vendredi 23 août 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

FISMA Annual Report to Congress

Original release date: August 23, 2019The Office of Management and Budget (OMB) has published its Fiscal Year (FY) 2018 Annual Report to Congress on the implementation of the Federal Information Security Modernization Act of 2014 (FISMA). The...
Auteur: US Cert

CISA Strategic Intent: Defend Today, Secure Tomorrow

Original release date: August 22, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released the CISA Strategic Intent document, framing the new agency’s mission to protect the Nation’s critical infrastructure from physical and...
Auteur: US Cert

Cisco Releases Security Updates

Original release date: August 22, 2019Cisco has released security updates to address vulnerabilities in Cisco Integrated Management Controller (IMC) Supervisor, Unified Computing System (UCS) Director, and UCS Director Express for Big Data. A...
Auteur: US Cert

CISA Insights: Ransomware Outbreak

Original release date: August 21, 2019The Cybersecurity and Infrastructure Security Agency (CISA) has released its first CISA Insights product, which discusses the rapid emergence of ransomware across our Nation’s networks. CISA Insights –...
Auteur: US Cert

Cyber Safety for Students

Original release date: August 20, 2019As summer break ends, many students will return to school with mobile devices, such as smart phones, tablets, and laptops. Although these devices can help students complete schoolwork and stay in touch with...
Auteur: US Cert

Microsoft Releases Security Update for Windows Elevation of Privilege Vulnerability

Original release date: August 15, 2019Microsoft has released a security update to address an elevation of privilege vulnerability (CVE-2019-1162) in Windows. An attacker could exploit this vulnerability to take control of an affected system. The...
Auteur: US Cert

IRS Security Summit Series for Tax Professionals: Create a Data Theft Recovery Plan

Original release date: August 14, 2019The fifth and final step in the Internal Revenue Service (IRS) Security Summit series for tax professionals is creating a data theft recovery plan. IRS issued a news release highlighting the importance of...
Auteur: US Cert

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities

Original release date: August 14, 2019Microsoft has released security updates to address two remote code execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182, in the following operating systems: Windows 7 SP1 Windows Server 2008 R2...
Auteur: US Cert

Multiple HTTP/2 Implementation Vulnerabilities

Original release date: August 14, 2019The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting HTTP/2 implementations. An attacker could exploit these vulnerabilities to cause a denial-of-service (DoS)...
Auteur: US Cert

VU#918987: Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks

Bluetooth is a short-range wireless technology based off of a core specification that defines six different core configurations,including the Bluetooth Basic Rate/Enhanced Data Rate Core Configurations. Bluetooth BR/EDR is used for low-power...
Auteur: US Cert

VU#605641: HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion

The Security Considerations section of RFC7540 discusses some of the considerations needed for HTTP/2 connections as they demand more resources to operate than HTTP/1.1 connections. While it generally covers expected behavior considerations,how...
Auteur: US Cert

Microsoft Releases August 2019 Security Updates

Original release date: August 13, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The...
Auteur: US Cert

Intel Releases Security Updates

Original release date: August 13, 2019Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected...
Auteur: US Cert

Adobe Releases Security Updates for Multiple Products

Original release date: August 13, 2019Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

NCSA Webinar on Cybersecurity for Small Businesses

Original release date: August 9, 2019The National Cyber Security Alliance (NCSA) and INFOSEC are hosting a webinar to educate small businesses on how to protect against phishing, vishing, and smishing threats. The webinar will be held on Tuesday,...
Auteur: US Cert

ACSC Releases Advisory on Password Spraying Attacks

Original release date: August 8, 2019The Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against...
Auteur: US Cert

Google Releases Security Updates for Chrome

Original release date: August 8, 2019Google has released Chrome version 76.0.3809.100 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.   The Cybersecurity...
Auteur: US Cert

Cisco Releases Security Updates for Multiple Products

Original release date: August 8, 2019Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and...
Auteur: US Cert

SWAPGS Spectre Side-Channel Vulnerability

Original release date: August 6, 2019The Cybersecurity and Infrastructure Security Agency (CISA) is aware of a vulnerability (CVE-2019-1125) known as SWAPGS, which is a variant of Spectre Variant 1—that affects modern computer processors. This...
Auteur: US Cert

El Paso and Dayton Tragedy-Related Scams and Malware Campaigns

Original release date: August 6, 2019In the wake of the recent shootings in El Paso, TX, and Dayton, OH, the Cybersecurity and Infrastructure Security Agency (CISA) advises users to watch out for possible malicious cyber activity seeking to...
Auteur: US Cert

VMware Releases Security Updates for Multiple Products

Original release date: August 3, 2019VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity...
Auteur: US Cert

Cylance Antivirus Vulnerability

Original release date: August 2, 2019The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Cylance Antivirus products. A remote attacker could exploit this vulnerability to take control of an affected...
Auteur: US Cert

IRS Reminds Tax Professionals: Beware Phishing Emails

Original release date: August 1, 2019The Internal Revenue Service (IRS) has issued a news release warning tax professionals of the continued threat of phishing emails. Phishing emails are one of the most common ways cyber criminals steal...
Auteur: US Cert

NIST Publishes Multifactor Authentication Practice Guide

Original release date: August 1, 2019The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) has published NIST Cybersecurity Practice Guide: Multifactor Authentication for E-Commerce. The...
Auteur: US Cert

FTC Releases Alert on the Capital One Data Breach

Original release date: August 1, 2019The Federal Trade Commission (FTC) has released an alert on the Capital One data breach that exposed the personal information of 106 million Capital One credit card customers and applicants. FTC reminds users...
Auteur: US Cert
12345678910Last

Événements SSI

LES ASSISES

Grand rendez-vous annuel des RSSI, les Assises de la sécurité des systèmes d'information se tiennent à Monaco (Grimaldi Forum) du 9 au 12 octobre 2019. Organisées par DG Consultants.

Présentation par l'organisateur



Retour sur Les Assises 2018

La 18ème édition des Assises de la Sécurité à Monaco, c’est terminé ! Encore merci aux 2800 participants dont les 160 partenaires qui pendant trois jours se sont retrouvés pour faire vivre cet événement unique en France. Conférences, one-to-one, tables-rondes, ateliers, moments de networking… Par leur contenu, par la qualité des visiteurs et par la richesse des échanges, les Assises se positionnent plus que jamais comme le rendez-vous incontournable de tous les professionnels de la cybersécurité. A l’image du marché qui ne cesse d’évoluer, les Assises savent adapter leur offre afin de répondre au mieux aux attentes du secteur. Ainsi cette édition a-t-elle voulu mettre en avant les grands enjeux du moment en multipliant les prises de parole, les démonstrations et les retours d’expérience.

Rendez-vous maintenant pour la prochaine édition qui aura lieu du 9 au 12 octobre 2019

Plus d'informations sur le site dédié à l'événement.

TRUSTECH

Cet événement international dédié aux paiements, à l'identification et à la sécurité est organisé à Cannes (palais des festivals) du 26 au 28 novembre 2019. Organisé par Comexposium.

Présentation de l'événement par l'organisateur

Les professionnels de la carte et des technologies de la confiance numérique se donnent à nouveau rendez-vous à TRUSTECH du 26 au 28 novembre 2019 au Palais des Festivals de Cannes pour l’événement annuel phare de leur écosystème.
Créé il y a plus de 30 ans sous le nom CARTES SECURE CONNEXIONS afin de promouvoir une technologie qui venait de naître, celle de la carte à puce, l’événement est rebaptisé TRUSTECH en 2016 pour mieux refléter l’évolution du secteur.
Mix plébiscité entre salon, congrès et lieu d’échanges, TRUSTECH 2019 englobe toutes les technologies impliquées sur les marchés liés aux paiements, à l'identification et à la sécurité.
En tant que Marketplace globale, TRUSTECH accueillera plus de 250 exposants internationaux, sponsors et startups, qui présenteront leurs dernières innovations, annonceront les lancements de produits et solutions sur leur stand ou à travers des sessions de pitch sur l’Innovation Stage, espace situé au cœur de l’événement.
Cette année, le cycle des conférences proposera durant 3 jours un contenu de pointe axé sur trois grands thèmes alignés sur l’offre TRUSTECH: Paiements, Identification et Sécurité.

Plus d'infos sur le site de l'événement.

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

Présentation par l'organisateur

Véritable plateforme d'échanges et de rencontres, le Forum International de la Cybersécurité (FIC) s'est imposé comme l'événement de référence en Europe en matière de sécurité et de confiance numérique. Son originalité est de mêler :
UN FORUM favorisant la réflexion et l'échange au sein de l'écosystème européen de la cybersécurité,
UN SALON dédié aux rencontres entre acheteurs et fournisseurs de solutions de cybersécurité.
Plus d'informations sur le site de l'événement.
RSS