I dispositivi di SonicWall vengono attaccati da malware che sopravvive anche dopo il riavvio

Secondo #Mandiant gli hacker cinesi stanno attaccando i dispositivi #SonicWall Secure Mobile Access (#SMA) vulnerabili e li stanno infettando con #malware che ruba le credenziali che può sopravvivere anche dopo un aggiornamento del #firmware.

I #ricercatori di Mandiant e il team SonicWall #PSIRT ritengono che dietro questi attacchi ci sia il gruppo di hacking cinese #UNC4540.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://www.redhotcyber.com/post/i-dispositivi-di-sonicwall-vengono-attaccati-da-malware-che-sopravvive-anche-dopo-il-riavvio/

Fortinet: un nuovo difetto critico su FortiOS e FortiProxy potrebbe fornire ai malintenzionati l’accesso remoto

Il 7 marzo 2023,# Fortinet ha rilasciato 15 nuovi avvisi #PSIRT relativi alle #vulnerabilità nei suoi prodotti.

Tra tutti gli avvisi, ce nè uno di severtity bassa, otto medi, cinque alti e uno con valutazione critica. Questi avvisi riguardano #FortiOS, FortiAnalyzer, FortiManager, FortiPortal, FortiSwitch, #FortiNAC, #FortiProxy, FortiRecorder, FortiSOAR e #FortiWeb.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://www.redhotcyber.com/post/fortinet-un-nuovo-difetto-critico-su-fortios-e-fortiproxy-potrebbe-fornire-ai-malintenzionati-laccesso-remoto/

That's a wrap - a great event in Kigali, Rwanda.

Min. Paula Ingabire (Minister of Information Communication Technology and Innovation) opened the FIRST, AfricaCERT and National Cyber Security Authority Rwanda symposium. 4 days of excellent content bringing together folks from 48 countries to collaborate, learn, build trust and discuss strategies to shape a secure internet for Africa.

#FIRSTdotOrg #collaboration #BuildingTrust #CSIRT #PSIRT #FIRSTAA23

The #CFP for the Balkan Cybersecurity Days 2023 Symposium is open! May 16-18 in Orhid, North Macedonia. Event overview and CFP guidelines available at https://www.first.org/events/colloquia/ohrid2023/cfp

@firstdotorg @DCAF_Geneva @MkdCirt @aecmk #collaboration #BuildingTrust #PSIRT #CSIRT

The #DNSAbuse #SIG has proudly published its Techniques Matrix and has offered an introduction to the document on the #FIRSTBlog. Check it out at: https://www.first.org/blog/20230228-DNS_Abuse_Techniques_Matrix

#FIRSTdotOrg #collaboration #BuildingTrust #PSIRT #CSIRT

The opening sessions at the FIRST & AfricaCERT Symposium in Kigali, co-hosted by @AfricaCERT and @National Cyber Security Authority Rwanda. 2 days of training followed by a plenary session on Thursday. FIRST doing what FIRST does best - working with great partners to make the internet safer. #FIRSTdotOrg #collaboration #BuildingTrust #PSIRT #CSIRT

This year's Incident Response Hall of Fame call for nominations closes on March 3rd. The IRHF recognizes visionaries, leaders, and luminaries who have significantly contributed to our industry. Find out more here https://t.co/mXC2TGtQw9.

#FIRSTdotOrg #collaboration #BuildingTrust #CSIRT #PSIRT #IRHoF

The latest PSIRT for #Cisco #ISE has been released. This announcement has 4 known vulnerabilities.

CVE-2022-20964: tcpdump Feature Command Injection Vulnerability

CVE-2022-20966: tcpdump Stored Cross-Site Scripting Vulnerability

CVE-2022-20967: External RADIUS Server Feature Stored Cross-Site Scripting Vulnerability

CVE-2022-20965: Access Bypass Vulnerability

All are only exploitable by a valid/authorized management GUI user.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-7Q4TNYUx

#CiscoISE #vulnerability #PSIRT

@da_667 @tinker @gaz @albinowax It's definitely not as easy as it sounds, said the #PSIRT guy

While I've got this in the copy buffer, here's an excellent article by my distinguished colleague Omar Santos regarding #CVE counting.

TL;DR: Might more CVEs mean more product security maturity? #PSIRT FTW!

https://medium.com/@santosomar/increased-cve-counts-a-positive-indicator-of-a-maturing-security-ecosystem-126e18ea8d90

@jeffers00n @bryanbrake Reports of #Keybase death are greatly exaggerated. There's still a very large incident response community using it for multiparty coordination, among other things. #PSIRT

@jerry @johnoauth One word: #federation ! There is not simply one monolithic Mastodon server (like Twitter). If your spidey sense 🦸 gets triggered by a particular admin or a particular server, it's just a jump to the left (#RockyHorror) to sign up for a different server.

Personally, I moved from the melting pot mastodon.social to infosec.exchange, and feel very, very comfortable here. But I'm a #PSIRT #infosec geek, so it makes sense.

P.S. @jerry rocks!

@cadey ... and evil vendors incident response fatigue (e.g. "Is 6pm EDT too late for breakfast?") #PSIRT

#introduction Hello Mastodon. I'm https://about.me/vipergeek
Feels like Twitter back in 2009. Kinda nice. #cybersecurity #infosec #psirt #cvss

@0xmrtn @jerry @DFIR_abrignoni There's still a strong #PSIRT community on #Keybase. Great for just-in-time, only-if-you-can-help collaboration.