Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

CSET Version 9.2 Now Available

Original release date: November 4, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released version 9.2 of its Cyber Security Evaluation Tool (CSET). CSET is a desktop software tool that guides asset owners and operators...
Auteur: US Cert

National Critical Infrastructure Security and Resilience Month

Original release date: November 1, 2019November is National Critical Infrastructure Security and Resilience Month. The Nation’s critical infrastructure (CI) relies on a highly interdependent environment, in which physical and cyber systems...
Auteur: US Cert

VU#125336: Microsoft Office for Mac cannot properly disable XLM macros

XLM macros Up to and including Microsoft Excel 4.0,a macro format called XLM was available. XLM macros predate the VBA macros that are more common with modern Microsoft Office systems,however current Microsoft Office versions still support XLM...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: October 31, 2019Google has released Chrome version 78.0.3904.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these...
Auteur: US Cert

North Korean Malicious Cyber Activity

Original release date: October 31, 2019The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified a Trojan malware variant—referred to as...
Auteur: US Cert

MS-ISAC Releases EOS Software Report List

Original release date: October 30, 2019The Multi-State Information Sharing and Analysis Center (MS-ISAC) has released an end-of-support (EOS) software report list. Software that has reached its EOS date no longer receives security updates and...
Auteur: US Cert

MS-ISAC Releases Advisory on PHP Vulnerabilities

Original release date: October 30, 2019The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit some of these vulnerabilities to...
Auteur: US Cert

Apple Releases Security Updates

Original release date: October 30, 2019Content: Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Microsoft Reports Global Cyberattacks on Sporting and Anti-Doping Organizations from Russian Espionage Actors

Original release date: October 29, 2019Microsoft publicly released information revealing an uptick in cyberattacks globally targeting anti-doping authorities and sporting organizations. The Microsoft Threat Intelligence Center (MSTIC) routinely...
Auteur: US Cert

Samba Releases Security Updates

Original release date: October 29, 2019The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to obtain sensitive information. The...
Auteur: US Cert

FTC Provides Tips for Warding Off Hackers

Original release date: October 29, 2019The Federal Trade Commission (FTC) has released an article with tips on how protect your personal information from being stolen by hackers. In support of National Cybersecurity Awareness Month (NCSAM), FTC...
Auteur: US Cert

ACSC Releases Advisory on Emotet Malware Campaign

Original release date: October 25, 2019The Australian Cyber Security Centre (ACSC) has released an advisory on an ongoing, widespread Emotet malware campaign. Emotet is a Trojan—commonly spread via malicious email attachments—that attempts to...
Auteur: US Cert

Mozilla Releases Security Update for Thunderbird

Original release date: October 24, 2019Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

FBI Expands Election Security Resources

Original release date: October 24, 2019The Federal Bureau of Investigation (FBI) has released additional election security resources as part of the Protected Voices initiative. Created in partnership with FBI, the Department of Homeland Security,...
Auteur: US Cert

NCSC Releases 2019 Annual Review

Original release date: October 24, 2019The United Kingdom's (UK) National Cyber Security Centre (NCSC) has released its Annual Review for 2019, which reports their work and key accomplishments from September 1, 2018, to August 31, 2019. NCSC...
Auteur: US Cert

EOL D-Link Routers Vulnerable to Remote Command Execution

Original release date: October 24, 2019The CERT Coordination Center (CERT/CC) has released information on a vulnerability (CVE-2019-16920) affecting multiple D-Link routers. A remote attacker could exploit this vulnerability to take control of an...
Auteur: US Cert

IRS Releases Recommendations to Keep Children and Teens Safe Online

Original release date: October 24, 2019The Internal Revenue Service (IRS) has issued a news release urging parents and families to be wary of the risks posed when sharing home devices, shopping online, and using social media. As part of National...
Auteur: US Cert

VU#766427: Multiple D-Link routers vulnerable to remote command execution

Several D-Link routers contain CGI capability that is exposed to users as/apply_sec.cgi,and dispatched on the device by the binary/www/cgi/ssi. This CGI code contains two flaws: The/apply_sec.cgi code is exposed to unauthenticated users. The...
Auteur: US Cert

FBI Releases Article on Defending Against E-Skimming

Original release date: October 23, 2019The Federal Bureau of Investigation (FBI) has released an article to raise awareness on e-skimming threats. E-skimming occurs when an attacker injects malicious code onto a website to capture credit or debit...
Auteur: US Cert

Beware of Stalking Apps

Original release date: October 23, 2019The Federal Trade Commission (FTC) has released an article warning consumers of “stalking apps”—spyware that secretly monitors smartphones. These apps can share information like call history, text messages,...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: October 23, 2019Google has released Chrome version 78.0.3904.70 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Mozilla Releases Security Updates for Firefox and Firefox ESR

Original release date: October 23, 2019Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Juniper Networks Releases Junos OS Security Advisory

Original release date: October 23, 2019Juniper Networks has released a security update to address a vulnerability in Junos OS. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

FTC Promotes International Charity Fraud Awareness Week

Original release date: October 22, 2019The Federal Trade Commission (FTC) has released an article promoting International Charity Fraud Awareness Week (ICFAW), which runs October 21–25. FTC, the National Association of State Charities Officials,...
Auteur: US Cert

NSA and NCSC Release Joint Advisory on Turla Group Activity

Original release date: October 21, 2019The National Security Agency (NSA) and the United Kingdom National Cyber Security Centre (NCSC) have released a joint advisory on advanced persistent threat (APT) group Turla—widely reported to be Russian....
Auteur: US Cert
First3456789101112Last

Événements SSI