Security CERT Global
- CISA and ENISA enhance their Cooperation
- VU#811862: Image files in UEFI can be abused to modify boot behavior
- CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps
- CERTFR-2023-AVI-0998 : Multiples vulnérabilités dans Google Chrome (06 décembre 2023)
- CERTFR-2023-AVI-0997 : Vulnérabilité dans SolarWinds Serv-U (06 décembre 2023)
- CERTFR-2023-AVI-1000 : Multiples vulnérabilités dans Progress MOVEit Transfer (06 décembre 2023)
- CERTFR-2023-AVI-1001 : Vulnérabilité dans Atlassian Confluence (06 décembre 2023)
- CERTFR-2023-AVI-0999 : Vulnérabilité dans ElasticSearch pour Hadoop (06 décembre 2023)
- Kritisk RCE-sårbarhet i Confluence-produkter
- Warfare and Geopolitics are Fuelling Denial-of-Service Attacks
- Oracle Security Update
- SUSE Security Update
- Lenovo Security Update
- Red Hat Security Update
- Mageia Security Update
- Chrome Security Update
- MediaTek Security Update
- Ubuntu Security Update
- IBM Security Update
- Dell Security Update
- Android Security Update
- JVN: Zebra Technologies製ZTCプリンターにおける代替パスまたはチャネルを使用した認証回避の脆弱性
- JVN: 複数のCODESYS Control製品におけるOSコマンドインジェクションの脆弱性
- JVN: FXC製無線LANルータ「AE1021PE」および「AE1021」におけるOSコマンドインジェクションの脆弱性
- お知らせ:制御システムセキュリティカンファレンス 2024参加登録開始
- FXC wireless LAN routers "AE1021PE" and "AE1021" vulnerable to OS command injection
- ESB-2023.7260 - [RedHat] OpenShift Container Platform 4.14.5: CVSS (Max): 7.5
- ESB-2023.7265 - [Ubuntu] Linux kernel: CVSS (Max): 8.8
- ESB-2023.7261 - [Appliance] Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d: CVSS (Max): 5.4
- ESB-2023.7257 - [Ubuntu] Redis: CVSS (Max): 8.8
- ESB-2023.7263 - [RedHat] postgresql:12: CVSS (Max): 8.8
- ESB-2023.7258 - [Ubuntu] HAProxy: CVSS (Max): 7.5
- ESB-2023.7264 - [Cisco] Cisco Systems: CVSS (Max): 4.1
- ESB-2023.7259 - [RedHat] Service Registry: CVSS (Max): 8.1
- ESB-2023.7266 - [Ubuntu] Linux kernel (OEM): CVSS (Max): 7.0
- ESB-2023.7262 - [Win][UNIX/Linux] Google Chrome: CVSS (Max): None
- Weekly Report: 複数のApple製品に脆弱性
- Weekly Report: JPCERT/CCが「ICS脆弱性分析レポート - 2023年度上期 -」を公開
- Weekly Report: Apache Tomcatにリクエストスマグリングの脆弱性
- Weekly Report: Ruckus Access Pointにクロスサイトスクリプティングの脆弱性
- Weekly Report: Google Chromeに複数の脆弱性
- CISA Adds Four Known Exploited Vulnerabilities to Catalog
- Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d
- CISA Releases Two Industrial Control Systems Advisories
- CERTFR-2023-AVI-0994 : Multiples vulnérabilités dans SonicWall SMA (05 décembre 2023)
- CERTFR-2023-AVI-0996 : Vulnérabilité dans TheGreenBow VPN Client (05 décembre 2023)
- CERTFR-2023-AVI-0995 : Multiples vulnérabilités dans Google Android (05 décembre 2023)
- CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion
- Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers
- お知らせ:JPCERT/CC Eyes「サイバー攻撃被害に係る情報の意図しない開示がもたらす情報共有活動への影響について」
Four myths about networking and cybersecurity related to operations technology (OT) systems are highlighted as well as three pillars for securing industrial networks
Industrial network security best practice advice -Four myths about networking and cybersecurity related to operations technology (OT) systems are highlighted […]
Strategic Efficiency Consortium Security Intelligence Data Platform: Work Flow + Content Map – Jan 2019
SEC Industrial Security Intelligence Data Platform Work Flow SEC Industrial Security Intelligence Data Platform Content Map Updated Jan 2019 Document: […]
SEC Industrial Security Intelligence Data Platform 2019 Document
Strategic Efficiency Consortium Platform Work Flow Content Map Updated for 2019. SEC Industrial Security Intelligence Data Platform 2019 Document Document: […]
Building a Threat Intelligence Framework to Defend Against Cyberattacks
Goals Before Data What systems, data, and other digital assets must be protected? How do you anticipate threat intelligence will […]
Threat Intelligence’s Big Data Problem
Threat Intelligence’s Big Data Problem Security teams are drowning in often useless threat intel data, but signs of maturity are […]
Finding The ROI Of Threat Intelligence: 5 Steps
Finding The ROI Of Threat Intelligence: 5 Steps Advice from a former SOC manager on how to leverage threat intel […]
6 Surprising Benefits of Threat Intelligence From the Web
6 Surprising Benefits of Threat Intelligence From the Web Key Takeaways The internet is the single greatest learning resource ever […]
Threat Intelligence, Information, and Data: What Is the Difference?
Threat Intelligence, Information, and Data: What Is the Difference? Key Takeaways There’s a huge difference between threat data, information, and […]
SEC Automation: Choosing the Right Systems Integrator for your Automation Project
Choosing the Right Systems Integrator for your Automation Project – Industrial Control Systems: SCADA – Systems Integrators Many automation system projects […]