Security CERT Global
- KEYENCE VT STUDIO may insecurely load Dynamic Link Libraries
- Multiple vulnerabilities in KEYENCE KV STUDIO and KV REPLAY VIEWER
- JVN: スマートフォンアプリ「Yahoo! JAPAN」におけるクロスサイトスクリプティングの脆弱性
- "Yahoo! JAPAN" App vulnerable to cross-site scripting
- JSAC2024 -Day 1-
- CERTFR-2024-AVI-0255 : Vulnérabilité dans GLPI (28 mars 2024)
- CERTFR-2024-AVI-0261 : Multiples vulnérabilités dans Microsoft Edge (28 mars 2024)
- CERTFR-2024-AVI-0260 : Multiples vulnérabilités dans les produits Cisco (28 mars 2024)
- CERTFR-2024-AVI-0256 : Vulnérabilité dans Wireshark (28 mars 2024)
- CERTFR-2024-AVI-0257 : Multiples vulnérabilités dans Elasticsearch (28 mars 2024)
- CERTFR-2024-AVI-0258 : Multiples vulnérabilités dans les produits Splunk (28 mars 2024)
- CERTFR-2024-AVI-0259 : Multiples vulnérabilités dans GitLab (28 mars 2024)
- CERT-SE:s veckobrev v.13
- JVN: EC-CUBE における認可回避の脆弱性
- Linux Kernel: CVSS (Max): 7.8
- gnutls: CVSS (Max): 5.9
- axis: CVSS (Max): 4.9
- sudo: CVSS (Max): 7.0
- Linux Kernel: CVSS (Max): 7.8
- jbcrypt and trilead-ssh2: CVSS (Max): 5.9
- java-1_8_0-openjdk: CVSS (Max): 7.4
- openssl1: CVSS (Max): 3.3
- openssl-1_1: CVSS (Max): 3.3
- xen: CVSS (Max): 6.5
- python3: CVSS (Max): 8.4
- axis: CVSS (Max): 4.9
- MozillaFirefox: CVSS (Max): 8.1
- openssl-1_1: CVSS (Max): 3.3
- Linux Kernel: CVSS (Max): 7.8
- openssl-1_0_0: CVSS (Max): 3.3
- openssl: CVSS (Max): 3.3
- zziplib: CVSS (Max): 4.0
- compat-openssl098: CVSS (Max): 3.3
- Linux Kernel: CVSS (Max): 7.8
- unixODBC: CVSS (Max): 7.1
- Thunderbird: CVSS (Max): 7.5
- OpenShift Container Platform 4.13.38 low-latency extras: CVSS (Max): 5.9
- Cisco IOS Software and Cisco IOS XE Software: CVSS (Max): 8.6
- Red Hat Satellite 6.14: CVSS (Max): 7.5
- cpio: CVSS (Max): 4.0
- python39: CVSS (Max): 8.4
- OpenShift Container Platform 4.12 low-latency extras: CVSS (Max): 5.9
- libvirt: CVSS (Max): 5.5
- Cisco IOS XE Software: CVSS (Max): 7.4
- logging for Red Hat OpenShift: CVSS (Max): 5.9
- logging for Red Hat OpenShift: CVSS (Max): 5.9
- shadow: CVSS (Max): 5.5
- krb5: CVSS (Max): 7.5
- avahi: CVSS (Max): 6.2
- EC-CUBE vulnerable to authorization bypass
MGS+ ICS Security Report July 2017
MG Strategy+ ICS Security Report July 2017: Editor Picks: News Intelligence Alerts Reports
Power plant cyber threat: Lock up your ICSs and SCADAs
Nuclear power stations have been told to tighten their defences after government officials warned of a “credible” cyber threat.
Source: https://www.theregister.co.uk/2017/04/03/power_plant_cyber_threat_warning/?mt=1501259950556
AI for Security: The Ghost in the Machine (Learning)
In order to fully understand the impact of a breach, the detection of malware threats needs to be complemented by the proactive exploration of anomalous network behavior and inter-artifact relationships. This activity is supported by machine learning techniques, which can be leveraged to aggregate and classify events at an unprecedented scale.
Source: http://www.bankinfosecurity.com/webinars/ai-for-security-ghost-in-machine-learning-w-1255#.WRJKIVv99lI.twitter
Hackers Ran Through Holes in Swift’s Network
Payment-transfer network left banks largely responsible for their own cyberdefense; old passwords at Bangladesh’s central bank
Source: https://www.wsj.com/articles/hackers-ran-through-holes-in-swifts-network-1493575442
Cybersecurity of nuclear reactors
The potential for remotely turning reactors into weapons is independent of their country of origin.
Source: http://www.controlglobal.com/articles/2017/cybersecurity-of-nuclear-reactors/
The Maturation of Cybercrime
Also, Understanding the Intel Active Management Technology Flaw
Source: http://www.bankinfosecurity.com/interviews/maturation-cybercrime-i-3576#.WRJKa0EhyOo.twitter
Cybercriminals Are Building an Army of Things Creating a Tipping Point for Cybersecurity
Cybercrime is big business, and is growing at an exponential rate. British insurer Lloyd’s of London estimated the cybercrime market at $400 Billion in 2015. Today, just two years later, the World Economic Forum estimates that the total economic cost of cybercrime to currently be $3 trillion. And Cybersecurity Ventures is predicting that cybercrime will cost the world in excess of $6 trillion annually by 2021.
Source: http://blog.fortinet.com/2017/03/28/fortinet-q416-threat-landscape-report
The Department of Defense network of the future
Military operations today are characterized by complexity.
It’s impossible to know the location or underlying mission of the country’s next deployment, and nothing on the horizon suggests the future will be any less complex.
Source: https://networkingexchangeblog.att.com/business/department-defense-network-future/?bref=mbar-twitter#
Cybersecurity Threat Insights from the Eye of the Storm
Our experts dive into the fundamental security challenges organizations face in an ever-evolving threat landscape
Source: https://www.secureworks.com/blog/cybersecurity-threat-insights-from-the-eye-of-the-storm
Blockchain and Financial System Impact
Blockchain is a technology that basically distributes a ledger. For those of you in the financial management world, you know a ledger as the trusted source of transactions or facts. The same is true with blockchain. But instead of existing in a large leather bound tome or in a financial management application, blockchains are managed by a distributed set of computing resources working together to maintain that ledger.
Source: http://blog.fortinet.com/2017/03/17/blockchain-and-financial-system-impact
Israeli companies are going to set up a Latin American cyber-defense center
A group of Israeli companies led by state-owned defence contractor Israel Aerospace Industry (IAI) has won a deal worth tens of millions of dollars to establish a national cyber centre in an unnamed Latin American country.
Source: http://www.businessinsider.com/r-israeli-companies-to-set-up-latin-american-cyber-defence-centre-2017-3