Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

IRS Launches “Identity Theft Central” Webpage

Original release date: February 4, 2020The Internal Revenue Service (IRS) has launched its “Identity Theft Central” webpage to provide 24/7 access to online information regarding tax-related identity theft and data security protection....
Auteur: US Cert

OpenSMTPD Vulnerability

Original release date: February 3, 2020The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an...
Auteur: US Cert

Adobe Releases Security Updates for Magento

Original release date: January 31, 2020Adobe has released security updates to address vulnerabilities affecting Magento Commerce and Open Source editions. An attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

VU#390745: OpenSMTPD vulnerable to local privilege escalation and remote code execution

OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol(SMTP)that is part of the OpenBSD Project. OpenSMTPD's smtp_mailaddr()function is responsible for validating sender and recipient mail addresses. If the...
Auteur: US Cert

Cisco Releases Security Updates for Cisco Small Business Switches

Original release date: January 30, 2020Cisco has released security updates to address vulnerabilities affecting Cisco Small Business Switches. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. The...
Auteur: US Cert

Tax Identity Theft Awareness Week

Original release date: January 29, 2020Tax Identity Theft Awareness Week is February 3-7. The Federal Trade Commission (FTC) Tax Identity Theft Awareness Week webpage will provide webinars and other resources from FTC and its partners throughout...
Auteur: US Cert

Apple Releases Multiple Security Updates

Original release date: January 28, 2020Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Data Privacy Day: A Vision for the Future

Original release date: January 28, 2020January 28 is Data Privacy Day, an annual effort to empower individuals and organizations to respect privacy, safeguard data, and enable trust. This year, the National Cyber Security Alliance (NCSA) is...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: January 24, 2020Cisco has released security updates to address a vulnerability affecting Cisco Webex Meetings Suite and Cisco Webex Meetings Online. A remote attacker could exploit this vulnerability to obtain sensitive...
Auteur: US Cert

NSA Releases Guidance on Mitigating Cloud Vulnerabilities

Original release date: January 24, 2020The National Security Agency (NSA) has released an information sheet with guidance on mitigating cloud vulnerabilities. NSA identifies cloud security components and discusses threat actors, cloud...
Auteur: US Cert

Citrix Releases Security Updates for SD-WAN WANOP

Original release date: January 23, 2020Citrix has released security updates to address the CVE-2019-19781 vulnerability in Citrix SD-WAN WANOP. An attacker could exploit this vulnerability to take control of an affected system. Citrix has also...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: January 23, 2020Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing...
Auteur: US Cert

Increased Emotet Malware Activity

Original release date: January 22, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a recent increase in targeted Emotet malware attacks. Emotet is a sophisticated Trojan that commonly functions as a downloader or...
Auteur: US Cert

IC3 Issues Alert on Employment Scams

Original release date: January 22, 2020The Internet Crime Complaint Center (IC3) has issued an alert warning consumers of fake jobs and hiring scams targeting applicants’ personally identifiable information (PII). Cyber criminals posing as...
Auteur: US Cert

Reminder: Safeguard Websites from Cyberattacks

Original release date: January 21, 2020Protect personal and organizational public-facing websites from defacement, data breaches, and other types of cyberattacks by following cybersecurity best practices. The Cybersecurity and Information...
Auteur: US Cert

Samba Releases Security Updates

Original release date: January 21, 2020The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Citrix Adds SD-WAN WANOP, Updated Mitigations to CVE-2019-19781 Advisory

Original release date: January 17, 2020Citrix has released an article with updates on CVE-2019-19781, a vulnerability affecting Citrix Application Delivery Controller (ADC) and Citrix Gateway. This vulnerability also affects Citrix SD-WAN WANOP...
Auteur: US Cert

Microsoft Releases Security Advisory on Internet Explorer Vulnerability

Original release date: January 17, 2020Microsoft has released a security advisory to address a critical vulnerability in Internet Explorer. A remote attacker could exploit this vulnerability to take control of an affected system. According to the...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: January 17, 2020Google has released Chrome version 79.0.3945.130 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity...
Auteur: US Cert

VU#338824: Microsoft Internet Explorer Scripting Engine memory corruption vulnerability

Microsoft has released Security Advisory ADV200001,which describes a memory corruption vulnerability in the Scripting Engine. This vulnerability is being exploited in the wild.
Auteur: US Cert

Oracle Releases January 2020 Security Bulletin

Original release date: January 14, 2020Oracle has released its Critical Patch Update for January 2020 containing 334 new security patches to address vulnerabilities across multiple products. A remote attacker could exploit some of these...
Auteur: US Cert

Adobe Releases Security Updates

Original release date: January 14, 2020Adobe has released security updates to address vulnerabilities in Illustrator CC and Experience Manager. An attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

VMware Releases Security Update

Original release date: January 14, 2020VMware has released a security update to address a vulnerability in VMware Tools. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure...
Auteur: US Cert

Intel Releases Security Updates

Original release date: January 14, 2020Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of...
Auteur: US Cert

Microsoft Releases January 2020 Security Updates

Original release date: January 14, 2020Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert
12345678910Last

Événements SSI