Security CERT Global
- #StopRansomware: Black Basta
- CISA and Partners Release Advisory on Black Basta Ransomware
- CERTFR-2024-AVI-0385 : Multiples vulnérabilités dans les produits IBM (10 mai 2024)
- CERTFR-2024-AVI-0379 : Vulnérabilité dans HPE Aruba Networking AOS-CX (10 mai 2024)
- CERTFR-2024-AVI-0382 : Multiples vulnérabilités dans le noyau Linux de RedHat (10 mai 2024)
- CERTFR-2024-AVI-0384 : Multiples vulnérabilités dans le noyau Linux de SUSE (10 mai 2024)
- CERTFR-2024-AVI-0374 : Vulnérabilité dans Veeam Service Provider Console (10 mai 2024)
- CERTFR-2024-AVI-0370 : Vulnérabilité dans iTunes pour Windows (10 mai 2024)
- CERTFR-2024-AVI-0377 : Multiples vulnérabilités dans les produits F5 (10 mai 2024)
- CERTFR-2024-AVI-0373 : Vulnérabilité dans PostgreSQL (10 mai 2024)
- CERTFR-2024-AVI-0376 : Multiples vulnérabilités dans GitLab (10 mai 2024)
- CERTFR-2024-AVI-0378 : Multiples vulnérabilités dans Juniper Junos OS (10 mai 2024)
- CERTFR-2024-AVI-0381 : Multiples vulnérabilités dans le noyau Linux de Debian (10 mai 2024)
- CERTFR-2024-AVI-0372 : Multiples vulnérabilités dans Google Chrome (10 mai 2024)
- CERTFR-2024-AVI-0380 : Multiples vulnérabilités dans les produits NetApp (10 mai 2024)
- CERTFR-2024-AVI-0375 : Vulnérabilité dans Xen (10 mai 2024)
- CERTFR-2024-AVI-0371 : Multiples vulnérabilités dans Google Android (10 mai 2024)
- CERTFR-2024-AVI-0383 : Multiples vulnérabilités dans le noyau Linux d’Ubuntu (10 mai 2024)
- CERT-SE:s veckobrev v.19
- JVN: Alpitronic製Hypercharger EV chargerにおける認証情報を初期設定のまま使用する脆弱性
- JVN: Rockwell Automation製FactoryTalk Historian SEにおける複数の脆弱性
- JVN: Delta Electronics製InfraSuite Device Masterにおける信頼できないデータのデシリアライゼーションの脆弱性
- UPDATE alpitronic Hypercharger EV Charger: CVSS (Max): 8.2
- JVN: Central Dogmaにおけるクロスサイトスクリプティングの脆弱性
- JVN: DHCPのオプション121を利用したVPNのカプセル化回避の問題
- JVN: スマートフォンアプリ「OfferBox」における秘密鍵がハードコードされている問題
- JVN: MosP勤怠管理における複数の脆弱性
- JVN: Phormerにおけるクロスサイトスクリプティングの脆弱性
- Central Dogma vulnerable to cross-site scripting
- Phormer vulnerable to cross-site scripting
- "OfferBox" App uses a hard-coded secret key
- Red Hat build of MicroShift 4.15.12: CVSS (Max): 7.5
- OpenShift Container Platform 4.14.24: CVSS (Max): 8.6
- squid:4: CVSS (Max): 8.6
- dav1d: CVSS (Max): 5.9
- nodejs:16: CVSS (Max): 7.5
- libpgjava: CVSS (Max): 10.0
- Linux Kernel (Live Patch 39 for SLE 15 SP2): CVSS (Max): 7.8
- Fossil: CVSS (Max): None
- nodejs:20: CVSS (Max): 7.5
- OpenShift Container Platform 4.15.12: CVSS (Max): 8.6
- Red Hat build of MicroShift 4.14.24: CVSS (Max): 7.5
- nodejs:18: CVSS (Max): 7.5
- nodejs:18: CVSS (Max): 7.5
- Google Chrome: CVSS (Max): None
- Junos OS and Junos OS Evolved: CVSS (Max): 9.8
- Red Hat build of Quarkus 3.2.12: CVSS (Max): 7.0
- OpenShift Container Platform 4.14.24 security and extras: CVSS (Max): 5.9
- alpitronic Hypercharger EV Charger
- Rockwell Automation FactoryTalk Historian SE
IT-OT collaboration needs context and increased visibility –
IT-OT collaboration needs context and increased visibility – Information technology (IT) and operational technology (OT) are continuing the process of […]
Secure design principles: Guides for the design of Cyber Secure systems: Security design principles and virtualisation
Secure design principles:Guides for the design of Cyber Secure systems:Security design principles and virtualisationhttps://www.ncsc.gov.uk/collection/cyber-security-design-principles/examples/study-virtualisationicssecurity, infosec, cybersecurity, criticalinfrastructure, IndustrialControlSystems, virtualisation
Secure design principles: Guides for the design of Cyber Secure systems: Design principles and Operational Technology
Secure design principles:Guides for the design of Cyber Secure systems:Design principles and Operational Technologyhttps://www.ncsc.gov.uk/collection/cyber-security-design-principles/examples/study-operational-techicssecurity, infosec, cybersecurity, criticalinfrastructure, IndustrialControlSystems, OT
Cybersecurity Capability Maturity Model (C2M2) Program
Cybersecurity Capability Maturity Model (C2M2) Programhttps://www.energy.gov/ceser/activities/cybersecurity-critical-energy-infrastructure/energy-sector-cybersecurity-0 icssecurity, infosec, cybersecurity, criticalinfrastructure, IndustrialControlSystems
Strategic Efficiency Consortium Security Intelligence Data Platform: Work Flow + Content Map – Jan 2019
SEC Industrial Security Intelligence Data Platform Work Flow SEC Industrial Security Intelligence Data Platform Content Map Updated Jan 2019 Document: […]
SEC Industrial Security Intelligence Data Platform 2019 Document
Strategic Efficiency Consortium Platform Work Flow Content Map Updated for 2019. SEC Industrial Security Intelligence Data Platform 2019 Document Document: […]
Strategic Efficiency Consortium Security Intelligence Reading and References – SEC Report
Reading and References Competitive Intelligence – CI For Beginners Part 1: Insight Work “Intelligence is a set […]
SEC Threat Intelligence as a Critical Organizational Need – SEC Report
The critical need for an evidence based, automated, holistic approach of the threat landscape. These are challenging times […]
SEC Security Data Services – SEC Report
This service is specifically designed to deliver well defined deliverables into critical intelligence demands of our client. These […]