Sicherheitshinweise

Hinweise zu Schwachstellen und Gefährdungen

Veröffentlichungen von Partnern und Behörden

Nachfolgend finden Sie Sicherheitshinweise von Partnern und Behörden zu Schwachstellen und Gefährdungen.

Die Hinweise enthalten Links zu externen Websites Dritter, auf deren Inhalte wir keinen Einfluss haben. Deshalb können wir für diese fremden Inhalte auch keine Gewähr übernehmen. Für die Inhalte der verlinkten Seiten ist stets der jeweilige Anbieter oder Betreiber der Seiten verantwortlich.

Cisco Systems - Security Advisory (in englisch)

  • Multiple Vulnerabilities in Cisco IOS XE Software Web UI Feature
    Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in IOS-XE. A fix has been identified and the build, test, and release process has been initiated. The first fixed software releases are estimated to post on Cisco Software Download Center on Sunday,... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-20
  • Cisco IOS XE Software Web UI Command Injection Vulnerability
    A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that can be executed as the root user. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to the... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-19
  • Cisco Catalyst SD-WAN Manager Local File Inclusion Vulnerability
    A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to retrieve arbitrary files from an affected system. This vulnerability is due to improper validation of parameters that are sent to the web UI. An attacker could exploit this vulnerability by logging in... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-18
  • HTTP/2 Rapid Reset Attack Affecting Cisco Products: October 2023
    On October 10, 2023, the following HTTP/2 protocol-level weakness, which enables a novel distributed denial of service (DDoS) attack technique, was disclosed: CVE-2023-44487: HTTP/2 Rapid Reset For a description of this vulnerability, see the following publications: How it works: The novel HTTP/2 ‘Rapid Reset’ DDoS attack (Google) HTTP/2 Zero-Day vulnerability results... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-16
  • Cisco IOS XE Software Web UI Privilege Escalation Vulnerability
    Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access.... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-16
  • Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability
    A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to bypass command authorization and copy files to or from the file system of an affected device using the Secure Copy Protocol (SCP). This vulnerability... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-13
  • cURL and libcurl Vulnerability Affecting Cisco Products: October 2023
    On October 11, 2023, cURL released Version 8.4.0 of the cURL utility and the libcurl library. This release addressed two security vulnerabilities:  CVE-2023-38545 – High Security Impact Rating (SIR) CVE-2023-38546 – Low SIR This advisory covers CVE-2023-38545 only. For more information about CVE-2023-38545, see the cURL advisory. This advisory is... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-12
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Unauthorized Access Vulnerability
    A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-11
  • Cisco Catalyst SD-WAN Manager Vulnerabilities
    Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an attacker to access an affected instance or cause a denial of service (DoS) condition on an affected system. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-06
  • ConfD CLI Secure Shell Server Privilege Escalation Vulnerability
    A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on the affected device. The vulnerability exists because the affected... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-04
  • Cisco Network Services Orchestrator CLI Secure Shell Server Privilege Escalation Vulnerability
    A vulnerability in Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which Cisco NSO is running, which is root by default. To exploit this vulnerability, an attacker must have a valid account on an affected device.... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-04
  • Cisco Emergency Responder Static Credentials Vulnerability
    A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted. This vulnerability is due to the presence of static user credentials for the root account that... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-04
  • Cisco IOx Application Hosting Environment Privilege Escalation Vulnerability
    A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user. This vulnerability exists because Docker containers with the privileged runtime option are not... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-04
  • Multiple Cisco Unified Communications Products Unauthenticated API High CPU Utilization Denial of Service Vulnerability
    A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is not used for device management and is unlikely to... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-10-04
  • Reports about Cyber Actors Hiding in Router Firmware
    On September 27, 2023, the U.S. National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japan National Police Agency (NPA), and the Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released a joint cybersecurity advisory (CSA)... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-09-28
  • Cisco IOS XE Software for Catalyst 3650 and Catalyst 3850 Series Switches Denial of Service Vulnerability
    A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper resource management when processing traffic that... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-09-28
  • Cisco IOS and IOS XE Software Cisco Group Encrypted Transport VPN Software Out-of-Bounds Write Vulnerability
    A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-09-28
  • Cisco Wireless LAN Controller AireOS Software Denial of Service Vulnerability
    A vulnerability in the memory buffer of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause memory leaks that could eventually lead to a device reboot. This vulnerability is due to memory leaks caused by multiple clients connecting under specific conditions. An attacker could... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-09-28
  • Cisco IOS XE Software Application Quality of Experience and Unified Threat Defense Denial of Service Vulnerability
    A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the mishandling of a crafted... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-09-28
  • Cisco Catalyst SD-WAN Manager Web UI HTML Injection Vulnerability
    A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to inject HTML content. This vulnerability is due to improper validation of user-supplied data in element fields. An attacker could exploit this vulnerability by submitting malicious content within... more
    Source: Security - Cisco Security Advisory - PSIRT Published on: 2023-09-28

Bundesamt für Sicherheit in der Informationstechnik - CERT Bund

  • CB-K22/0321 Update 33
    OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um einen Denial of Service Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0552 Update 4
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0407 Update 23
    Das gzip-Paket ist ein GNU Kompressionsprogramm. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in gzip ausnutzen, um Dateien zu manipulieren.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0411 Update 3
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0626 Update 8
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K21/0849 Update 35
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0361 Update 22
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen und vertrauliche Informationen offenzulegen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0386 Update 26
    Die zlib ist eine freie Programmbibliothek zum Komprimieren und Dekomprimieren von Daten. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in zlib ausnutzen, um beliebigen Programmcode auszuführen oder einen Denial of Service Zustand herbeizuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0311 Update 5
    QEMU ist eine freie Virtualisierungssoftware, die die gesamte Hardware eines Computers emuliert. Ein lokaler Angreifer kann mehrere Schwachstellen in QEMU ausnutzen, um Informationen offenzulegen oder sonstige Auswirkungen zu verursachen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0526 Update 2
    QEMU ist eine freie Virtualisierungssoftware, die die gesamte Hardware eines Computers emuliert. Ein lokaler Angreifer kann mehrere Schwachstelle in QEMU ausnutzen, um einen Denial of Service Angriff durchzuführen und beliebigen Code auszuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0570 Update 6
    cURL ist eine Client-Software, die das Austauschen von Dateien mittels mehrerer Protokolle wie z. B. HTTP oder FTP erlaubt. Ein Angreifer kann mehrere Schwachstellen in cURL ausnutzen, um Informationen offenzulegen, Sicherheitsvorkehrungen zu umgehen, Dateien zu löschen oder einen Denial of Service zu verursachen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0048 Update 8
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K21/1198 Update 7
    Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0397 Update 9
    Xen ist ein Virtueller-Maschinen-Monitor (VMM), der Hardware (x86, IA-64, PowerPC) für die darauf laufenden Systeme (Domains) paravirtualisiert. Ein lokaler Angreifer kann eine Schwachstelle in Xen ausnutzen, um einen Denial of Service zu verursachen und potentiell seine Privilegien zu erhöhen oder Informationen offenzulegen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0623 Update 2
    Das "Gnu Image Manipulation Program" ist eine Open Source Software zum Bearbeiten von Bildern. Es ist auch Bestandteil vieler Linux Distributionen. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in GIMP ausnutzen, um einen Denial of Service Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0404 Update 11
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen oder einen Denial of Service zu verursachen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0641 Update 5
    Der Kernel stellt den Kern des Linux Betriebssystems dar. Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0201 Update 6
    PHP ist eine Programmiersprache, die zur Implementierung von Web-Applikationen genutzt wird. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in PHP ausnutzen, um einen Denial of Service Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0656 Update 2
    logrotate ist ein Werkzeug um Log-Dateien zu verwalten. Ein entfernter, anonymer Angreifer kann eine Schwachstelle in logrotate ausnutzen, um einen Denial of Service Angriff durchzuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022
  • CB-K22/0642 Update 8
    Firefox ist ein Open Source Web Browser. ESR ist die Variante mit verlängertem Support. Thunderbird ist ein Open Source E-Mail Client. Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Programmcode auszuführen.... mehr
    Quelle: Security - BSI-D Alerts CERT -Bund Veröffentlicht am: 14.06.2022

US Department of Homeland Security - Alerts (in englisch)

  • 2023 Top Routinely Exploited Vulnerabilities
    Summary The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (hereafter collectively referred to as the authoring agencies): United States: The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and National Security Agency (NSA) Australia: Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) Canada: Canadian Centre... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-11-08
  • Microsoft Releases October 2024 Security Updates
    Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary updates: Microsoft Security Update Guide for October... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-10-08
  • Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
    Summary The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Communications Security Establishment Canada (CSE), the Australian Federal Police (AFP), and Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) are releasing this joint Cybersecurity Advisory to warn network defenders... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-09-30
  • CISA Adds One Known Exploited Vulnerability to Catalog
    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963 Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD)... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-09-19
  • Russian Military Cyber Actors Target US and Global Critical Infrastructure
    Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-09-04
  • #StopRansomware: RansomHub Ransomware
    Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-08-29
  • Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations
    Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense Cyber Crime Center (DC3) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders that, as of August 2024, a group of Iran-based cyber actors continues to exploit U.S. and foreign... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-08-23
  • Best Practices for Event Logging and Threat Detection
    Executive Summary This publication defines a baseline for event logging best practices to mitigate cyber threats. It was developed by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) in cooperation with the following international partners:  United States (US) Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-08-20
  • CISA Adds Six Known Exploited Vulnerabilities to Catalog
    CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-38189 Microsoft Project Remote Code Execution Vulnerability CVE-2024-38178 Microsoft Windows Scripting Engine Memory Corruption Vulnerability CVE-2024-38213 Microsoft Windows SmartScreen Security Feature Bypass Vulnerability CVE-2024-38193 Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability CVE-2024-38106 Microsoft Windows Kernel... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-08-12
  • North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
    Summary The U.S. Federal Bureau of Investigation (FBI) and the following authoring partners are releasing this Cybersecurity Advisory to highlight cyber espionage activity associated with the Democratic People’s Republic of Korea (DPRK)’s Reconnaissance General Bureau (RGB) 3rd Bureau based in Pyongyang and Sinuiju: U.S. Cyber National Mission Force (CNMF) U.S.... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-07-24
  • CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth
    EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch (FCEB) organization. During SILENTSHIELD assessments, the red team first performs a no-notice, long-term simulation of nation-state cyber operations. The team mimics the techniques, tradecraft, and behaviors... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-07-09
  • People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action
    Overview Background This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Canadian... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-07-08
  • #StopRansomware: Black Basta
    SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-05-10
  • Delta Electronics CNCSoft-G2 DOPSoft
    View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: CNCSoft-G2 DOPSoft Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Delta Electronics... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-04-30
  • #StopRansomware: Akira Ransomware
    SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-04-17
  • #StopRansomware: Phobos Ransomware
    SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-02-26
  • SVR Cyber Actors Adapt Tactics for Initial Cloud Access
    How SVR-Attributed Actors are Adapting to the Move of Government and Corporations to Cloud Infrastructure OVERVIEW This advisory details recent tactics, techniques, and procedures (TTPs) of the group commonly known as APT29, also known as Midnight Blizzard, the Dukes, or Cozy Bear. The UK National Cyber Security Centre (NCSC) and... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-02-23
  • Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
    SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the following partners (hereafter referred to as the authoring organizations) are releasing this joint Cybersecurity Advisory to warn that cyber threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways. CISA and authoring organizations appreciate... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-02-21
  • Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization
    SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) conducted an incident response assessment of a state government organization’s network environment after documents containing host and user information, including metadata, were posted on a dark web brokerage site. Analysis confirmed that an... more
    Source: Security - CISA-USA - Security Alerts Published on: 2024-02-14

Sie sind nicht sicher bei der
Bewertung der Security-Alerts?

Tips zur Erhöhung der IT-Sicherheit

Hilfreiche Tipps zu häufigen Sicherheitsproblemen für nichttechnische Computerbenutzer vom US Department of Homeland Security (in englisch)

Gerne beraten wir Sie zur Sicherheit Ihrer Kommunikationssysteme

Nutzen Sie unser Quick Formular, rufen Sie uns an oder schreiben uns eine ausführliche Kontaktanfrage.

    * Erforderliche Angaben


    Hiermit willige ich in die Verarbeitung meiner personenbezogenen Daten ein.*