Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Samba Releases Security Updates

Original release date: April 28, 2020The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: April 28, 2020Google has released Chrome version 81.0.4044.129 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Juniper Releases Security Updates for Junos OS

Original release date: April 28, 2020Juniper has released security updates to address a vulnerability affecting multiple versions of Junos operating systems. A remote attacker can exploit this vulnerability to take control of an affected...
Auteur: US Cert

OpenSSL Releases Security Update

Original release date: April 22, 2020OpenSSL version 1.1.1g has been released to address a vulnerability affecting versions 1.1.1d–1.1.1f. An attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and...
Auteur: US Cert

Microsoft Releases Security Updates for Multiple Products

Original release date: April 22, 2020Microsoft has released security updates to address multiple vulnerabilities in products that use the Autodesk FBX library. These include Office 2016, Office 2019, Office 365 ProPlus, and Paint 3D. A remote...
Auteur: US Cert

 Google Releases Security Updates for Chrome

Original release date: April 22, 2020Google has released Chrome version 81.0.4044.122 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

NSA, ASD Release Guidance for Mitigating Web Shell Malware

Original release date: April 22, 2020The U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) have jointly released a Cybersecurity Information Sheet (CSI) on mitigating web shell malware. Malicious cyber actors are...
Auteur: US Cert

IC3 Releases Alert on Extortion Email Scams

Original release date: April 21, 2020The Internet Crime Complaint Center (IC3) has released an alert warning of a recent increase in extortion email scams. Cyber criminals threaten to release sexually explicit photos or videos of victims unless...
Auteur: US Cert

Apple Releases Security Update for Xcode

Original release date: April 17, 2020Apple has released a security update to address vulnerabilities in Xcode. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure...
Auteur: US Cert

Google Releases Security Updates

Original release date: April 16, 2020Google has released Chrome version 81.0.4044.113 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Cisco Releases Security Updates for Multiple Products

Original release date: April 16, 2020Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Oracle Releases April 2020 Security Bulletin

Original release date: April 15, 2020Oracle has released its Critical Patch Update for April 2020 to address 397 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an...
Auteur: US Cert

VMware Releases Security Updates for vRealize Log Insight

Original release date: April 14, 2020VMware has released security updates to address vulnerabilities in VMware vRealize Log Insight. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Intel Releases Security Updates

Original release date: April 14, 2020Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain escalation of privileges. The Cybersecurity and...
Auteur: US Cert

Microsoft Releases April 2020 Security Updates

Original release date: April 14, 2020Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Adobe Releases Security Updates for Multiple Products

Original release date: April 14, 2020Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

VMWare Releases Security Updates for VMware Directory Service

Original release date: April 10, 2020VMware has released security updates to address a vulnerability in VMware Directory Service (vmdir). An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Juniper Networks Releases Security Updates

Original release date: April 9, 2020Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

Mozilla Releases Security Updates for Firefox, Firefox ESR

Original release date: April 8, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Google Releases Security Updates

Original release date: April 8, 2020Google has released Chrome version 81.0.4044.92 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

VU#660597: Periscope BuySpeed is vulnerable to stored cross-site scripting

Periscope BuySpeed is a"tool to automate the full procure-to-pay process efficiently and intelligently". BuySpeed version 14.5 is vulnerable to stored cross-site scripting,which could allow a local,authenticated attacker to store arbitrary...
Auteur: US Cert

Mozilla Patches Critical Vulnerabilities in Firefox, Firefox ESR

Original release date: April 3, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have...
Auteur: US Cert

FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing

Original release date: April 2, 2020The Federal Bureau of Investigation (FBI) has released an article on defending against video-teleconferencing (VTC) hijacking (referred to as “Zoom-bombing” when attacks are to the Zoom VTC platform).  Many...
Auteur: US Cert

MS-ISAC Releases Advisory on DrayTek Devices

Original release date: April 1, 2020The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory regarding two vulnerable command injection points in DrayTek devices (CVE-2020-8515). An attacker could exploit these...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: April 1, 2020Google has released Chrome version 80.0.3987.162 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and...
Auteur: US Cert
12345678910Last

Événements SSI