#sysaid — Public Fediverse posts

CVE Alert: CVE-2025-2776 - SysAid - SysAid On-Prem - https://www.redpacketsecurity.com/cve-alert-cve-2025-2776-sysaid-sysaid-on-prem/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-2776 #sysaid #sysaid-on-prem

CVE Alert: CVE-2025-2775 - SysAid - SysAid On-Prem - https://www.redpacketsecurity.com/cve-alert-cve-2025-2775-sysaid-sysaid-on-prem/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-2775 #sysaid #sysaid-on-prem

CVE Alert: CVE-2025-2776 - SysAid - SysAid On-Prem - https://www.redpacketsecurity.com/cve-alert-cve-2025-2776-sysaid-sysaid-on-prem/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-2776 #sysaid #sysaid-on-prem

CVE Alert: CVE-2025-2775 - SysAid - SysAid On-Prem - https://www.redpacketsecurity.com/cve-alert-cve-2025-2775-sysaid-sysaid-on-prem/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-2775 #sysaid #sysaid-on-prem

CVE Alert: CVE-2025-2776 - SysAid - SysAid On-Prem - https://www.redpacketsecurity.com/cve-alert-cve-2025-2776-sysaid-sysaid-on-prem/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-2776 #sysaid #sysaid-on-prem

CVE Alert: CVE-2025-2775 - SysAid - SysAid On-Prem - https://www.redpacketsecurity.com/cve-alert-cve-2025-2775-sysaid-sysaid-on-prem/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-2775 #sysaid #sysaid-on-prem

CVE Alert: CVE-2025-2776 - SysAid - SysAid On-Prem - https://www.redpacketsecurity.com/cve-alert-cve-2025-2776-sysaid-sysaid-on-prem/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-2776 #sysaid #sysaid-on-prem

CVE Alert: CVE-2025-2775 - SysAid - SysAid On-Prem - https://www.redpacketsecurity.com/cve-alert-cve-2025-2775-sysaid-sysaid-on-prem/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-2775 #sysaid #sysaid-on-prem

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com https://ciso2ciso.com/u-s-cisa-adds-crushftp-google-chromium-and-sysaid-flaws-to-its-known-exploited-vulnerabilities-catalog-source-securityaffairs-com/ #KnownExploitedVulnerabilitiesCatalog #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #sysaid

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com https://ciso2ciso.com/u-s-cisa-adds-crushftp-google-chromium-and-sysaid-flaws-to-its-known-exploited-vulnerabilities-catalog-source-securityaffairs-com/ #KnownExploitedVulnerabilitiesCatalog #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #sysaid

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com https://ciso2ciso.com/u-s-cisa-adds-crushftp-google-chromium-and-sysaid-flaws-to-its-known-exploited-vulnerabilities-catalog-source-securityaffairs-com/ #KnownExploitedVulnerabilitiesCatalog #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #sysaid

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com https://ciso2ciso.com/u-s-cisa-adds-crushftp-google-chromium-and-sysaid-flaws-to-its-known-exploited-vulnerabilities-catalog-source-securityaffairs-com/ #KnownExploitedVulnerabilitiesCatalog #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #sysaid

CISA Warns of SysAid Vulnerability Exploitation https://www.securityweek.com/cisa-warns-of-sysaid-vulnerability-exploitation/ #Vulnerabilities #exploited #CISAKEV #SysAid

CISA Warns of SysAid Vulnerability Exploitation https://www.securityweek.com/cisa-warns-of-sysaid-vulnerability-exploitation/ #Vulnerabilities #exploited #CISAKEV #SysAid

CISA Warns of SysAid Vulnerability Exploitation https://www.securityweek.com/cisa-warns-of-sysaid-vulnerability-exploitation/ #Vulnerabilities #exploited #CISAKEV #SysAid

CISA Warns of SysAid Vulnerability Exploitation https://www.securityweek.com/cisa-warns-of-sysaid-vulnerability-exploitation/ #Vulnerabilities #exploited #CISAKEV #SysAid

Critical vulnerabilities discovered in SysAid's on-premise IT support software

💥 Vulnerability: XML External Entity (XXE) injections that can lead to RCE

⚠️ Impact: Retrieval of sensitive files, full admin access, and arbitrary code execution, risking data breaches and system compromises.

🔍 CVEs: CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778

🔧 Remediation: Update to SysAid version 24.4.60 b16

#cybersecurity #SysAid #vulnerabilitymanagement

https://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html

Critical vulnerabilities discovered in SysAid's on-premise IT support software

💥 Vulnerability: XML External Entity (XXE) injections that can lead to RCE

⚠️ Impact: Retrieval of sensitive files, full admin access, and arbitrary code execution, risking data breaches and system compromises.

🔍 CVEs: CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778

🔧 Remediation: Update to SysAid version 24.4.60 b16

#cybersecurity #SysAid #vulnerabilitymanagement

https://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html

Critical vulnerabilities discoverd in SysAid's on-premise IT support software

💥 Vulnerability: XML External Entity (XXE) injections that can lead to RCE

⚠️ Impact: Retrieval of sensitive files, full admin access, and arbitrary code execution, risking data breaches and system compromises.

🔍 CVEs: CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778

🔧 Remediation: Update to SysAid version 24.4.60 b16

#cybersecurity #SysAid #vulnerabilitymanagement

https://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html

Critical vulnerabilities discovered in SysAid's on-premise IT support software

💥 Vulnerability: XML External Entity (XXE) injections that can lead to RCE

⚠️ Impact: Retrieval of sensitive files, full admin access, and arbitrary code execution, risking data breaches and system compromises.

🔍 CVEs: CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778

🔧 Remediation: Update to SysAid version 24.4.60 b16

#cybersecurity #SysAid #vulnerabilitymanagement

https://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html

#BSI WID-SEC-2025-0981: [NEU] [hoch] ##SysAid #Technologies #Ltd SysAid: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SysAid Technologies Ltd SysAid ausnutzen, um Informationen offenzulegen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0981

#BSI WID-SEC-2025-0981: [NEU] [hoch] ##SysAid #Technologies #Ltd SysAid: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SysAid Technologies Ltd SysAid ausnutzen, um Informationen offenzulegen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0981

Dozens of SysAid Instances Vulnerable to Remote Hacking https://www.securityweek.com/dozens-of-sysaid-instances-vulnerable-to-remote-hacking/ #Vulnerabilities #vulnerability #SysAid #PoC

Dozens of SysAid Instances Vulnerable to Remote Hacking https://www.securityweek.com/dozens-of-sysaid-instances-vulnerable-to-remote-hacking/ #Vulnerabilities #vulnerability #SysAid #PoC

Dozens of SysAid Instances Vulnerable to Remote Hacking https://www.securityweek.com/dozens-of-sysaid-instances-vulnerable-to-remote-hacking/ #Vulnerabilities #vulnerability #SysAid #PoC

Dozens of SysAid Instances Vulnerable to Remote Hacking https://www.securityweek.com/dozens-of-sysaid-instances-vulnerable-to-remote-hacking/ #Vulnerabilities #vulnerability #SysAid #PoC

Dozens of SysAid Instances Vulnerable to Remote Hacking https://www.securityweek.com/dozens-of-sysaid-instances-vulnerable-to-remote-hacking/ #Vulnerabilities #vulnerability #SysAid #PoC

Dozens of SysAid Instances Vulnerable to Remote Hacking https://www.securityweek.com/dozens-of-sysaid-instances-vulnerable-to-remote-hacking/ #Vulnerabilities #vulnerability #SysAid #PoC

Dozens of SysAid Instances Vulnerable to Remote Hacking https://www.securityweek.com/dozens-of-sysaid-instances-vulnerable-to-remote-hacking/ #Vulnerabilities #vulnerability #SysAid #PoC

Dozens of SysAid Instances Vulnerable to Remote Hacking https://www.securityweek.com/dozens-of-sysaid-instances-vulnerable-to-remote-hacking/ #Vulnerabilities #vulnerability #SysAid #PoC

SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version – Source:thehackernews.com https://ciso2ciso.com/sysaid-patches-4-critical-flaws-enabling-pre-auth-rce-in-on-premise-version-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #sysaid

SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version – Source:thehackernews.com https://ciso2ciso.com/sysaid-patches-4-critical-flaws-enabling-pre-auth-rce-in-on-premise-version-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #sysaid

SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version – Source:thehackernews.com https://ciso2ciso.com/sysaid-patches-4-critical-flaws-enabling-pre-auth-rce-in-on-premise-version-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #sysaid

SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version – Source:thehackernews.com https://ciso2ciso.com/sysaid-patches-4-critical-flaws-enabling-pre-auth-rce-in-on-premise-version-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #sysaid

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! https://www.helpnetsecurity.com/2025/05/07/poc-exploit-for-sysaid-pre-auth-rce-released-upgrade-quickly/ #vulnerability #enterprise #Don'tmiss #WatchTowr #Hotstuff #SysAid #News #ITSM #SMBs #PoC

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! https://www.helpnetsecurity.com/2025/05/07/poc-exploit-for-sysaid-pre-auth-rce-released-upgrade-quickly/ #vulnerability #enterprise #Don'tmiss #WatchTowr #Hotstuff #SysAid #News #ITSM #SMBs #PoC

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! https://www.helpnetsecurity.com/2025/05/07/poc-exploit-for-sysaid-pre-auth-rce-released-upgrade-quickly/ #vulnerability #enterprise #Don'tmiss #WatchTowr #Hotstuff #SysAid #News #ITSM #SMBs #PoC

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! https://www.helpnetsecurity.com/2025/05/07/poc-exploit-for-sysaid-pre-auth-rce-released-upgrade-quickly/ #vulnerability #enterprise #Don'tmiss #WatchTowr #Hotstuff #SysAid #News #ITSM #SMBs #PoC

Microsoft and SysAid Find Clop Malware Vulnerability – Source: www.techrepublic.com https://ciso2ciso.com/microsoft-and-sysaid-find-clop-malware-vulnerability-source-www-techrepublic-com/ #microsoftthreatintelligence #rssfeedpostgeneratorecho #SecurityonTechRepublic #SecurityTechRepublic #CyberSecurityNews #ZeroDayAttacks #Cybersecurity #ransomware #Microsoft #Security #profero #sysaid

Microsoft and SysAid Find Clop Malware Vulnerability – Source: www.techrepublic.com https://ciso2ciso.com/microsoft-and-sysaid-find-clop-malware-vulnerability-source-www-techrepublic-com/ #microsoftthreatintelligence #rssfeedpostgeneratorecho #SecurityonTechRepublic #SecurityTechRepublic #CyberSecurityNews #ZeroDayAttacks #Cybersecurity #ransomware #Microsoft #Security #profero #sysaid

SysAid Vulnerability actively exploited in-the-wild

Researchers at CERT Yoroi, a team of security experts, have published an analysis of a series of zero-day cyber-attacks on SysAid Technologies.

Pulse ID: 654ea9fc68d94f7736031bf3
Pulse Link: https://otx.alienvault.com/pulse/654ea9fc68d94f7736031bf3
Pulse Author: AlienVault
Created: 2023-11-10 22:08:59

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#OTX #OpenThreatExchange #InfoSec #bot #CyberSecurity #zero-day #Vulnerability #SysAid #AlienVault

Details techniques & IoCs pour la vulnérabilité dans le logiciel de gestion On-prem SysAid CVE-2023-47246 dans ce récit de prise en charge d'incident de sécurité
👇
https://profero.io/posts/sysaidonpremvulnerability/

------------
if sophos 😱 🏃‍♂️ 💨
👇
foreach($s in tasklist) {
if ($s -match '^(Sophos).*\.exe\s') {echo $s; $bp++;}
}
if ($bp) { echo "`nSTOP-PROCs FOUND! Exiting`n" }
------------

#Cyberveille #SysAid

Details techniques & IoCs pour la vulnérabilité dans le logiciel de gestion On-prem SysAid CVE-2023-47246 dans ce récit de prise en charge d'incident de sécurité
👇
https://profero.io/posts/sysaidonpremvulnerability/

------------
if sophos 😱 🏃‍♂️ 💨
👇
foreach($s in tasklist) {
if ($s -match '^(Sophos).*\.exe\s') {echo $s; $bp++;}
}
if ($bp) { echo "`nSTOP-PROCs FOUND! Exiting`n" }
------------

#Cyberveille #SysAid

Details techniques & IoCs pour la vulnérabilité dans le logiciel de gestion On-prem SysAid CVE-2023-47246 dans ce récit de prise en charge d'incident de sécurité
👇
https://profero.io/posts/sysaidonpremvulnerability/

------------
if sophos 😱 🏃‍♂️ 💨
👇
foreach($s in tasklist) {
if ($s -match '^(Sophos).*\.exe\s') {echo $s; $bp++;}
}
if ($bp) { echo "`nSTOP-PROCs FOUND! Exiting`n" }
------------

#Cyberveille #SysAid

The write up for our observations and a bit about the POCs the @huntress team got working for the #SysAid #0day used by #clop #cl0p

Awesome work by @JohnHammond Matt Kiely and others

#dfir

https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

The write up for our observations and a bit about the POCs the @huntress team got working for the #SysAid #0day used by #clop #cl0p

Awesome work by @JohnHammond Matt Kiely and others

#dfir

https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

The write up for our observations and a bit about the POCs the @huntress team got working for the #SysAid #0day used by #clop #cl0p

Awesome work by @JohnHammond Matt Kiely and others

#dfir

https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

The write up for our observations and a bit about the POCs the @huntress team got working for the #SysAid #0day used by #clop #cl0p

Awesome work by @JohnHammond Matt Kiely and others

#dfir

https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246

The write up for our observations and a bit about the POCs the @huntress team got working for the #SysAid #0day used by #clop #cl0p

Awesome work by @JohnHammond Matt Kiely and others

#dfir

https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246