CyberSecurity Osservatorio

NEWS

I consigli di AgID per uno smart working sicuro

07/04/2020 11:48:28

11 raccomandazioni a cura del Cert-PA di AgID per aiutare i dipendenti pubblici a utilizzare in maniera sicura pc, tablet e smartphone personali quando lavorano da casa

Undici semplici raccomandazioni rivolte ai dipendenti pubblici che hanno adottato la modalità di lavoro agile...

Read More
Truffe su Whatsapp: non aprite il file CoronaVirusSafetyMeasures

25/03/2020 10:45:49

In tempi di virus non si ferma l’attività criminale di phishing, che anzi si avvale dell’allarme per trarre in inganno e truffare sprovveduti navigatori che abboccano all’amo. La Polizia Postale sta avvertendo la rete di non aprire per nessun motivo il file CoronaVirusSafetyMeasures.pdf. Si...

Read More
Solidarietà digitale anche nella Cybersecurity

23/03/2020 13:24:29

Solidarietà digitale è l’iniziativa del Ministro per l’Innovazione tecnologica e la Digitalizzazione, con supporto tecnico dell’Agenzia per l’Italia Digitale, per ridurre l’impatto sociale ed economico del Coronavirus grazie a soluzioni e servizi innovativi.

Tanti i servizi messi...

Read More
Attenti al malware "Coronavirus" : l'email (falsa) dell'Oms nasconde una cybertruffa

09/03/2020 16:04:42

Tratto da Repubblica

Quasi mille mail al giorno si riversano nelle caselle degli italiani con malware...

Read More

There are no events to display

Spam email detection

This service analyses sets of email file in .eml format to identify the unsolicited ones (SPAM). Moreover, the service...

Vulnerability report

This service offers the possibility of searching public domain information related to known security hardware and...

Tweets analysis

This service shows statistics related to Tweets related to Cyber-Security, allowing to search them by keywords such as...

GDPR tools

The service offers a survey to check the compliance of an organization with the GDPR (General Data Protection...

	Published	Description
CVE-2020-7648	29-05-2020 22:15:00	All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. `#package.json`
CVE-2020-6937	29-05-2020 22:15:00	A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.
CVE-2020-11844	29-05-2020 22:15:00	There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.
CVE-2020-8482	29-05-2020 22:15:00	Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data
CVE-2020-7654	29-05-2020 22:15:00	All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.

Date	Title	Platform	Author
29-05-2020	WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)	php	UnD3sc0n0c1d0
29-05-2020	Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass	multiple	Halis Duraki
28-05-2020	Online-Exam-System 2015 - 'fid' SQL Injection	php	Berk Dusunur
28-05-2020	EyouCMS 1.4.6 - Persistent Cross-Site Scripting	php	China Banking and Insurance Information Technology Management Co.
28-05-2020	NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection	multiple	Berk Dusunur

Published	Title	URL
05-05-2020	Aggiornamento di sicurezza Android (maggio 2020)	CERT LINK
04-05-2020	Grave vulnerabilità in Cisco IOS XE SD-WAN Software	CERT LINK
04-05-2020	Risolte sette vulnerabilità in WordPress 5.4.1	CERT LINK
30-04-2020	Aggiornamenti di sicurezza critici per Adobe Bridge, Illustrator e Magento	CERT LINK
30-04-2020	Grave vulnerabilità di tipo XSS in VMware ESXi	CERT LINK