Security CERT Global
- CISA and ENISA enhance their Cooperation
- VU#811862: Image files in UEFI can be abused to modify boot behavior
- CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps
- CERTFR-2023-AVI-0998 : Multiples vulnérabilités dans Google Chrome (06 décembre 2023)
- CERTFR-2023-AVI-0997 : Vulnérabilité dans SolarWinds Serv-U (06 décembre 2023)
- CERTFR-2023-AVI-1000 : Multiples vulnérabilités dans Progress MOVEit Transfer (06 décembre 2023)
- CERTFR-2023-AVI-1001 : Vulnérabilité dans Atlassian Confluence (06 décembre 2023)
- CERTFR-2023-AVI-0999 : Vulnérabilité dans ElasticSearch pour Hadoop (06 décembre 2023)
- Kritisk RCE-sårbarhet i Confluence-produkter
- Warfare and Geopolitics are Fuelling Denial-of-Service Attacks
- Oracle Security Update
- SUSE Security Update
- Lenovo Security Update
- Red Hat Security Update
- Mageia Security Update
- Chrome Security Update
- MediaTek Security Update
- Ubuntu Security Update
- IBM Security Update
- Dell Security Update
- Android Security Update
- JVN: Zebra Technologies製ZTCプリンターにおける代替パスまたはチャネルを使用した認証回避の脆弱性
- JVN: 複数のCODESYS Control製品におけるOSコマンドインジェクションの脆弱性
- JVN: FXC製無線LANルータ「AE1021PE」および「AE1021」におけるOSコマンドインジェクションの脆弱性
- お知らせ:制御システムセキュリティカンファレンス 2024参加登録開始
- FXC wireless LAN routers "AE1021PE" and "AE1021" vulnerable to OS command injection
- ESB-2023.7260 - [RedHat] OpenShift Container Platform 4.14.5: CVSS (Max): 7.5
- ESB-2023.7265 - [Ubuntu] Linux kernel: CVSS (Max): 8.8
- ESB-2023.7261 - [Appliance] Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d: CVSS (Max): 5.4
- ESB-2023.7257 - [Ubuntu] Redis: CVSS (Max): 8.8
- ESB-2023.7263 - [RedHat] postgresql:12: CVSS (Max): 8.8
- ESB-2023.7258 - [Ubuntu] HAProxy: CVSS (Max): 7.5
- ESB-2023.7264 - [Cisco] Cisco Systems: CVSS (Max): 4.1
- ESB-2023.7259 - [RedHat] Service Registry: CVSS (Max): 8.1
- ESB-2023.7266 - [Ubuntu] Linux kernel (OEM): CVSS (Max): 7.0
- ESB-2023.7262 - [Win][UNIX/Linux] Google Chrome: CVSS (Max): None
- Weekly Report: 複数のApple製品に脆弱性
- Weekly Report: JPCERT/CCが「ICS脆弱性分析レポート - 2023年度上期 -」を公開
- Weekly Report: Apache Tomcatにリクエストスマグリングの脆弱性
- Weekly Report: Ruckus Access Pointにクロスサイトスクリプティングの脆弱性
- Weekly Report: Google Chromeに複数の脆弱性
- CISA Adds Four Known Exploited Vulnerabilities to Catalog
- Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d
- CISA Releases Two Industrial Control Systems Advisories
- CERTFR-2023-AVI-0994 : Multiples vulnérabilités dans SonicWall SMA (05 décembre 2023)
- CERTFR-2023-AVI-0996 : Vulnérabilité dans TheGreenBow VPN Client (05 décembre 2023)
- CERTFR-2023-AVI-0995 : Multiples vulnérabilités dans Google Android (05 décembre 2023)
- CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion
- Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers
- お知らせ:JPCERT/CC Eyes「サイバー攻撃被害に係る情報の意図しない開示がもたらす情報共有活動への影響について」
Secure design principles: Guides for the design of Cyber Secure systems: Security design principles and virtualisation
Secure design principles:Guides for the design of Cyber Secure systems:Security design principles and virtualisationhttps://www.ncsc.gov.uk/collection/cyber-security-design-principles/examples/study-virtualisationicssecurity, infosec, cybersecurity, criticalinfrastructure, IndustrialControlSystems, virtualisation
Secure design principles: Guides for the design of Cyber Secure systems: Design principles and Operational Technology
Secure design principles:Guides for the design of Cyber Secure systems:Design principles and Operational Technologyhttps://www.ncsc.gov.uk/collection/cyber-security-design-principles/examples/study-operational-techicssecurity, infosec, cybersecurity, criticalinfrastructure, IndustrialControlSystems, OT
Cybersecurity Capability Maturity Model (C2M2) Program
Cybersecurity Capability Maturity Model (C2M2) Programhttps://www.energy.gov/ceser/activities/cybersecurity-critical-energy-infrastructure/energy-sector-cybersecurity-0 icssecurity, infosec, cybersecurity, criticalinfrastructure, IndustrialControlSystems
Strategic Efficiency Consortium Security Intelligence Data Platform: Work Flow + Content Map – Jan 2019
SEC Industrial Security Intelligence Data Platform Work Flow SEC Industrial Security Intelligence Data Platform Content Map Updated Jan 2019 Document: […]
SEC Industrial Security Intelligence Data Platform 2019 Document
Strategic Efficiency Consortium Platform Work Flow Content Map Updated for 2019. SEC Industrial Security Intelligence Data Platform 2019 Document Document: […]
Strategic Efficiency Consortium Security Intelligence Reading and References – SEC Report
Reading and References Competitive Intelligence – CI For Beginners Part 1: Insight Work “Intelligence is a set […]
SEC Threat Intelligence as a Critical Organizational Need – SEC Report
The critical need for an evidence based, automated, holistic approach of the threat landscape. These are challenging times […]
SEC Security Data Services – SEC Report
This service is specifically designed to deliver well defined deliverables into critical intelligence demands of our client. These […]