samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

MS-ISAC Releases Advisory on PHP Vulnerabilities

Original release date: September 14, 2018 The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit one of these...
Auteur: US Cert

Potential Hurricane Florence Phishing Scams

Original release date: September 14, 2018 NCCIC warns users to remain vigilant for malicious cyber activity seeking to exploit interest in Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often...
Auteur: US Cert

Google Releases Security Update for Chrome

Original release date: September 11, 2018 Google has released Chrome version 69.0.3497.92 for Windows, Mac, and Linux. This version addresses vulnerabilities, one of which an attacker could exploit to take control of an affected...
Auteur: US Cert

Microsoft Releases September 2018 Security Updates

Original release date: September 11, 2018 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC...
Auteur: US Cert

Adobe Releases Security Updates

Original release date: September 11, 2018 Adobe has released security updates to address vulnerabilities in Adobe Flash Player and ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

VMware Releases Security Updates

Original release date: September 06, 2018 VMware has released security updates to address vulnerabilities in VMware AirWatch Agent and Content Locker. An attacker could exploit these vulnerabilities to obtain access to sensitive...
Auteur: US Cert

Mozilla Releases Security Updates for Firefox

Original release date: September 05, 2018 Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: September 05, 2018 Cisco has released updates to address multiple vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.  NCCIC...
Auteur: US Cert

Problems with Automatic DNS Registration and Autodiscovery

Original release date: September 05, 2018 The CERT Coordination Center (CERT/CC) has released information on problems associated with small office/home office routers using automatic Domain Name System (DNS) registration and autodiscovery....
Auteur: US Cert

September is National Preparedness Month

Original release date: September 05, 2018 National Preparedness Month is a good opportunity to assess your emergency preparedness. While general preparedness is essential to getting through an emergency related to a natural disaster, the...
Auteur: US Cert

VU#598349: Problems with automatic DNS registration and autodiscovery

Vulnerability Note VU#598349 Problems with automatic DNS registration and autodiscovery Original Release date: 05 Sep 2018 | Last revised: 05 Sep 2018 Overview Problems with automatic DNS registration and autodiscovery. If an...
Auteur: US Cert

Google Releases Security Update for Chrome

Original release date: September 04, 2018 Google has released Chrome version 69.0.3497.81 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.NCCIC...
Auteur: US Cert

VU#906424: Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface

Vulnerability Note VU#906424 Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface Original Release date: 27 Aug 2018 | Last revised: 28 Aug 2018 Overview Microsoft Windows task...
Auteur: US Cert

Cisco Releases Security Update

Original release date: August 28, 2018 Cisco has released a security update to address a vulnerability in Cisco Data Center Network Manager. A remote attacker could exploit this vulnerability to obtain access to sensitive information.NCCIC...
Auteur: US Cert

FTC Promotes Resources to Prevent Cyberbullying

Original release date: August 28, 2018 The Federal Trade Commission (FTC) has released an announcement on the importance of addressing cyberbullying. As children return to school, FTC encourages parents and educators to monitor kids'...
Auteur: US Cert

Adobe Releases Security Update for Creative Cloud

Original release date: August 28, 2018 Adobe has released a security update to address a vulnerability in Adobe Creative Cloud Desktop Application. An attacker could exploit this vulnerability to cause a denial-of-service condition.NCCIC...
Auteur: US Cert

FTC Issues Alert on Bitcoin Blackmail Scams

Original release date: August 22, 2018 The Federal Trade Commission has released an alert on Bitcoin blackmail scams. In these schemes, scammers threaten victims with public disclosure of their "secret" unless they send a payment in...
Auteur: US Cert

Apache Releases Security Update for Apache Struts 2

Original release date: August 22, 2018 The Apache Software Foundation has released a security update to address a vulnerability in Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16.NCCIC encourages users and administrators to review...
Auteur: US Cert

Adobe Releases Security Updates

Original release date: August 22, 2018 Adobe has released security updates to address vulnerabilities in Adobe Photoshop CC. An attacker could exploit these vulnerabilities to take control of an affected system.NCCIC encourages users and...
Auteur: US Cert

Ghostscript Vulnerability

Original release date: August 21, 2018 | Last revised: August 22, 2018 NCCIC is aware of a Ghostscript vulnerability affecting various vendors. An attacker could exploit this vulnerability to take control of an affected system.    NCCIC...
Auteur: US Cert

VU#332928: Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities

Vulnerability Note VU#332928 Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities Original Release date: 21 Aug 2018 | Last revised: 27 Aug 2018 Overview Ghostscript contains multiple -dSAFER sandbox bypass...
Auteur: US Cert

Apache Releases Security Updates for Tomcat Native

Original release date: August 17, 2018 The Apache Foundation has released security updates to address vulnerabilities in Apache Tomcat Native. A remote attacker could exploit these vulnerabilities to take control of an affected...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: August 15, 2018 Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition.  NCCIC encourages users...
Auteur: US Cert

VU#982149: Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)

Vulnerability Note VU#982149 Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF) Original Release date: 15 Aug 2018 | Last revised: 17 Aug 2018 Overview Intel...
Auteur: US Cert

FBI Releases Guidance on Defending Against Travel Scams

Original release date: August 14, 2018 The Federal Bureau of Investigation (FBI) has released an article on building a digital defense against travel scams. FBI explains how scammers trick consumers with "free" vacation ploys. These offers...
Auteur: US Cert
First17181920212223242526

Événements SSI