP) 9.2.
CVE-2024-0799 - wizardLogin Authentication Bypass (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
An authentication bypass vulnerability exists in edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin(). When a NULL password is passed to the method, a UUID is used for authentication
https://www.tenable.com/security/research/tra-2024-07
Tenable®
Arcserve Unified Data Protection 9.2 Multiple Vulnerabilities
Multiple vulnerabilities exist in Arcserve Unified Data Protection (UDP) 9.2.
Critical RCE Vulnerability in Fortra FileCatalyst Workflow Threatens File Transfer Security (CVE-2024-25153)
https://socradar.io/rce-vulnerability-fortra-filecatalyst-workflow/
https://socradar.io/rce-vulnerability-fortra-filecatalyst-workflow/
SOCRadar® Cyber Intelligence Inc.
Critical RCE Vulnerability in Fortra FileCatalyst Workflow Threatens File Transfer Security (CVE-2024-25153) - SOCRadar® Cyber…
Fortra FileCatalyst Workflow, a trusted enterprise file transfer solution, is under severe threat due to the disclosure of a critical Remote Code...
Múltiples vulnerabilidades en productos de Atlassian
Fecha 20/03/2024
Importancia 5 - Crítica
Recursos Afectados
Bamboo Data Center and Server
Bitbucket Data Center and Server
Confluence Data Center and Server
Jira Software Data Center and Server
Descripción
Atlassian ha publicado un boletín de seguridad para marzo de 2024 que incluye 1 vulnerabilidad de severidad crítica y 24 altas. La explotación de estas vulnerabilidades podría permitir a un atacante realizar inyección de SQL, denegación de servicio, acceder a directorios restringidos y ejecutar código remoto.
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-productos-de-atlassian-1
Fecha 20/03/2024
Importancia 5 - Crítica
Recursos Afectados
Bamboo Data Center and Server
Bitbucket Data Center and Server
Confluence Data Center and Server
Jira Software Data Center and Server
Descripción
Atlassian ha publicado un boletín de seguridad para marzo de 2024 que incluye 1 vulnerabilidad de severidad crítica y 24 altas. La explotación de estas vulnerabilidades podría permitir a un atacante realizar inyección de SQL, denegación de servicio, acceder a directorios restringidos y ejecutar código remoto.
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-productos-de-atlassian-1
www.incibe.es
Múltiples vulnerabilidades en productos de Atlassian
Atlassian ha publicado un boletín de seguridad para marzo de 2024 que incluye 1 vulnerabilidad de seve
Múltiples vulnerabilidades en el sistema CIGESv2
Fecha 20/03/2024
Importancia 5 - Crítica
Recursos Afectados
CIGESv2
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-el-sistema-cigesv2
Fecha 20/03/2024
Importancia 5 - Crítica
Recursos Afectados
CIGESv2
https://www.incibe.es/incibe-cert/alerta-temprana/avisos/multiples-vulnerabilidades-en-el-sistema-cigesv2
www.incibe.es
Múltiples vulnerabilidades en el sistema CIGESv2
INCIBE ha coordinado la publicación de 7 vulnerabilidades, 3 de severidad crítica, 1 d
Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry
Release DateMarch 21, 2024
Ivanti has released security advisories to address vulnerabilities in Ivanti Neurons for ITSM and Standalone Sentry. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following Ivanti advisories and apply the necessary updates:
CVE-2023-46808 (Authenticated Remote File Write) for Ivanti Neurons for ITSM
CVE-2023-41724 (Remote Code Execution) for Ivanti Standalone Sentry
https://www.cisa.gov/news-events/alerts/2024/03/21/ivanti-releases-security-updates-neurons-itsm-and-standalone-sentry
https://forums.ivanti.com/s/article/SA-CVE-2023-46808-Authenticated-Remote-File-Write-for-Ivanti-Neurons-for-ITSM
https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry
Release DateMarch 21, 2024
Ivanti has released security advisories to address vulnerabilities in Ivanti Neurons for ITSM and Standalone Sentry. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following Ivanti advisories and apply the necessary updates:
CVE-2023-46808 (Authenticated Remote File Write) for Ivanti Neurons for ITSM
CVE-2023-41724 (Remote Code Execution) for Ivanti Standalone Sentry
https://www.cisa.gov/news-events/alerts/2024/03/21/ivanti-releases-security-updates-neurons-itsm-and-standalone-sentry
https://forums.ivanti.com/s/article/SA-CVE-2023-46808-Authenticated-Remote-File-Write-for-Ivanti-Neurons-for-ITSM
https://forums.ivanti.com/s/article/CVE-2023-41724-Remote-Code-Execution-for-Ivanti-Standalone-Sentry
Ivanti
SA: CVE-2023-46808 (Authenticated Remote File Write) for Ivanti Neurons for ITSM
<p><strong><u><span style="color: #e74c3c;">Please note: The patch has been applied to all Ivanti Neurons for ITSM Cloud landscapes. No further action is needed for cloud customers.</span></u></strong>
A vulnerability has been discovered that impacts all…
A vulnerability has been discovered that impacts all…
Forwarded from Una al día
Microsoft confirma problema en Windows Server detrás de los bloqueos de controladores de dominio
https://unaaldia.hispasec.com/2024/03/microsoft-confirma-problema-en-windows-server-detras-de-los-bloqueos-de-controladores-de-dominio.html?utm_source=rss&utm_medium=rss&utm_campaign=microsoft-confirma-problema-en-windows-server-detras-de-los-bloqueos-de-controladores-de-dominio
https://unaaldia.hispasec.com/2024/03/microsoft-confirma-problema-en-windows-server-detras-de-los-bloqueos-de-controladores-de-dominio.html?utm_source=rss&utm_medium=rss&utm_campaign=microsoft-confirma-problema-en-windows-server-detras-de-los-bloqueos-de-controladores-de-dominio
Una al Día
Microsoft confirma problema en Windows Server detrás de los bloqueos de controladores de dominio
Microsoft confirma que un problema en Windows Server está detrás de los bloqueos de los controladores de dominio.
170K+ Python Developers GitHub Accounts Hacked in Supply Chain Attack
https://gbhackers.com/170k-user-accounts-hacked/
https://gbhackers.com/170k-user-accounts-hacked/
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
170K+ User Accounts Hacked by Using Fake Python Infrastructure
Over 170,000 users have fallen victim to a meticulously orchestrated scheme exploiting the Python software supply chain.
SysAdmin 24x7
170K+ Python Developers GitHub Accounts Hacked in Supply Chain Attack https://gbhackers.com/170k-user-accounts-hacked/
Checkmarx
Attack on Software Supply Chains Using Fake Python Infrastructure
Checkmarx uncovered an attack on software supply chains, using tactics like stolen cookies and malicious code in PyPi packages. Learn how they did it