samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Canadian Centre for Cyber Security Releases Advisory on New Ransomware Campaign

Original release date: September 25, 2019The Canadian Centre for Cyber Security (CCCS) has released an advisory on a new ransomware campaign. The malware, named TFlower, may infect users via exposed, unpatched Remote Desktop Protocol (RDP)...
Auteur: US Cert

Adobe Releases Security Updates for ColdFusion

Original release date: September 25, 2019Adobe has released security updates to address vulnerabilities in ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

VMware Releases Security Updates

Original release date: September 25, 2019VMware has released security updates to address vulnerabilities in Cloud Foundation and Harbor Container Registry for Pivotal Cloud Foundry. An attacker could exploit some of these vulnerabilities to take...
Auteur: US Cert

Microsoft Releases Out-of-Band Security Updates

Original release date: September 23, 2019Microsoft has released out-of-band security updates to address vulnerabilities in Microsoft software. A remote attacker could exploit of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

VMware Releases Security Updates for Multiple Products

Original release date: September 20, 2019VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

CISA Releases Four New Insights Products

Original release date: September 20, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released four new CISA Insights products informed by U.S. intelligence and real-world events. Each of the following products provides a...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: September 19, 2019Google has released Chrome 77.0.3865.90 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

VMware Releases Security Updates for Multiple Products

Original release date: September 17, 2019VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

2019 CWE Top 25 Most Dangerous Software Errors

Original release date: September 17, 2019MITRE has released the 2019 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors list. The Top 25 is a compilation of the most frequent and critical errors that can lead to serious...
Auteur: US Cert

Intel Releases Security Updates

Original release date: September 10, 2019Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit one of these vulnerabilities to gain an escalation of privileges on a previously infected...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: September 10, 2019Google has released Chrome version 77.0.3865.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. The...
Auteur: US Cert

MS-ISAC Releases Security Event Primer on Malware

Original release date: September 10, 2019The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released a Security Event Primer on Malware. The white paper outlines general malware operations and includes common malware event types...
Auteur: US Cert

Microsoft Releases September 2019 Security Updates

Original release date: September 10, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Adobe Releases Security Updates

Original release date: September 10, 2019Adobe has released security updates to address vulnerabilities affecting Flash Player and Application Manager. An attacker could exploit these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

North Korean Malicious Cyber Activity

Original release date: September 9, 2019The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have identified two Trojan malware variants—referred to as ELECTRICFISH and BADCALL—used by the...
Auteur: US Cert

FBI Safe Online Surfing Challenge

Original release date: September 9, 2019The Federal Bureau of Investigation (FBI) has launched the Safe Online Surfing (SOS) Challenge, encouraging educators to promote web literacy and safety for students during the 2019-20 school year. FBI...
Auteur: US Cert

U.S. Cyber Command Shares 11 New Malware Samples

Original release date: September 8, 2019U.S. Cyber Command has released 11 malware samples to the malware aggregation tool and repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators...
Auteur: US Cert

VU#672565: Exim servers that accept TLS connections are vulnerable to local and remote program execution with root privileges

Exim is an open source mail server or message transfer agent(MTA)that is used on Unix-like operating systems. Versions up to and including 4.92.1 of Exim incorrectly handle certain decoding operations during the intial TLS handshake. A local or...
Auteur: US Cert

Exim Releases Security Patches

Original release date: September 6, 2019Exim has released patches to address vulnerabilities affecting Exim 4.92.1 and prior versions. A remote attacker could exploit this vulnerability to take control of an affected email server. The...
Auteur: US Cert

Ransomware Protection Strategies

Original release date: September 6, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has observed an increase in ransomware attacks across the Nation. Helping organizations protect themselves from ransomware is a chief priority for...
Auteur: US Cert

WordPress Releases Security Update

Original release date: September 6, 2019WordPress 5.2.2 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. The Cybersecurity and...
Auteur: US Cert

MS-ISAC Releases Advisory on PHP Vulnerabilities

Original release date: September 5, 2019The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit some of these vulnerabilities to...
Auteur: US Cert

FBI Releases Article on Think Before You Post Campaign

Original release date: September 5, 2019The Federal Bureau of Investigation (FBI) has released an article on their Think Before You Post campaign, designed to educate students on the use of social media and how to avoid making poor choices when...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: September 5, 2019Cisco has released security updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Samba Releases Security Updates

Original release date: September 4, 2019The Samba Team has released security updates to address a vulnerability in all versions of Samba from 4.9.0 onward. An attacker could exploit this vulnerability to obtain sensitive information. The...
Auteur: US Cert
First567891011121314Last

Événements SSI