Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Releases Security Updates for Chrome

Original release date: July 31, 2019Google has released Chrome version 76.0.3809.87 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. The...
Auteur: US Cert

CISA Releases Advisory on Wind River VxWorks Platform

Original release date: July 30, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Advisory on multiple vulnerabilities in the Wind River VxWorks Platform. A remote attacker could...
Auteur: US Cert

Steps to Safeguard Against Ransomware Attacks

Original release date: July 30, 2019The Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing & Analysis Center (MS-ISAC), National Governors Association (NGA), and the National Association of State Chief...
Auteur: US Cert

Save the Date: 2019 CISA Cybersecurity Summit

Original release date: July 29, 2019The Cybersecurity and Infrastructure Security Agency (CISA) will be hosting the 2019 CISA Cybersecurity Summit from September 18-20, 2019, at National Harbor, MD. This summit will provide a forum for critical...
Auteur: US Cert

Vulnerabilities in Multiple VPN Applications

Original release date: July 26, 2019The Cybersecurity and Infrastructure Security Agency (CISA) is aware of vulnerabilities affecting multiple Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to...
Auteur: US Cert

CISA Webinar: Holistic Approach to Mitigating Insider Threats

Original release date: July 26, 2019Want to recognize indicators of cybersecurity and physical insider threats? On July 29, the Cybersecurity and Infrastructure Security Agency will host a webinar providing expert guidance for a holistic approach...
Auteur: US Cert

IRS Reminds Tax Professionals: Create a Data Security Plan

Original release date: July 24, 2019The Internal Revenue Service (IRS) has issued a news release reminding professional tax preparers that they are required by law to have a written data security plan. Creating and maintaining a data security...
Auteur: US Cert

Building Resilience to Foreign Interference, Misinformation Activities

Original release date: July 22, 2019As part of the effort to #Protect2020, the Cybersecurity and Infrastructure Security Agency (CISA) is working with national partners to build resilience to foreign interferences, particularly information...
Auteur: US Cert

5G Wireless Network Risk Factors

Original release date: July 22, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released an infographic on 5G wireless network risk factors. Although 5G technology will bring capacity, reliability, and security improvements,...
Auteur: US Cert

Apple Releases Multiple Security Updates

Original release date: July 22, 2019Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Canadian Centre for Cyber Security Releases Advisory on Fileless Malware

Original release date: July 18, 2019The Canadian Centre for Cyber Security (CCCS) has released an advisory on an Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and...
Auteur: US Cert

WaterISAC Releases Cybersecurity Fundamentals

Original release date: July 17, 2019The Water Information Sharing and Analysis Center (WaterISAC) recently released an updated cybersecurity fundamentals guide for water and wastewater utilities. The guide includes cybersecurity best practices,...
Auteur: US Cert

Drupal Releases Security Update

Original release date: July 17, 2019Drupal has released a security update to address a vulnerability in Drupal Core. An attacker could exploit this vulnerability to take control of an affected website. The Cybersecurity and Infrastructure...
Auteur: US Cert

Cisco Releases Security Updates for Multiple Products

Original release date: July 17, 2019Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

VU#790507: Oracle Solaris vulnerable to arbitrary code execution via /proc/self

The process file system(/proc)in Oracle Solaris 11 and Solaris 10 provides a self/alias that refers to the current executing process's PID subdirectory with state information about the process. Protection mechanisms for/proc in Solaris 11/10 did...
Auteur: US Cert

NCSC Releases 2019 Active Cyber Defence Report

Original release date: July 16, 2019The United Kingdom’s National Cyber Security Centre (NCSC) has released their 2019 Active Cyber Defence (ACD) report, which provides an analysis of program outcomes throughout 2018. NCSC’s ACD program—stood up...
Auteur: US Cert

Microsoft Releases Security Updates for PowerShell Core

Original release date: July 16, 2019Microsoft has released updates to address a vulnerability in PowerShell Core versions 6.1 and 6.2. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Oracle Releases July 2019 Security Bulletin

Original release date: July 16, 2019Oracle has released its Critical Patch Update for July 2019 to address 319 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

DHS Webinar: Cybersecurity Threats to the Healthcare Sector

Original release date: July 16, 2019The Department of Homeland Security (DHS) and the American Hospital Association (AHA) are conducting a webinar focused on current cybersecurity threats to the healthcare sector. The webinar will be held on...
Auteur: US Cert

IRS Releases Six Cybersecurity Safeguards

Original release date: July 16, 2019The Internal Revenue Service (IRS) has issued a news release outlining six cybersecurity safeguards to protect computers, email, and sensitive data. The recommendations are part of the Taxes. Security....
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: July 15, 2019Google has released Chrome 75.0.3770.142 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

VU#129209: LLVMs Arm stack protection feature can be rendered ineffective

The Stack Protection feature provided in the LLVM Arm backend protects against buffer overflows by adding a cookie value between local variables and the stack frame return address. The compiler stores this value in memory and checks the cookie...
Auteur: US Cert

NCSC Releases Advisory on Ongoing DNS Hijacking Campaign

Original release date: July 12, 2019The United Kingdom’s National Cyber Security Centre (NCSC) has released an advisory about an ongoing Domain Name System (DNS) hijacking campaign. The advisory details risks and mitigations for organizations to...
Auteur: US Cert

Atlassian Releases Security Updates for Jira

Original release date: July 11, 2019Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system. The...
Auteur: US Cert

Juniper Networks Releases Multiple Security Updates

Original release date: July 10, 2019Juniper Networks has released security updates to address multiple vulnerabilities in various products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert
First891011121314151617Last

Événements SSI