Security CERT Global
- CISA Adds Three Known Exploited Vulnerabilities to Catalog
- Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms
- CERTFR-2024-AVI-0343 : Multiples vulnérabilités dans Google Chrome (24 avril 2024)
- CERTFR-2024-AVI-0342 : Multiples vulnérabilités dans NagiosXI (24 avril 2024)
- Sårbarhet i Progress Flowmon
- Tager ansvar for cyberangreb på vandværk i USA
- ICS Security Conference 2024
- JVN: RoamWiFi R10における複数の脆弱性
- JVN: NETGEAR製ルーターにおけるバッファオーバーフローの脆弱性
- NETGEAR routers vulnerable to buffer overflow
- Multiple vulnerabilities in RoamWiFi R10
- Ruby: CVSS (Max): None
- qemu: CVSS (Max): 8.2
- Linux Kernel (Live Patch 10 for SLE 15 SP5): CVSS (Max): 7.8
- Linux kernel: CVSS (Max): 7.8
- qemu: CVSS (Max): 8.2
- jasper: CVSS (Max): 7.5
- Linux Kernel (Live Patch 8 for SLE 15 SP5): CVSS (Max): 7.8
- Linux Kernel (Live Patch 47 for SLE 12 SP5): CVSS (Max): 7.8
- Linux Kernel (Live Patch 6 for SLE 15 SP5): CVSS (Max): 7.8
- kubernetes1.23: CVSS (Max): 2.7
- Linux Kernel: CVSS (Max): 7.8
- Linux Kernel: CVSS (Max): 7.8
- kubernetes1.24: CVSS (Max): 2.7
- Linux Kernel: CVSS (Max): 7.8
- opensc: CVSS (Max): 4.4
- Squid: CVSS (Max): 8.6
- glibc: CVSS (Max): 8.8
- Google Guest Agent and Google OS Config Agent: CVSS (Max): 5.9
- Linux Kernel: CVSS (Max): 7.8
- Linux Kernel: CVSS (Max): 7.8
- Weekly Report: 経済産業省が「工場システムにおけるサイバー・フィジカル・セキュリティ対策ガイドラインVer 1.0」および「工場システムにおけるサイバー・フィジカル・セキュリティ対策ガイドライン【別冊:スマート化を進める上でのポイント】」の英訳版を公表
- Weekly Report: LINEヤフー社製Armeria-samlにおけるSAMLメッセージ取り扱い不備
- Weekly Report: CISAが「Deploying AI Systems Securely」を公表
- Weekly Report: Proscend Communications製M330-WおよびM330-W5におけるOSコマンドインジェクションの脆弱性
- Weekly Report: IPAが「アタックサーフェスの Operational Relay Box 化を伴うネットワーク貫通型攻撃について Adobe ColdFusion の脆弱性(CVE-2023-29300)を狙う攻撃」に関する注意喚起を公表
- Weekly Report: LINE client for iOSにおけるサーバ証明書の検証不備の脆弱性
- Weekly Report: WordPress用プラグインForminatorにおける複数の脆弱性
- Weekly Report: TensorFlowベースのKerasモデルに含まれるLambdaレイヤにコードインジェクションが発生する問題
- Weekly Report: 2024年4月Oracle Critical Patch Updateについて
- Weekly Report: PuTTY SSHクライアントのECDSA署名処理に脆弱性
- Weekly Report: バッファロー製無線LANルーターに複数の脆弱性
- CISA Releases Two Industrial Control Systems Advisories
- CISA Adds One Known Exploited Vulnerability to Catalog
- Udnyttelse af Palo Altofirewalls igang
- Microsoft: APT28 udnytter Windows-fejl
- JVN: TvRock におけるクロスサイトリクエストフォージェリの脆弱性
- JVN: WindowsカーネルドライバーのIOCTL処理におけるアクセス制御不備の脆弱性
- JVN: TvRock におけるサービス運用妨害 (DoS) の脆弱性
- Multiple third-party kernel drivers for Windows vulnerable to improper access control on IOCTL
MGS+ ICS Security Report March 2017
MGS+ ICS Security Report March 2017: Editor Picks: News Intelligence Alerts Reports
World’s Biggest Data Breaches
Selected losses greater than 30,000 records
Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks
As prices rise, oil companies drill down on industrial cyber security
In recent months, more U.S. oil company boards have demanded IT managers prove refineries and drilling rigs are protected against cyberattacks, the chief of a security firm says.
Source: http://fuelfix.com/blog/2017/05/12/as-prices-rise-oil-companies-drill-down-on-industrial-cyber-security/
GOOGLE’S DUELING NEURAL NETWORKS SPAR TO GET SMARTER, NO HUMANS REQUIRED
THE DAY RICHARD Feynman died, the blackboard in his classroom read: “What I cannot create, I do not understand.”
Source: https://www.wired.com/2017/04/googles-dueling-neural-networks-spar-get-smarter-no-humans-required/
Cyber Security: The World’s Best And Worst Presented With A Well-Designed Infographic
Source: https://www.forbes.com/sites/kevinmurnane/2017/05/04/cyber-security-the-worlds-best-and-worst-presented-with-a-well-designed-infographic/#5d3fc74f4416
The Role of Big Data in IoT
IoT (the Internet of Things) refers to the automated intelligent control and command of connected devices over vast regions via sensors and other computing capabilities.
Source: https://datafloq.com/read/the-role-of-big-data-in-iot/3089
Canada Looks to Develop a New Resource: Artificial Intelligence
Initiative aims to encourage research and startups using the technology
Source: https://www.wsj.com/articles/canada-looks-to-develop-a-new-resource-artificial-intelligence-1490982372
New Threat Research Shows Vietnam a Rising Force in Cyberespionage
FireEye report on APT32 puts evidence together of a group attacking private and public targets for the sake of Vietnamese state interests.
Source: http://www.darkreading.com/attacks-breaches/new-threat-research-shows-vietnam-a-rising-force-in-cyberespionage/d/d-id/1328890
Computer security is broken from top to bottom
OVER a couple of days in February, hundreds of thousands of point-of-sale printers in restaurants around the world began behaving strangely.
Source: https://www.ascotbarclay.com/computer-security-is-broken-from-top-to-bottom/
Cybercriminals Are Building an Army of Things Creating a Tipping Point for Cybersecurity
Cybercrime is big business, and is growing at an exponential rate. British insurer Lloyd’s of London estimated the cybercrime market at $400 Billion in 2015. Today, just two years later, the World Economic Forum estimates that the total economic cost of cybercrime to currently be $3 trillion. And Cybersecurity Ventures is predicting that cybercrime will cost the world in excess of $6 trillion annually by 2021.
Source: http://blog.fortinet.com/2017/03/28/fortinet-q416-threat-landscape-report