Security CERT Global
- IBM MQ Appliance: CVSS (Max): 3.1
- IBM MQ Appliance: CVSS (Max): 7.5
- IBM MQ Appliance: CVSS (Max): 7.5
- Okta Identity and Access Management Solutions
- IBM MQ Appliance: CVSS (Max): 6.2
- IBM MQ Appliance: CVSS (Max): 6.1
- IBM MQ: CVSS (Max): 3.1
- java-1_8_0-openjdk: CVSS (Max): 3.7
- python-idna: CVSS (Max): 6.5
- python-gunicorn: CVSS (Max): 7.4
- chromium: CVSS (Max): None
- php7: CVSS (Max): 6.5
- IBM MQ: CVSS (Max): 7.5
- OpenShift Container Platform 4.15.10: CVSS (Max): 7.5
- java-1_8_0-openjdk: CVSS (Max): 3.7
- IBM MQ: CVSS (Max): 7.5
- IBM MQ: CVSS (Max): 7.4
- qemu: CVSS (Max): 8.2
- php74: CVSS (Max): 6.5
- php8: CVSS (Max): 6.5
- IBM MQ: CVSS (Max): 7.5
- java-11-openjdk: CVSS (Max): 3.7
- frr: CVSS (Max): 7.5
- openCryptoki: CVSS (Max): 5.9
- knot-resolver: CVSS (Max): 7.5
- Linux Kernel: CVSS (Max): 7.8
- OpenShift Container Platform 4.12.56: CVSS (Max): 7.5
- CERTFR-2024-AVI-0350 : Multiples vulnérabilités dans les produits IBM (26 avril 2024)
- CERTFR-2024-AVI-0349 : [SCADA] Vulnérabilité dans les produits Belden (26 avril 2024)
- CERTFR-2024-AVI-0352 : Multiples vulnérabilités dans le noyau Linux d’Ubuntu (26 avril 2024)
- CERTFR-2024-AVI-0353 : Multiples vulnérabilités dans le noyau Linux de Red Hat (26 avril 2024)
- CERTFR-2024-AVI-0351 : Multiples vulnérabilités dans le noyau Linux de SUSE (26 avril 2024)
- NIS2 – Richtlinie: Ein zweiter Blick auf den Text
- Ny chef for DKCERT udpeget
- CERT-SE:s veckobrev v.17
- JVN: 複数のHoneywell製品における複数の脆弱性
- JVN: Hitachi Energy製RTU500シリーズおよびMACH SCMにおける複数の脆弱性
- JVN: Chirp Systems製スマートフォンアプリ「Chirp Access」におけるハードコードされたパスワードの使用の脆弱性
- ALERT Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services: CVSS (Max): 8.6
- nghttp2: CVSS (Max): 7.5
- buildah: CVSS (Max): 8.6
- Siemens RUGGEDCOM APE1808 Devices: CVSS (Max): 10.0
- MozillaThunderbird: CVSS (Max): 7.5
- Hitachi Energy MACH SCM: CVSS (Max): 7.5
- yajl: CVSS (Max): 6.5
- buildah: CVSS (Max): 8.6
- OpenShift Virtualization 4.14.5 Images: CVSS (Max): 7.5
- Hitachi Energy RTU500 series: CVSS (Max): 8.2
- Honeywell Products: CVSS (Max): 8.1
- UPDATE Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software: CVSS (Max): 6.0
MGS+ ICS Security Report July 2017
MG Strategy+ ICS Security Report July 2017: Editor Picks: News Intelligence Alerts Reports
Power plant cyber threat: Lock up your ICSs and SCADAs
Nuclear power stations have been told to tighten their defences after government officials warned of a “credible” cyber threat.
Source: https://www.theregister.co.uk/2017/04/03/power_plant_cyber_threat_warning/?mt=1501259950556
AI for Security: The Ghost in the Machine (Learning)
In order to fully understand the impact of a breach, the detection of malware threats needs to be complemented by the proactive exploration of anomalous network behavior and inter-artifact relationships. This activity is supported by machine learning techniques, which can be leveraged to aggregate and classify events at an unprecedented scale.
Source: http://www.bankinfosecurity.com/webinars/ai-for-security-ghost-in-machine-learning-w-1255#.WRJKIVv99lI.twitter
Hackers Ran Through Holes in Swift’s Network
Payment-transfer network left banks largely responsible for their own cyberdefense; old passwords at Bangladesh’s central bank
Source: https://www.wsj.com/articles/hackers-ran-through-holes-in-swifts-network-1493575442
Cybersecurity of nuclear reactors
The potential for remotely turning reactors into weapons is independent of their country of origin.
Source: http://www.controlglobal.com/articles/2017/cybersecurity-of-nuclear-reactors/
The Maturation of Cybercrime
Also, Understanding the Intel Active Management Technology Flaw
Source: http://www.bankinfosecurity.com/interviews/maturation-cybercrime-i-3576#.WRJKa0EhyOo.twitter
Cybercriminals Are Building an Army of Things Creating a Tipping Point for Cybersecurity
Cybercrime is big business, and is growing at an exponential rate. British insurer Lloyd’s of London estimated the cybercrime market at $400 Billion in 2015. Today, just two years later, the World Economic Forum estimates that the total economic cost of cybercrime to currently be $3 trillion. And Cybersecurity Ventures is predicting that cybercrime will cost the world in excess of $6 trillion annually by 2021.
Source: http://blog.fortinet.com/2017/03/28/fortinet-q416-threat-landscape-report
The Department of Defense network of the future
Military operations today are characterized by complexity.
It’s impossible to know the location or underlying mission of the country’s next deployment, and nothing on the horizon suggests the future will be any less complex.
Source: https://networkingexchangeblog.att.com/business/department-defense-network-future/?bref=mbar-twitter#
Cybersecurity Threat Insights from the Eye of the Storm
Our experts dive into the fundamental security challenges organizations face in an ever-evolving threat landscape
Source: https://www.secureworks.com/blog/cybersecurity-threat-insights-from-the-eye-of-the-storm
Blockchain and Financial System Impact
Blockchain is a technology that basically distributes a ledger. For those of you in the financial management world, you know a ledger as the trusted source of transactions or facts. The same is true with blockchain. But instead of existing in a large leather bound tome or in a financial management application, blockchains are managed by a distributed set of computing resources working together to maintain that ledger.
Source: http://blog.fortinet.com/2017/03/17/blockchain-and-financial-system-impact
Israeli companies are going to set up a Latin American cyber-defense center
A group of Israeli companies led by state-owned defence contractor Israel Aerospace Industry (IAI) has won a deal worth tens of millions of dollars to establish a national cyber centre in an unnamed Latin American country.
Source: http://www.businessinsider.com/r-israeli-companies-to-set-up-latin-american-cyber-defence-centre-2017-3