Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Citrix Application Delivery Controller and Citrix Gateway Vulnerability

Original release date: January 8, 2020The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway. A remote attacker could exploit this vulnerability to...
Auteur: US Cert

Mozilla Patches Critical Vulnerability

Original release date: January 8, 2020Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected...
Auteur: US Cert

Mozilla Releases Security Updates for Firefox and Firefox ESR

Original release date: January 8, 2020Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: January 8, 2020Google has released security updates for Chrome version 79.0.3945.117 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected...
Auteur: US Cert

VU#619785: Citrix Application Delivery Controller and Citrix Gateway directory traversal vulnerability

Citrix has published a security bulletin that mentions a vulnerability that can be exploited to achieve arbitrary code execution by a remote,unauthenticated attacker. Although the bulletin does not describe details about the vulnerability,the...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: January 7, 2020Cisco has released security updates to address multiple vulnerabilities in Data Center Network Manager (DCNM). A remote attacker could exploit these vulnerabilities to take control of an affected system. For...
Auteur: US Cert

Release of New CISA Insights on Increased Geopolitical Tensions and Threats

Original release date: January 6, 2020Stakeholders,   Today, the Cybersecurity and Infrastructure Security Agency (CISA) issued a CISA Insights document entitled, “Increased Geopolitical Tensions and Threats” pertaining to the increased tension...
Auteur: US Cert

DHS Releases NTAS Bulletin

Original release date: January 4, 2020Today, Acting Secretary of Homeland Security Chad Wolf reissued the NTAS bulletin pertaining to the terror threat to the U.S. homeland. Upfront, you should know that: “At this time there is no specific,...
Auteur: US Cert

Secure New Internet-Connected Devices

Original release date: December 31, 2019During the holidays, internet-connected devices—also known as Internet of Things (IoT) devices—are popular gifts. These include smart cameras, smart TVs, watches, toys, phones, and tablets. Although this...
Auteur: US Cert

Reminder: CISA Publishes Weekly Vulnerability Summaries

Original release date: December 31, 2019Did you know that the Cybersecurity and Infrastructure Security Agency (CISA) publishes a weekly Vulnerability Bulletin? This recurring item provides a summary of all new vulnerabilities that have been...
Auteur: US Cert

Drupal Releases Security Updates

Original release date: December 19, 2019Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.7.x, and 8.8.x. An attacker could exploit some of these vulnerabilities to modify data on an affected website. The...
Auteur: US Cert

VU#873161: Telos Automated Message Handling System contains multiple vulnerabilities

Telos AMHS is a web-based messaging system that supports DoD and Intelligence Community(IC)security marking requirements. AMHS versions prior to version 4.1.5.5 contain multiple XSS vulnerabilities and also fail to properly restrict access to...
Auteur: US Cert

VU#941987: Apple devices vulnerable to boot ROM race condition

A vulnerability in the Boot ROM of some Apple devices can be exploited by an unauthenticated local attacker to execute arbitrary code upon booting those devices. The Boot ROM,which is located within the processor,contains the first code executed...
Auteur: US Cert

Google Releases Security Updates for Chrome for Windows, Mac, and Linux

Original release date: December 18, 2019Google has released security updates for Chrome version 79.0.3945.88 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected...
Auteur: US Cert

Microsoft Releases Out-of-Band Security Updates

Original release date: December 18, 2019Microsoft has released out-of-band security updates to address a vulnerability in SharePoint Server. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and...
Auteur: US Cert

Microsoft Releases Information on CVE-2019-1491

Original release date: December 18, 2019 | Last revised: December 19, 2019Microsoft has released information about CVE-2019-1491, a vulnerability in SharePoint Server. An attacker could exploit this vulnerability to obtain sensitive...
Auteur: US Cert

WordPress Releases Security and Maintenance Updates

Original release date: December 13, 2019WordPress 5.3 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected website. The Cybersecurity and...
Auteur: US Cert

Microsoft Releases December 2019 Security Updates

Original release date: December 10, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: December 10, 2019Google has released security updates for Chrome version 79.0.3945.79 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected...
Auteur: US Cert

Apple Releases Multiple Security Updates

Original release date: December 10, 2019Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

Intel Releases Security Updates

Original release date: December 10, 2019Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of...
Auteur: US Cert

Adobe Releases Security Updates

Original release date: December 10, 2019Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Samba Releases Security Updates

Original release date: December 10, 2019The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

VMware Releases Security Updates for ESXi and Horizon DaaS

Original release date: December 6, 2019VMware has released security updates to address a vulnerability in ESXi and Horizon DaaS. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

ACSC Releases Fundamentals of Cross Domain Solutions

Original release date: December 5, 2019The Australian Cyber Security Centre (ACSC) has released a cybersecurity guide outlining the fundamentals of cross domain solution (CDS) technologies. This guidance provides cross domain security principles...
Auteur: US Cert
12345678910Last

Événements SSI