Buongiorno, la questione è stata portata alla mia attenzione da un recente intervento di Antonio [1] in lista, che ringrazio.
Executive summary: il 5 Marzo BSI ha emanato un comunicato stampa (e una relazione PDF in DE) perché ha trovato via Shodan [2] che decine di migliaia (17K secondo i ben informati) di server MS Excange non sono ancora stati aggiornati con aggiornamenti di sicurezza critici. Sarà mica una novità? Sapete quante notizie o ricerche si possono confezionare grazie a Shodan in merito a quanti dispositivi server, router e "IoT" connessi a internet sono vulnerabili a qualche "attacco NON zero-day" (di cui è disponibile la "patch")? Beh se non lo sapevate, *sapetelo*: https://duckduckgo.com/?q=shodan+discovered+vulnerable+devices&ia=web «Critical vulnerabilities in Exchange servers» https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Server/Microsoft-Exchange_Schwachstelle/schwachstelle_exchange_server_node.html --8<---------------cut here---------------start------------->8--- According to the IT service provider Shodan, tens of thousands of Exchange servers in Germany were vulnerable to attack via the Internet and are very likely already infected with malware. This situation affects companies and organisations of all sizes. The BSI recommends installing the security updates provided by Microsoft without delay. Vulnerable Exchange systems should be checked for relevant anomalies as a matter of urgency due to the high risk of attack. You will find a BSI cyber security warning containing information and measures for dealing with these vulnerabilitie: [Microsoft Exchange Schwachstellen Detektion und Reaktion]. The relevant information is continually updated on the BSI website. [Microsoft Exchange Schwachstellen Detektion und Reaktion] </SharedDocs/Downloads/DE/BSI/Cyber-Sicherheit/Vorfaelle/Exchange-Schwachstellen-2021/MSExchange_Schwachstelle_Detektion_Reaktion.pdf?__blob=publicationFile&v=6> Additional information: ─────────────────────── [Press releases from the BSI - 5. März 2021] [Recording of the BSI-Livestream "Informationen und Hilfestellungen" - 11. März 2021 on YouTube] [Further information and links, including external support services] [Press releases from the BSI - 5. März 2021] <file:DE/Service-Navi/Presse/Pressemitteilungen/Presse2021/210305_Exchange-Schwachstelle.html?nn=1010128> [Recording of the BSI-Livestream "Informationen und Hilfestellungen" - 11. März 2021 on YouTube] <https://youtu.be/QcqRRc-VoB0> [Further information and links, including external support services] <file:DE/IT-Sicherheitsvorfall/Unternehmen/unternehmen_node.html> --8<---------------cut here---------------end--------------->8--- Loving, 380° [1] https://server-nexa.polito.it/pipermail/nexa/2024-April/052462.html [2] https://www.shodan.io/ «Shodan is the world's first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions.» see also: https://en.wikipedia.org/wiki/Shodan_(website) -- 380° (Giovanni Biscuolo public alter ego) «Noi, incompetenti come siamo, non abbiamo alcun titolo per suggerire alcunché» Disinformation flourishes because many people care deeply about injustice but very few check the facts. Ask me about <https://stallmansupport.org>.
signature.asc
Description: PGP signature
_______________________________________________ nexa mailing list nexa@server-nexa.polito.it https://server-nexa.polito.it/cgi-bin/mailman/listinfo/nexa
