samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

New SchoolSafety.gov Provides Cyber Guidance for K-12 Schools

Original release date: February 12, 2020The Federal School Safety Clearinghouse just launched its website: SchoolSafety.gov. This website—a collaboration between the Department of Homeland Security and the U.S. Departments of Education, Justice,...
Auteur: US Cert

FBI Releases IC3 2019 Internet Crime Report

Original release date: February 12, 2020The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has released the 2019 Internet Crime Report, which includes statistics based on data reported by the public through the IC3...
Auteur: US Cert

VU#597809: IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI)

IBM ServeRAID Manager includes an embedded instance of Java version 1.4.2. Both ServeRAID Manager and Java 1.4.2 are no longer supported. ServeRAID Manager uses a Java remote method invocation(RMI)interface on a TCP port that listens on all...
Auteur: US Cert

Microsoft Releases February 2020 Security Updates

Original release date: February 11, 2020Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Intel Releases Security Updates

Original release date: February 11, 2020Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to gain escalation of privileges. The Cybersecurity and Infrastructure...
Auteur: US Cert

Adobe Releases Security Updates for Multiple Products

Original release date: February 11, 2020Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Mozilla Releases Security Updates for Multiple Products

Original release date: February 11, 2020Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Safer Internet Day

Original release date: February 10, 2020February 11, 2020, is Safer Internet Day, a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year's theme—Together for a...
Auteur: US Cert

ACSC Releases Advisory on Mailto Ransomware Incidents

Original release date: February 6, 2020The Australian Cyber Security Centre (ACSC) has released an advisory on Mailto ransomware incidents. The ACSC has limited information regarding the initial intrusion vector for Mailto, also known as...
Auteur: US Cert

Cisco Releases Security Updates for Multiple Products

Original release date: February 6, 2020Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: February 5, 2020Google has released Chrome 80 (version 80.0.3987.87) for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The...
Auteur: US Cert

VU#261385: Cisco Discovery Protocol (CDP) enabled devices are vulnerable to denial-of-service and remote code execution

CVE-2020-3110 Cisco's Video Surveillance 8000 Series IP cameras with CDP enabled are vulnerable to a heap overflow in the parsing of DeviceID type-length-value(TLV). The CVSS score reflected below is in regards to this vulnerability....
Auteur: US Cert

IRS Launches “Identity Theft Central” Webpage

Original release date: February 4, 2020The Internal Revenue Service (IRS) has launched its “Identity Theft Central” webpage to provide 24/7 access to online information regarding tax-related identity theft and data security protection....
Auteur: US Cert

OpenSMTPD Vulnerability

Original release date: February 3, 2020The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an...
Auteur: US Cert

Adobe Releases Security Updates for Magento

Original release date: January 31, 2020Adobe has released security updates to address vulnerabilities affecting Magento Commerce and Open Source editions. An attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

VU#390745: OpenSMTPD vulnerable to local privilege escalation and remote code execution

OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol(SMTP)that is part of the OpenBSD Project. OpenSMTPD's smtp_mailaddr()function is responsible for validating sender and recipient mail addresses. If the...
Auteur: US Cert

Cisco Releases Security Updates for Cisco Small Business Switches

Original release date: January 30, 2020Cisco has released security updates to address vulnerabilities affecting Cisco Small Business Switches. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. The...
Auteur: US Cert

Tax Identity Theft Awareness Week

Original release date: January 29, 2020Tax Identity Theft Awareness Week is February 3-7. The Federal Trade Commission (FTC) Tax Identity Theft Awareness Week webpage will provide webinars and other resources from FTC and its partners throughout...
Auteur: US Cert

Apple Releases Multiple Security Updates

Original release date: January 28, 2020Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Data Privacy Day: A Vision for the Future

Original release date: January 28, 2020January 28 is Data Privacy Day, an annual effort to empower individuals and organizations to respect privacy, safeguard data, and enable trust. This year, the National Cyber Security Alliance (NCSA) is...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: January 24, 2020Cisco has released security updates to address a vulnerability affecting Cisco Webex Meetings Suite and Cisco Webex Meetings Online. A remote attacker could exploit this vulnerability to obtain sensitive...
Auteur: US Cert

NSA Releases Guidance on Mitigating Cloud Vulnerabilities

Original release date: January 24, 2020The National Security Agency (NSA) has released an information sheet with guidance on mitigating cloud vulnerabilities. NSA identifies cloud security components and discusses threat actors, cloud...
Auteur: US Cert

Citrix Releases Security Updates for SD-WAN WANOP

Original release date: January 23, 2020Citrix has released security updates to address the CVE-2019-19781 vulnerability in Citrix SD-WAN WANOP. An attacker could exploit this vulnerability to take control of an affected system. Citrix has also...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: January 23, 2020Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing...
Auteur: US Cert

Increased Emotet Malware Activity

Original release date: January 22, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a recent increase in targeted Emotet malware attacks. Emotet is a sophisticated Trojan that commonly functions as a downloader or...
Auteur: US Cert
12345678910Last

Événements SSI