Security CERT Global
- CERTFR-2024-AVI-0346 : Multiples vulnérabilités dans GitLab (25 avril 2024)
- CERTFR-2024-AVI-0347 : Multiples vulnérabilités dans les produits Cisco (25 avril 2024)
- CERTFR-2024-AVI-0344 : Multiples vulnérabilités dans les produits Mitel (25 avril 2024)
- CERTFR-2024-AVI-0345 : Vulnérabilité dans les produits Palo Alto Networks (25 avril 2024)
- CERTFR-2024-AVI-0348 : Vulnérabilité dans les produits MongoDB (25 avril 2024)
- CERTFR-2024-ALE-007 : Multiples vulnérabilités dans les produits Cisco (25 avril 2024)
- Honeywell Experion PKS, Experion LX, PlantCruise by Experion, Safety Manager, Safety Manager SC
- Hitachi Energy MACH SCM
- Siemens RUGGEDCOM APE1808 Devices Configured with Palo Alto Networks Virtual NGFW
- Multiple Vulnerabilities in Hitachi Energy RTU500 Series
- CISA Releases Eight Industrial Control Systems Advisories
- Pathways: exploring a new way to achieve Cyber Essentials certification
- Sårbarheter i Cisco-produkter utnyttjas aktivt
- Sikkerhedsopdateringer fra Cisco
- お知らせ:インシデント報告Webフォームメンテナンス(2024/05/16)のお知らせ
- CISA Adds Three Known Exploited Vulnerabilities to Catalog
- Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms
- CERTFR-2024-AVI-0342 : Multiples vulnérabilités dans NagiosXI (24 avril 2024)
- CERTFR-2024-AVI-0343 : Multiples vulnérabilités dans Google Chrome (24 avril 2024)
- Sårbarhet i Progress Flowmon
- Tager ansvar for cyberangreb på vandværk i USA
- ICS Security Conference 2024
- JVN: RoamWiFi R10における複数の脆弱性
- JVN: NETGEAR製ルーターにおけるバッファオーバーフローの脆弱性
- NETGEAR routers vulnerable to buffer overflow
- Multiple vulnerabilities in RoamWiFi R10
- Linux Kernel (Live Patch 8 for SLE 15 SP5): CVSS (Max): 7.8
- jasper: CVSS (Max): 7.5
- qemu: CVSS (Max): 8.2
- qemu: CVSS (Max): 8.2
- Linux Kernel (Live Patch 10 for SLE 15 SP5): CVSS (Max): 7.8
- Linux Kernel (Live Patch 47 for SLE 12 SP5): CVSS (Max): 7.8
- Linux kernel: CVSS (Max): 7.8
- Ruby: CVSS (Max): None
- Linux Kernel (Live Patch 6 for SLE 15 SP5): CVSS (Max): 7.8
- glibc: CVSS (Max): 8.8
- Linux Kernel: CVSS (Max): 7.8
- Linux Kernel: CVSS (Max): 7.8
- Google Guest Agent and Google OS Config Agent: CVSS (Max): 5.9
- Linux Kernel: CVSS (Max): 7.8
- kubernetes1.24: CVSS (Max): 2.7
- opensc: CVSS (Max): 4.4
- Linux Kernel: CVSS (Max): 7.8
- Linux Kernel: CVSS (Max): 7.8
- kubernetes1.23: CVSS (Max): 2.7
- Squid: CVSS (Max): 8.6
- Weekly Report: TensorFlowベースのKerasモデルに含まれるLambdaレイヤにコードインジェクションが発生する問題
- Weekly Report: CISAが「Deploying AI Systems Securely」を公表
- Weekly Report: 2024年4月Oracle Critical Patch Updateについて
- Weekly Report: LINEヤフー社製Armeria-samlにおけるSAMLメッセージ取り扱い不備
MGS+ ICS Security Report July 2017
MG Strategy+ ICS Security Report July 2017: Editor Picks: News Intelligence Alerts Reports
Power plant cyber threat: Lock up your ICSs and SCADAs
Nuclear power stations have been told to tighten their defences after government officials warned of a “credible” cyber threat.
Source: https://www.theregister.co.uk/2017/04/03/power_plant_cyber_threat_warning/?mt=1501259950556
AI for Security: The Ghost in the Machine (Learning)
In order to fully understand the impact of a breach, the detection of malware threats needs to be complemented by the proactive exploration of anomalous network behavior and inter-artifact relationships. This activity is supported by machine learning techniques, which can be leveraged to aggregate and classify events at an unprecedented scale.
Source: http://www.bankinfosecurity.com/webinars/ai-for-security-ghost-in-machine-learning-w-1255#.WRJKIVv99lI.twitter
Hackers Ran Through Holes in Swift’s Network
Payment-transfer network left banks largely responsible for their own cyberdefense; old passwords at Bangladesh’s central bank
Source: https://www.wsj.com/articles/hackers-ran-through-holes-in-swifts-network-1493575442
Cybersecurity of nuclear reactors
The potential for remotely turning reactors into weapons is independent of their country of origin.
Source: http://www.controlglobal.com/articles/2017/cybersecurity-of-nuclear-reactors/
The Maturation of Cybercrime
Also, Understanding the Intel Active Management Technology Flaw
Source: http://www.bankinfosecurity.com/interviews/maturation-cybercrime-i-3576#.WRJKa0EhyOo.twitter
Cybercriminals Are Building an Army of Things Creating a Tipping Point for Cybersecurity
Cybercrime is big business, and is growing at an exponential rate. British insurer Lloyd’s of London estimated the cybercrime market at $400 Billion in 2015. Today, just two years later, the World Economic Forum estimates that the total economic cost of cybercrime to currently be $3 trillion. And Cybersecurity Ventures is predicting that cybercrime will cost the world in excess of $6 trillion annually by 2021.
Source: http://blog.fortinet.com/2017/03/28/fortinet-q416-threat-landscape-report
The Department of Defense network of the future
Military operations today are characterized by complexity.
It’s impossible to know the location or underlying mission of the country’s next deployment, and nothing on the horizon suggests the future will be any less complex.
Source: https://networkingexchangeblog.att.com/business/department-defense-network-future/?bref=mbar-twitter#
Cybersecurity Threat Insights from the Eye of the Storm
Our experts dive into the fundamental security challenges organizations face in an ever-evolving threat landscape
Source: https://www.secureworks.com/blog/cybersecurity-threat-insights-from-the-eye-of-the-storm
Blockchain and Financial System Impact
Blockchain is a technology that basically distributes a ledger. For those of you in the financial management world, you know a ledger as the trusted source of transactions or facts. The same is true with blockchain. But instead of existing in a large leather bound tome or in a financial management application, blockchains are managed by a distributed set of computing resources working together to maintain that ledger.
Source: http://blog.fortinet.com/2017/03/17/blockchain-and-financial-system-impact
Israeli companies are going to set up a Latin American cyber-defense center
A group of Israeli companies led by state-owned defence contractor Israel Aerospace Industry (IAI) has won a deal worth tens of millions of dollars to establish a national cyber centre in an unnamed Latin American country.
Source: http://www.businessinsider.com/r-israeli-companies-to-set-up-latin-american-cyber-defence-centre-2017-3