Security CERT Global
- 'NCSC Cyber Series' podcast now available on Spotify
- JVN: PuTTY SSHクライアントのECDSA署名処理に脆弱性
- JVN: WordPress用プラグインForminatorにおける複数の脆弱性
- Multiple vulnerabilities in WordPress Plugin "Forminator"
- お知らせ:ソフトウェア等の脆弱性関連情報に関する届出状況[2024年第1四半期(1月~3月)]
- Linux Kernel: CVSS (Max): 7.8
- Red Hat Single Sign-On: CVSS (Max): 8.1
- tomcat10: CVSS (Max): 7.5
- Jenkins (core): CVSS (Max): 5.9
- Red Hat build of Keycloak 22.0.10: CVSS (Max): 8.1
- Apache HTTP Server: CVSS (Max): 7.5
- Red Hat Single Sign-On: CVSS (Max): 8.1
- Red Hat build of Keycloak: CVSS (Max): 8.1
- Cisco Integrated Management Controller (IMC): CVSS (Max): 8.7
- Red Hat Single Sign-On: CVSS (Max): 8.1
- Xen: CVSS (Max): 4.7
- Cisco IOS and IOS XE Software: CVSS (Max): None
- Cisco Integrated Management Controller (IMC): CVSS (Max): None
- jetty9: CVSS (Max): 7.5
- java-1.8.0-openjdk: CVSS (Max): 3.7
- Red Hat Single Sign-On: CVSS (Max): 8.1
- Red Hat Single Sign-On 7.6: CVSS (Max): 8.1
- firefox-esr: CVSS (Max): 7.5*
- お知らせ:JPCERT/CC 活動四半期レポート[2024年1月1日~2024年3月31日]
- お知らせ:JPCERT/CC インシデント報告対応レポート[2024年1月1日~2024年3月31日]
- CERTFR-2024-AVI-0315 : Vulnérabilité dans SolarWinds Serv-U (17 avril 2024)
- CERTFR-2024-AVI-0312 : Multiples vulnérabilités dans les produits Atlassian (17 avril 2024)
- CERTFR-2024-AVI-0313 : Multiples vulnérabilités dans Google Chrome (17 avril 2024)
- CERTFR-2024-AVI-0311 : Multiples vulnérabilités dans les produits Mozilla (17 avril 2024)
- CERTFR-2024-CTI-003 : Grands évènements sportifs en France – Évaluation de la menace 2024 (17 avril 2024)
- CERTFR-2024-AVI-0314 : Multiples vulnérabilités dans Ivanti Avalanche (17 avril 2024)
- Kritiska sårbarheter i Ivanti Avalance
- Watch all the plenaries from CYBERUK 2024 live, and for free
- Oracle GoldenGate: CVSS (Max): 7.5
- Oracle Health Sciences Applications: CVSS (Max): 6.5
- Oracle Financial Services Applications: CVSS (Max): 8.8
- Oracle Hospitality Applications: CVSS (Max): 7.5
- Oracle E-Business Suite: CVSS (Max): 9.1
- Oracle Fusion Middleware: CVSS (Max): 9.8
- Oracle Global Lifecycle Management: CVSS (Max): 5.9
- Oracle HealthCare Applications: CVSS (Max): 9.8
- Oracle Enterprise Manager: CVSS (Max): 9.8
- Oracle Food and Beverage Applications: CVSS (Max): 9.9
- JVN: Measuresoft製ScadaProにおける不適切なアクセス制御の脆弱性
- JVN: Electrolink製FM/DAB/TV Transmitterにおける複数の脆弱性
- JVN: 複数のRockwell Automation製品における不適切な入力確認の脆弱性
- JVN: RoboDKにおけるヒープベースのバッファオーバーフローの脆弱性
- Oracle Construction and Engineering: CVSS (Max): 8.2
- Atlassian Products: CVSS (Max): 8.2*
- Oracle Database Server: CVSS (Max): 5.9
Four myths about networking and cybersecurity related to operations technology (OT) systems are highlighted as well as three pillars for securing industrial networks
Industrial network security best practice advice -Four myths about networking and cybersecurity related to operations technology (OT) systems are highlighted […]
Strategic Efficiency Consortium Security Intelligence Data Platform: Work Flow + Content Map – Jan 2019
SEC Industrial Security Intelligence Data Platform Work Flow SEC Industrial Security Intelligence Data Platform Content Map Updated Jan 2019 Document: […]
SEC Industrial Security Intelligence Data Platform 2019 Document
Strategic Efficiency Consortium Platform Work Flow Content Map Updated for 2019. SEC Industrial Security Intelligence Data Platform 2019 Document Document: […]
Building a Threat Intelligence Framework to Defend Against Cyberattacks
Goals Before Data What systems, data, and other digital assets must be protected? How do you anticipate threat intelligence will […]
Threat Intelligence’s Big Data Problem
Threat Intelligence’s Big Data Problem Security teams are drowning in often useless threat intel data, but signs of maturity are […]
Finding The ROI Of Threat Intelligence: 5 Steps
Finding The ROI Of Threat Intelligence: 5 Steps Advice from a former SOC manager on how to leverage threat intel […]
6 Surprising Benefits of Threat Intelligence From the Web
6 Surprising Benefits of Threat Intelligence From the Web Key Takeaways The internet is the single greatest learning resource ever […]
Threat Intelligence, Information, and Data: What Is the Difference?
Threat Intelligence, Information, and Data: What Is the Difference? Key Takeaways There’s a huge difference between threat data, information, and […]
SEC Automation: Choosing the Right Systems Integrator for your Automation Project
Choosing the Right Systems Integrator for your Automation Project – Industrial Control Systems: SCADA – Systems Integrators Many automation system projects […]