Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](3.215.79.68|AS14618) to the bottom mailbox to add to the whitelist

文章列表

dby 23:00   Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird    #Us-Cert #安全文章 Original release date: June 29, 2022Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the M

2022-06-29 02:51   CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1    #Us-Cert #安全文章 Original release date: June 28, 2022 CISA has released guidance on switching from Basic Authentication (“Basic Auth”) in Microsoft Exchange Online to Modern Authentication ("Modern Auth") before Microsoft begins permanently disabling Basic Auth on October 1, 2022. Basic Auth is a legacy authent

2022-06-28 22:00   2022 CWE Top 25 Most Dangerous Software Weaknesses    #Us-Cert #安全文章 Original release date: June 28, 2022The Homeland Security Systems Engineering and Development Institute, sponsored by CISA and operated by MITRE, has released the 2022 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list. The list uses data from the National Vulnerability

2022-06-27 23:00   CISA Adds Eight Known Exploited Vulnerabilities to Catalog    #Us-Cert #安全文章 Original release date: June 27, 2022CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enter

2022-06-27 18:29   Vulnerability Summary for the Week of June 20, 2022    #Us-Cert #漏洞通告 Original release date: June 27, 2022 High VulnerabilitiesPrimaryVendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch InfoThere were no high vulnerabilities recorded this week.Back to top Medium VulnerabilitiesPrimaryVendor -- ProductDescriptionPublishedCVSS ScoreSource & P

2022-06-24 22:49   Citrix Releases Security Updates for Hypervisor    #Us-Cert #安全文章 Original release date: June 24, 2022Citrix has released security updates to address vulnerabilities that could affect Hypervisor. An attacker could exploit one of these vulnerabilities to take control of an affected system.CISA encourages users and administrators to review Citrix Security Update CTX

2022-06-24 02:00   Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems    #Us-Cert #安全文章 Original release date: June 23, 2022 CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit

2022-06-24 01:00   AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems    #Us-Cert #安全事件 Original release date: June 23, 2022SummaryActions to take today:• Install fixed builds, updating all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell in December 2021, treat all af

2022-06-23 21:00   CISA Releases Cloud Security Technical Reference Architecture    #Us-Cert #安全文章 Original release date: June 23, 2022CISA has released its Cloud Security (CS) Technical Reference Architecture (TRA) to guide federal civilian departments and agencies in securely migrating to the cloud. Co-authored by CISA, the United States Digital Service, and the Federal Risk and Authorization M

2022-06-22 23:00   Google Releases Security Updates for Chrome    #Us-Cert #安全文章 Original release date: June 22, 2022Google has released Chrome version 103.0.5060.53 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release No

2022-06-22 22:00   CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report    #Us-Cert #安全文章 Original release date: June 22, 2022CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineer

2022-06-22 21:00   Keeping PowerShell: Measures to Use and Embrace    #Us-Cert #安全文章 Original release date: June 22, 2022Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet (CIS) on PowerShell. The CIS provides recommendations for proper configuration and monitoring of PowerShell, as opposed to r

2022-06-20 22:49   Vulnerability Summary for the Week of June 13, 2022    #Us-Cert #漏洞通告 Original release date: June 20, 2022 High VulnerabilitiesPrimaryVendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocitrix -- application_delivery_managementCorruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrato

By QianX.in