Sources
ECHO Network
- ChatGPT’s history bug may have also exposed payment info, says OpenAI 6 óra 41 perc
- Slackware: 2023-083-01: tar Security Update 7 óra 2 perc
- NA - CVE-2023-21028 - In parse_printerAttributes of ipphelper.c,... 7 óra 20 perc
- NA - CVE-2023-21027 - In serializePasspointConfiguration of... 7 óra 20 perc
- NA - CVE-2023-21026 - In updateInputChannel of... 7 óra 20 perc
- NA - CVE-2023-21025 - In ufdt_local_fixup_prop of ufdt_overlay.c,... 7 óra 20 perc
- NA - CVE-2023-21024 - In maybeFinish of FallbackHome.java, there is a... 7 óra 20 perc
- NA - CVE-2023-21022 - In BufferBlock of Suballocation.cpp, there is a... 7 óra 20 perc
- NA - CVE-2023-21021 - In isTargetSdkLessThanQOrPrivileged of... 7 óra 20 perc
- NA - CVE-2023-21020 - In registerSignalHandlers of main.c, there is a... 7 óra 20 perc
Linux security Advisories
- Fedora 38: gmailctl 2023-8c02aee138 7 óra 46 perc
- Slackware: 2023-083-01: tar Security Update 12 óra 23 perc
- SciLinux: SLSA-2023-1401-1 Important: thunderbird on SL7.x x86_64 14 óra 42 perc
- Debian LTS: DLA-3367-1: libdatetime-timezone-perl security update 19 óra 45 perc
- Debian LTS: DLA-3366-1: tzdata new timezone database 19 óra 48 perc
- Mageia 2023-0116: thunderbird security update 1 nap 2 óra
- Mageia 2023-0115: flatpak security update 1 nap 2 óra
- Mageia 2023-0114: libmicrohttpd security update 1 nap 2 óra
- Mageia 2023-0113: libtiff security update 1 nap 2 óra
- Mageia 2023-0112: python-owslib security update 1 nap 2 óra
NVD: all CVE
- CVE-2023-25676 7 óra 53 perc
- CVE-2023-25801 7 óra 53 perc
- CVE-2023-27579 7 óra 53 perc
- CVE-2023-28437 7 óra 53 perc
- CVE-2023-25658 7 óra 53 perc
- CVE-2023-25659 7 óra 53 perc
- CVE-2023-25660 7 óra 53 perc
- CVE-2023-25662 7 óra 53 perc
- CVE-2023-25663 7 óra 53 perc
- CVE-2023-25664 7 óra 53 perc
seclist.org
- Defense in depth -- the Microsoft way (part 84): (no) fun with %COMSPEC% 18 óra 51 perc
- Invitation to the World Cryptologic Competition 2023 3 nap 2 óra
- Insecure python cgi documentation and tutorials are vulnerable to XSS. 3 nap 2 óra
- Re: Microsoft PlayReady security research 3 nap 2 óra
- Re: Defense in depth -- the Microsoft way (part 83): instead to fix even their most stupid mistaskes, they spill barrels of snakeoil to cover them (or just leave them as-is) 3 nap 2 óra
- Re: Microsoft PlayReady security research 3 nap 21 óra
- Defense in depth -- the Microsoft way (part 83): instead to fix even their most stupid mistaskes, they spill barrels of snakeoil to cover them (or just leave them as-is) 1 hét 1 nap
- [CFP] Security BSides Ljubljana 0x7E7 | June 16, 2023 1 hét 1 nap
- Full Disclosure - Fastly 1 hét 6 nap
- Full Disclosure - Shopify Application 1 hét 6 nap
HUP - titkosítás, biztonság
- Pwn2Own 2. nap, eddig elesett: Oracle VirtualBox, Microsoft Teams, Tesla Infotainment System, Ubuntu Desktop ... 23 óra 29 perc
- Pwn2Own 1 nap, eddig elesett: Adobe Reader, SharePoint, Tesla Gateway, Ubuntu desktop, macOS, Windows 11 ... 1 nap 20 óra
- Ransomware támadás a Ferrari-nál 3 nap 20 óra
- Elhagyott pendrive-ot találsz a parkban és a következőt teszed ... 1 hét 3 nap
- Needle (CVE-2023-0179) exploit 3 hét 2 nap
- A LastPass szerint az egyik DevOps mérnökük ottoni számítógépén keresztül fértek hozzá a rendszerükhöz 3 hét 4 nap
- „Etikus hacker” is volt a zsarolóvírus-gyanúsítottak között, akiket a hollandok lekapcsoltak 3 hét 5 nap
- Csak a Twitter Blue előfizetőknek marad meg az SMS mint második faktor 1 hónap 3 nap
- Zsarolóvírus támadás engem/minket ... 1 hónap 2 hét
- Ma van az adatvédelem nemzetközi napja 1 hónap 3 hét
Kaspersky
- Understanding metrics to measure SOC effectiveness 1 nap 8 perc
- Developing an incident response playbook 2 nap 8 perc
- Bad magic: new APT found in the area of Russo-Ukrainian conflict 4 nap 8 perc
- Business on the dark web: deals and regulatory mechanisms 1 hét 2 nap
- Malvertising through search engines 2 hét 1 nap
- The state of stalkerware in 2022 2 hét 2 nap
- Threat landscape for industrial automation systems for H2 2022 2 hét 4 nap
- The mobile malware threat landscape in 2022 3 hét 4 nap
- Spam and phishing in 2022 1 hónap 1 hét
- IoC detection experiments with ChatGPT 1 hónap 1 hét
Ubuntu Secutity Notices
- USN-5971-1: Graphviz vulnerabilities 1 nap 5 óra
- USN-5970-1: Linux kernel vulnerabilities 1 nap 8 óra
- USN-5969-1: gif2apng vulnerabilities 1 nap 9 óra
- USN-5966-2: amanda regression 1 nap 17 óra
- USN-5966-1: amanda vulnerabilities 2 nap 1 óra
- USN-5942-2: Apache HTTP Server vulnerability 2 nap 14 óra
- USN-5968-1: GitPython vulnerability 2 nap 17 óra
- USN-5967-1: object-path vulnerabilities 3 nap 8 óra
- USN-5965-1: TigerVNC vulnerability 4 nap 6 óra
- USN-5904-2: SoX regression 4 nap 14 óra
SANS
- ISC Stormcast For Friday, March 24th, 2023 https://isc.sans.edu/podcastdetail.html?id=8424, (Fri, Mar 24th) 1 nap 6 óra
- Cropping and Redacting Images Safely, (Thu, Mar 23rd) 1 nap 15 óra
- ISC Stormcast For Thursday, March 23rd, 2023 https://isc.sans.edu/podcastdetail.html?id=8422, (Thu, Mar 23rd) 2 nap 6 óra
- Windows 11 Snipping Tool Privacy Bug: Inspecting PNG Files, (Wed, Mar 22nd) 2 nap 14 óra
- ISC Stormcast For Wednesday, March 22nd, 2023 https://isc.sans.edu/podcastdetail.html?id=8420, (Wed, Mar 22nd) 3 nap 6 óra
- String Obfuscation: Character Pair Reversal, (Tue, Mar 21st) 3 nap 15 óra
- ISC Stormcast For Tuesday, March 21st, 2023 https://isc.sans.edu/podcastdetail.html?id=8418, (Tue, Mar 21st) 4 nap 6 óra
- From Phishing Kit To Telegram... or Not!, (Mon, Mar 20th) 4 nap 12 óra
- ISC Stormcast For Monday, March 20th, 2023 https://isc.sans.edu/podcastdetail.html?id=8416, (Mon, Mar 20th) 5 nap 6 óra
- Old Backdoor, New Obfuscation, (Sat, Mar 18th) 6 nap 23 óra
AusCERT - Security Bulletins
- ESB-2023.1794 - [Appliance] ProPump and Controls Osprey Pump Controller: CVSS (Max): 9.8 1 nap 6 óra
- ESB-2023.1793 - [Appliance] ABB Pulsar Plus Controller: CVSS (Max): 6.3 1 nap 6 óra
- ESB-2023.1792 - [Appliance] Schneider Electric IGSS: CVSS (Max): 8.8 1 nap 6 óra
- ESB-2023.1791 - [Appliance] EY-modulo 5 Building Automation Stations: CVSS (Max): 8.8 1 nap 6 óra
- ESB-2023.1790 - [Ubuntu] Graphviz: CVSS (Max): 8.8 1 nap 6 óra
- ESB-2023.1789 - [Win][UNIX/Linux] Apache Tomcat: CVSS (Max): None 1 nap 6 óra
- ESB-2023.1788 - [Win][Linux] IBM Integration Bus: CVSS (Max): 7.5 1 nap 6 óra
- ESB-2023.1787 - [Appliance] RoboDK: CVSS (Max): 7.9 1 nap 6 óra
- ESB-2023.1786 - [Win][UNIX/Linux] Tenable.sc: CVSS (Max): 9.8 1 nap 6 óra
- ESB-2023.1785 - [Appliance] CP Plus KVMS Pro: CVSS (Max): 7.8 1 nap 6 óra
Talos Group- Cisco blog
- The Path to Unified SASE with Cisco SD-WAN and Cisco+ Secure Connect 1 nap 13 óra
- Training the skilled workforce of the future 1 nap 15 óra
- One Seamless, United Platform 1 nap 17 óra
- Cisco Storage Networking is 20 Years Young 1 nap 18 óra
- Keeping Your Apps and Data Available With HyperFlex 2 nap 11 óra
- Catalyst Wireless Enterprise Agreements now support Cisco DNA Essentials! 2 nap 17 óra
- Balancing Growth and Budget in 2023 2 nap 17 óra
- Sharing career opportunities and advice with the women of Bennett College 2 nap 19 óra
- Predictive Analytics in Oil and Gas – 3 Types 3 nap 12 óra
- Cisco Business Architectures and the Role of the Partner 3 nap 17 óra
US CERT: Current Activity
- CISA Releases Six Industrial Control Systems Advisories 1 nap 20 óra
- JCDC Cultivates Pre-Ransomware Notification Capability 1 nap 20 óra
- Cisco Releases Security Advisories for Multiple Products 1 nap 20 óra
- Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments 1 nap 20 óra
- CISA Releases Updated Cybersecurity Performance Goals 3 nap 20 óra
- CISA Releases Eight Industrial Control Systems Advisories 3 nap 20 óra
- CISA and NSA Release Enduring Security Framework Guidance on Identity and Access Management 3 nap 20 óra
- Drupal Releases Security Advisory to Address Vulnerability in Drupal Core 1 hét 20 óra
- CISA Releases Eight Industrial Control Systems Advisories 1 hét 1 nap
- FBI, CISA, and MS-ISAC Release #StopRansomware: LockBit 3.0 1 hét 1 nap
NVD: fully analised CVE
- CVE-2023-26496 (exynos_1080_firmware, exynos_980_firmware, exynos_auto_t5123_firmware, exynos_modem_5123_firmware, exynos_modem_5300_firmware) 2 nap 5 óra
- CVE-2023-26498 (exynos_1080_firmware, exynos_980_firmware, exynos_auto_t5123_firmware, exynos_modem_5123_firmware, exynos_modem_5300_firmware) 2 nap 6 óra
- CVE-2023-25859 (illustrator) 2 nap 14 óra
- CVE-2023-25860 (illustrator) 2 nap 14 óra
- CVE-2023-25861 (illustrator) 2 nap 14 óra
- CVE-2023-25862 (illustrator) 2 nap 14 óra
- CVE-2023-26358 (creative_cloud) 2 nap 14 óra
- CVE-2023-26426 (illustrator) 2 nap 14 óra
- CVE-2023-22259 (experience_manager, experience_manager_cloud_service) 2 nap 14 óra
- CVE-2023-22260 (experience_manager, experience_manager_cloud_service) 2 nap 14 óra
Cisco Security Advisories
- Cisco Access Point Software Association Request Denial of Service Vulnerability 2 nap 17 óra
- Cisco Access Point Software Denial of Service Vulnerability 2 nap 17 óra
- Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability 2 nap 17 óra
- Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability 2 nap 17 óra
- Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability 2 nap 17 óra
- Cisco IOS XE Software for Wireless LAN Controllers CAPWAP Join Denial of Service Vulnerability 2 nap 17 óra
- Cisco DNA Center Information Disclosure Vulnerability 2 nap 17 óra
- Cisco DNA Center Privilege Escalation Vulnerability 2 nap 17 óra
- Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability 2 nap 17 óra
- Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability 2 nap 17 óra
Drupal contrib security advisories
- Responsive media Image Formatter - Critical - Unsupported - SA-CONTRIB-2023-011 1 hét 2 nap
- Media Responsive Thumbnail - Moderately critical - Information disclosure - SA-CONTRIB-2023-010 1 hét 2 nap
- Gutenberg - Less critical - Denial of Service - SA-CONTRIB-2023-009 2 hét 2 nap
- Group control for forums - Critical - Access bypass - SA-CONTRIB-2023-008 3 hét 2 nap
- Thunder - Moderately critical - Access bypass - SA-CONTRIB-2023-007 3 hét 2 nap
- Better Social Sharing Buttons - Less critical - Cross Site Scripting - SA-CONTRIB-2023-006 3 hét 2 nap
- Apigee Edge - Moderately critical - Access bypass - SA-CONTRIB-2023-005 1 hónap 3 hét
- Media Library Form API Element - Moderately critical - Information Disclosure - SA-CONTRIB-2023-004 2 hónap 5 nap
- Media Library Block - Moderately critical - Information Disclosure - SA-CONTRIB-2023-003 2 hónap 5 nap
- Entity Browser - Moderately critical - Information Disclosure - SA-CONTRIB-2023-002 2 hónap 5 nap
Drupal core security advisories
- Drupal core - Moderately critical - Access bypass - SA-CORE-2023-004 1 hét 2 nap
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-003 1 hét 2 nap
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-002 1 hét 2 nap
- Drupal core - Moderately critical - Information Disclosure - SA-CORE-2023-001 2 hónap 5 nap
Arista Security Advisories
- Security Advisory 0083 3 hét 1 nap
- Security Advisory 0082 1 hónap 1 hét
- End of Sale / End of Life for Arista DMF Appliances: DCA-DM-SA, DCA-DM-SBL and DCA-DM-CB 1 hónap 1 hét
- End of Sale of the Arista DCS-7010T-48 Series 2 hónap 3 hét
- End of Sale of the Arista DCS-7280QR-C72 Series 2 hónap 3 hét
- End of Sale of Select Models of the Arista 7280CR Series 2 hónap 3 hét
Huawei Security Bulletin
- Security Advisory - Out-of-Bounds Write Vulnerability in a Huawei Sound Box Product 3 hét 3 nap
- Statement About the DoS Vulnerability in the E5573Cs-322 1 hónap 1 hét
- Security Advisory - Identity Authentication Bypass Vulnerability in The Huawei Children Smart Watch (Simba-AL00) 1 hónap 2 hét
- 安全通告 - 涉及华为全屋智能某软件的不正确的权限分配漏洞 1 hónap 3 hét
- 安全通告 - 涉及华为全屋智能某软件的不正确的权限分配漏洞 1 hónap 3 hét
- Security Advisory - Incorrect Privilege Assignment Vulnerability in Huawei Whole-Home Intelligence Software 1 hónap 3 hét
- Security Advisory - Incorrect Privilege Assignment Vulnerability in Huawei Whole-Home Intelligence Software 1 hónap 3 hét
- Security Advisory - Data Processing Error Vulnerability in a Huawei Band 2 hónap 6 nap
- Security Advisory - Misinterpretation of Input in a Huawei Printer Product 2 hónap 6 nap
- Security Advisory - System Command Injection Vulnerability in a Huawei Printer Product 2 hónap 6 nap
CERT/CC
- VU#782720: TCG TPM2.0 implementations vulnerable to memory corruption 3 hét 3 nap
- VU#572615: Vulnerabilities in TP-Link routers, WR710N-V1-151022 and Archer C5 V2 2 hónap 6 nap
- VU#986018: New Netcomm router models NF20MESH, NF20, and NL1902 vulnerabilities 2 hónap 6 nap
Microsoft Sercurity Response Center
- New MSRC Blog Site 1 hónap 2 hét
- BlueHat 2023: Connecting the security research community with Microsoft 1 hónap 2 hét
- Microsoft Investigation – Threat actor consent phishing campaign abusing the verified publisher process 1 hónap 3 hét
- Congratulations to the Top MSRC 2022 Q4 Security Researchers! 1 hónap 3 hét
- Microsoft resolves four SSRF vulnerabilities in Azure cloud services 2 hónap 6 nap
- Publishing CBL-Mariner CVEs on the Security Update Guide CVRF API 2 hónap 2 hét
- Security Update Guide Improvement – Representing Hotpatch Updates 2 hónap 3 hét
- [セキュリティ基本対策 5 か条] 第 2 条 アクション センターで PC のセキュリティやメンテナンス状況に問題がないかを確認する 4 év 6 hónap
- [セキュリティ基本対策 5 か条] 第 1 条 最新の状態で利用する 4 év 6 hónap
- セキュリティ更新プログラム リリース スケジュール (2018 年) 4 év 6 hónap
Adatbiztonság (Computerworld)
Cisco Security Alerts
Cisco Security Responses
ISC Knowledge Base
Juniper Security Advisories
Juniper signatures
Microsoft Security Bulletin
Microsoft Security Response Center Blog Alerts
Origo - biztonság -szoftverek
SecurityFocus
Sophos virus alerts
Symantec - threat
US CERT: Security Bulletins
US CERT: Technical Security Alerts
