Security CERT Global
- CISA and ENISA enhance their Cooperation
- VU#811862: Image files in UEFI can be abused to modify boot behavior
- CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps
- CERTFR-2023-AVI-0998 : Multiples vulnérabilités dans Google Chrome (06 décembre 2023)
- CERTFR-2023-AVI-0997 : Vulnérabilité dans SolarWinds Serv-U (06 décembre 2023)
- CERTFR-2023-AVI-1000 : Multiples vulnérabilités dans Progress MOVEit Transfer (06 décembre 2023)
- CERTFR-2023-AVI-1001 : Vulnérabilité dans Atlassian Confluence (06 décembre 2023)
- CERTFR-2023-AVI-0999 : Vulnérabilité dans ElasticSearch pour Hadoop (06 décembre 2023)
- Kritisk RCE-sårbarhet i Confluence-produkter
- Warfare and Geopolitics are Fuelling Denial-of-Service Attacks
- Oracle Security Update
- SUSE Security Update
- Lenovo Security Update
- Red Hat Security Update
- Mageia Security Update
- Chrome Security Update
- MediaTek Security Update
- Ubuntu Security Update
- IBM Security Update
- Dell Security Update
- Android Security Update
- JVN: Zebra Technologies製ZTCプリンターにおける代替パスまたはチャネルを使用した認証回避の脆弱性
- JVN: 複数のCODESYS Control製品におけるOSコマンドインジェクションの脆弱性
- JVN: FXC製無線LANルータ「AE1021PE」および「AE1021」におけるOSコマンドインジェクションの脆弱性
- お知らせ:制御システムセキュリティカンファレンス 2024参加登録開始
- FXC wireless LAN routers "AE1021PE" and "AE1021" vulnerable to OS command injection
- ESB-2023.7260 - [RedHat] OpenShift Container Platform 4.14.5: CVSS (Max): 7.5
- ESB-2023.7265 - [Ubuntu] Linux kernel: CVSS (Max): 8.8
- ESB-2023.7261 - [Appliance] Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d: CVSS (Max): 5.4
- ESB-2023.7257 - [Ubuntu] Redis: CVSS (Max): 8.8
- ESB-2023.7263 - [RedHat] postgresql:12: CVSS (Max): 8.8
- ESB-2023.7258 - [Ubuntu] HAProxy: CVSS (Max): 7.5
- ESB-2023.7264 - [Cisco] Cisco Systems: CVSS (Max): 4.1
- ESB-2023.7259 - [RedHat] Service Registry: CVSS (Max): 8.1
- ESB-2023.7266 - [Ubuntu] Linux kernel (OEM): CVSS (Max): 7.0
- ESB-2023.7262 - [Win][UNIX/Linux] Google Chrome: CVSS (Max): None
- Weekly Report: 複数のApple製品に脆弱性
- Weekly Report: JPCERT/CCが「ICS脆弱性分析レポート - 2023年度上期 -」を公開
- Weekly Report: Apache Tomcatにリクエストスマグリングの脆弱性
- Weekly Report: Ruckus Access Pointにクロスサイトスクリプティングの脆弱性
- Weekly Report: Google Chromeに複数の脆弱性
- CISA Adds Four Known Exploited Vulnerabilities to Catalog
- Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d
- CISA Releases Two Industrial Control Systems Advisories
- CERTFR-2023-AVI-0994 : Multiples vulnérabilités dans SonicWall SMA (05 décembre 2023)
- CERTFR-2023-AVI-0996 : Vulnérabilité dans TheGreenBow VPN Client (05 décembre 2023)
- CERTFR-2023-AVI-0995 : Multiples vulnérabilités dans Google Android (05 décembre 2023)
- CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion
- Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers
- お知らせ:JPCERT/CC Eyes「サイバー攻撃被害に係る情報の意図しない開示がもたらす情報共有活動への影響について」
3 Keys to Securing Converged IT/OT Environments
3 Keys to Securing Converged IT/OT Environments -Securing the newly converged IT/OT environment requires a solid strategy https://www.industryweek.com/technology-and-iiot/article/21127438/3-keys-to-securing-converged-itot-environments ITOT, iiot, […]
Industrial network security best practice advice
Industrial network security best practice advice Four myths about networking and cybersecurity related to operations technology (OT) systems are highlighted […]
Data flow is no longer hierarchical
Data flow is no longer hierarchical Can industrial edge computing fit into the Purdue model? edgecomputing, iiot, SCADA, cloudscada, industrialautomation, […]
IT-OT collaboration needs context and increased visibility –
IT-OT collaboration needs context and increased visibility – Information technology (IT) and operational technology (OT) are continuing the process of […]
Trends for Industry 4.0 in 2020 and Beyond
Trends for Industry 4.0 in 2020 and Beyond – Greater flexibility, virtual validation, industrial controllers, and edge computing are some […]
The IoT Really Does Work in the Factory
The IoT Really Does Work in the Factory – Industrial IoT pays off big in terms of reduced maintenance and […]
ICSaaS – ICS as a cloud service is coming: Will the benefits outweigh the risks?
ICSaaS – ICS as a cloud service is coming: Will the benefits outweigh the risks? –Is plugging critical infrastructure into […]
Managing risk in today’s IoT landscape: not a one-and-done
Managing risk in today’s IoT landscape: not a one-and-done https://www.microsoft.com/security/blog/2020/04/28/managing-risk-todays-iot-landscape-not-one-and-done/ cybersecurity, iiot, scada, cloudscada, icssecurity -holistic approach to minimizing risk […]
Introduce analytics best practices into industrial environments
Introduce analytics best practices into industrial environments -Put analytics in the hands of the process experts who understand the data […]
A Cloud Based Alternative to Traditional SCADA
A Cloud Based Alternative to Traditional SCADA cybersecurity, iiot, scada, cloudscada, icssecurity -one of the benefits of leveraging the IIoT […]
SCADA: Alive and Well in the Age of IoT
SCADA: Alive and Well in the Age of IoT – Despite the onslaught of the Internet of Things within the […]
SEC Security Report September 2017
SEC Security Report September 2017: Editor Picks: News Intelligence Alerts Reports WannaCry Post Mortem: Early Warning Indicators and Lessons Learned […]
SEC Vulnerabilities: Analysis of Exploitable Vulnerability Sequences in Industrial Networked Systems: A Proof of Concepts
Software vulnerabilities can affect the security of any computer and industrial networked systems are no exception. Information about known […]
MGS+ ICS Security Report July 2017
MG Strategy+ ICS Security Report July 2017: Editor Picks: News Intelligence Alerts Reports Power plant cyber threat: Lock up your […]
MGS+ ICS Security Report March 2017
MGS+ ICS Security Report March 2017: Editor Picks: News Intelligence Alerts Reports World’s Biggest Data Breaches Selected losses greater than […]