Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Google Releases Security Updates for Chrome

Original release date: February 21, 2020Google has released Chrome version 80.0.3987.116 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. Note: although...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: February 20, 2020Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates...
Auteur: US Cert

Adobe Releases Security Updates for After Effects and Media Encoder

Original release date: February 20, 2020Adobe has released security updates to address vulnerabilities in After Effects and Media Encoder. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

VMware Releases Security Updates for vRealize Operations for Horizon Adapter

Original release date: February 19, 2020VMware has released security updates to address multiple vulnerabilities in vRealize Operations for Horizon Adapter. A remote attacker could exploit some of these vulnerabilities to take control of an...
Auteur: US Cert

Be Cautious of Romance Scams

Original release date: February 14, 2020This Valentine’s Day, the Cybersecurity and Infrastructure Security Agency (CISA) reminds users to be wary of internet romance scams. Cyber criminals partaking in this type of fraud target victims, gain...
Auteur: US Cert

North Korean Malicious Cyber Activity

Original release date: February 14, 2020The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified the following malware variants used by the North...
Auteur: US Cert

New SchoolSafety.gov Provides Cyber Guidance for K-12 Schools

Original release date: February 12, 2020The Federal School Safety Clearinghouse just launched its website: SchoolSafety.gov. This website—a collaboration between the Department of Homeland Security and the U.S. Departments of Education, Justice,...
Auteur: US Cert

FBI Releases IC3 2019 Internet Crime Report

Original release date: February 12, 2020The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has released the 2019 Internet Crime Report, which includes statistics based on data reported by the public through the IC3...
Auteur: US Cert

VU#597809: IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI)

IBM ServeRAID Manager includes an embedded instance of Java version 1.4.2. Both ServeRAID Manager and Java 1.4.2 are no longer supported. ServeRAID Manager uses a Java remote method invocation(RMI)interface on a TCP port that listens on all...
Auteur: US Cert

Microsoft Releases February 2020 Security Updates

Original release date: February 11, 2020Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Intel Releases Security Updates

Original release date: February 11, 2020Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to gain escalation of privileges. The Cybersecurity and Infrastructure...
Auteur: US Cert

Adobe Releases Security Updates for Multiple Products

Original release date: February 11, 2020Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Mozilla Releases Security Updates for Multiple Products

Original release date: February 11, 2020Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Safer Internet Day

Original release date: February 10, 2020February 11, 2020, is Safer Internet Day, a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year's theme—Together for a...
Auteur: US Cert

ACSC Releases Advisory on Mailto Ransomware Incidents

Original release date: February 6, 2020The Australian Cyber Security Centre (ACSC) has released an advisory on Mailto ransomware incidents. The ACSC has limited information regarding the initial intrusion vector for Mailto, also known as...
Auteur: US Cert

Cisco Releases Security Updates for Multiple Products

Original release date: February 6, 2020Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: February 5, 2020Google has released Chrome 80 (version 80.0.3987.87) for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The...
Auteur: US Cert

VU#261385: Cisco Discovery Protocol (CDP) enabled devices are vulnerable to denial-of-service and remote code execution

CVE-2020-3110 Cisco's Video Surveillance 8000 Series IP cameras with CDP enabled are vulnerable to a heap overflow in the parsing of DeviceID type-length-value(TLV). The CVSS score reflected below is in regards to this vulnerability....
Auteur: US Cert

IRS Launches “Identity Theft Central” Webpage

Original release date: February 4, 2020The Internal Revenue Service (IRS) has launched its “Identity Theft Central” webpage to provide 24/7 access to online information regarding tax-related identity theft and data security protection....
Auteur: US Cert

OpenSMTPD Vulnerability

Original release date: February 3, 2020The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an...
Auteur: US Cert

Adobe Releases Security Updates for Magento

Original release date: January 31, 2020Adobe has released security updates to address vulnerabilities affecting Magento Commerce and Open Source editions. An attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

VU#390745: OpenSMTPD vulnerable to local privilege escalation and remote code execution

OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol(SMTP)that is part of the OpenBSD Project. OpenSMTPD's smtp_mailaddr()function is responsible for validating sender and recipient mail addresses. If the...
Auteur: US Cert

Cisco Releases Security Updates for Cisco Small Business Switches

Original release date: January 30, 2020Cisco has released security updates to address vulnerabilities affecting Cisco Small Business Switches. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. The...
Auteur: US Cert

Tax Identity Theft Awareness Week

Original release date: January 29, 2020Tax Identity Theft Awareness Week is February 3-7. The Federal Trade Commission (FTC) Tax Identity Theft Awareness Week webpage will provide webinars and other resources from FTC and its partners throughout...
Auteur: US Cert

Apple Releases Multiple Security Updates

Original release date: January 28, 2020Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert
12345678910Last

Événements SSI