dimanche 21 avril 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Drupal Releases Security Updates

Original release date: April 17, 2019 Drupal has released security updates to address multiple vulnerabilities in Drupal Core. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The...
Auteur: US Cert

Cisco Releases Security Update for Cisco IOS XR

Original release date: April 17, 2019 Cisco has released a security update to address a vulnerability in Cisco IOS XR. A remote attacker could exploit this vulnerability to take control of an affected system.The Cybersecurity and...
Auteur: US Cert

ICSJWG Spring Meeting April 23–25

Original release date: April 17, 2019 The Industrial Control Systems Joint Working Group (ICSJWG)—a collaborative and coordinating body operating under the Critical Infrastructure Partnership Advisory Council framework—will hold the 2019...
Auteur: US Cert

Multiple Vulnerabilities in Broadcom WiFi Chipset Drivers

Original release date: April 17, 2019 The CERT Coordination Center (CERT/CC) has released information on multiple vulnerabilities in Broadcom WiFi chipset drivers. A remote attacker could exploit some of these vulnerabilities to take...
Auteur: US Cert

VU#166939: Broadcom WiFi chipset drivers contain multiple vulnerabilities

Vulnerabilities in the open source brcmfmac driver: CVE-2019-9503:If the brcmfmac driver receives a firmware event frame from a remote source,the is_wlc_event_frame function will cause this frame to be discarded and not be processed. If the...
Auteur: US Cert

Oracle Releases April 2019 Security Bulletin

Original release date: April 16, 2019 Oracle has released its Critical Patch Update for April 2019 to address 297 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an...
Auteur: US Cert

Apache Releases Security Updates for Apache Tomcat

Original release date: April 14, 2019 The Apache Software Foundation has released Apache Tomcat versions 7.0.94 and 8.5.40 to address a vulnerability. A remote attacker could exploit this vulnerability to take control of an affected...
Auteur: US Cert

Multiple Vulnerabilities in WPA3 Protocol

Original release date: April 12, 2019 The CERT Coordination Center (CERT/CC) has released information on vulnerabilities—referred to as Dragonblood—in WPA3 protocol. A remote attacker could exploit some of these vulnerabilities to take...
Auteur: US Cert

VU#871675: Multiple vulnerabilities identified in WPA3 protocol design and implementations of hostapd and wpa_supplicant components

CERT continues to review the WPA3 protocol in support of this body of research. The root cause of the numerous"implementation"vulnerabilities may involve modifying the protocol. WPA3 uses Simultaneous Authentication of Equals(SAE),also known as...
Auteur: US Cert

VMware Releases Security Updates

Original release date: April 12, 2019 VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to obtain sensitive information.The...
Auteur: US Cert

Vulnerability in Multiple VPN Applications

Original release date: April 12, 2019 The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting multiple Virtual Private Network (VPN) applications. An attacker could exploit this vulnerability to take...
Auteur: US Cert

VU#192371: Multiple VPN applications insecurely store session cookies

Virtual Private Networks(VPNs)are used to create a secure connection with another network over the internet. Multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files. CWE-311:Missing...
Auteur: US Cert

Juniper Networks Releases Multiple Security Updates

Original release date: April 10, 2019 Juniper Networks has released multiple security updates to address vulnerabilities in various Juniper products. An attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

North Korean Malicious Cyber Activity

Original release date: April 10, 2019 The Department of Homeland Security and the Federal Bureau of Investigation have released a Malware Analysis Report (MAR), identifying a Trojan malware variant—referred to as HOPLIGHT—used by the North...
Auteur: US Cert

Microsoft Releases April 2019 Security Updates

Original release date: April 09, 2019 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The...
Auteur: US Cert

Adobe Releases Security Updates

Original release date: April 09, 2019 Adobe has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The...
Auteur: US Cert

Intel Releases Security Updates, Mitigations for Multiple Products

Original release date: April 09, 2019 Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected...
Auteur: US Cert

VU#174715: MyCar Controls uses hard-coded credentials

MyCar is a small aftermarket telematics unit from AutoMobility Distribution Inc. MyCar add smartphone-controlled geolocation,remote start/stop and lock/unlock capabilities to a vehicle with a compatible remote start unit. The MyCar Controls...
Auteur: US Cert

Samba Releases Security Updates

Original release date: April 08, 2019 The Samba Team has released security updates to address vulnerabilities in Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and...
Auteur: US Cert

Apache Releases Security Update for Apache HTTP Server

Original release date: April 04, 2019 The Apache Software Foundation has released Apache HTTP Server version 2.4.39 to address multiple vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected...
Auteur: US Cert

MS-ISAC Releases Security Primer on LockerGoga Ransomware

Original release date: April 01, 2019 The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released a Security Primer on LockerGoga Ransomware—a type of malicious software, or malware, designed to deny access to a computer...
Auteur: US Cert

Supply Chain Integrity Month

Original release date: April 01, 2019 April is Supply Chain Integrity Month. The Cybersecurity and Infrastructure Security Agency (CISA), the Office of the Director of National Intelligence (ODNI), and the Department of Defense (DOD) are...
Auteur: US Cert

VMware Releases Security Updates

Original release date: March 29, 2019 VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and...
Auteur: US Cert

Cisco Releases Security Update for Cisco IOS XE

Original release date: March 28, 2019 Cisco has released a security update to address a vulnerability in Cisco IOS XE. An attacker could exploit this vulnerability to obtain sensitive information.The Cybersecurity and Infrastructure...
Auteur: US Cert

Cisco Releases Security Updates for Multiple Products

Original release date: March 27, 2019 Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The...
Auteur: US Cert
12345678910Last

Événements SSI

READY FOR IT

La première édition de Ready For IT se déroule du 20 au 22 mai 2019 à Monaco (Grimaldi Forum) : conférences, keynotes, ateliers et rendez-vous one-to-one. Organisé par DG Consultants.

Présentation de l'événement par l'organisateur

DG Consultants, l’organisateur depuis 18 ans des Assises de la Sécurité, innove en lançant Ready For It, un nouveau rendez-vous business, centré sur la convergence des technologies et l’expérience client.
Pourquoi ce nouvel événement ?
Parce que la demande explose de la part des entreprises qui sont toutes engagées dans la transformation numérique.
Tandis que les fournisseurs font évoluer leurs offres et s’organisent en écosystèmes technologiques afin d’ être au plus proches des besoins de leurs clients.
Entre les impératifs business, les demandes des métiers, les contraintes techniques, les promesses des nouveaux concepts (IA, BlockChain…), les organisations sont en attente de solutions, de conseils et de service.
S’engager dans le Cloud ?
Oui mais comment et avec quel partenaire ?
Structurer les données mais avec quelles technologies et dans quel cadre ? Et quid de la sécurité qui doit désormais être au cœur de tous les processus IT ?
Voilà pourquoi DG Consultants, la référence dans le monde des rencontres d’affaires a conçu Ready For It.
Pour réunir dans un cadre convivial et autour de contenu de qualité tous les acteurs importants de l’IT, mais également les start-ups qui savent apporter l’innovation et la « disruption ».
Rendez-vous du 20 au 22 mai 2019 à Monaco !

Plus d'infos sur le site dédié à l'événement.

 

HACK IN PARIS

Pour sa 9ème édition la conférence Hack In Paris sur la sécurité IT se tient du 16 au 20 juin 2019 à Paris, Maison de la Chimie. Organisée par Sysdream.

RSS