Security CERT Global
- Microsoft: APT28 udnytter Windows-fejl
- JVN: WindowsカーネルドライバーのIOCTL処理におけるアクセス制御不備の脆弱性
- JVN: TvRock におけるクロスサイトリクエストフォージェリの脆弱性
- JVN: TvRock におけるサービス運用妨害 (DoS) の脆弱性
- Multiple third-party kernel drivers for Windows vulnerable to improper access control on IOCTL
- Ever wondered how a cyber crime gang operates?
- TvRock vulnerable to cross-site request forgery
- TvRock vulnerable to denial-of-service (DoS)
- LXD: CVSS (Max): 5.9
- apache-commons-configuration2: CVSS (Max): 4.4
- thunderbird: CVSS (Max): 7.5
- shim: CVSS (Max): 8.4
- Pillow: CVSS (Max): 7.3
- openjdk-11: CVSS (Max): 3.7
- Linux Kernel (Live Patch 50 for SLE 12 SP5): CVSS (Max): 7.8
- openjdk-11: CVSS (Max): 3.7
- Pillow: CVSS (Max): 7.3
- Linux Kernel (Live Patch 51 for SLE 12 SP5): CVSS (Max): 7.8
- Linux Kernel (Live Patch 22 for SLE 15 SP4): CVSS (Max): 7.8
- glibc: CVSS (Max): 8.2
- openjdk-17: CVSS (Max): 3.7
- apache-commons-configuration: CVSS (Max): 4.4
- Linux Kernel RT (Live Patch 1 for SLE 15 SP5): CVSS (Max): 7.8
- Percona XtraBackup: CVSS (Max): 7.8
- polkit: CVSS (Max): None
- Linux Kernel (Live Patch 1 for SLE 15 SP5): CVSS (Max): 7.8
- samba: CVSS (Max): 6.5
- The Great Fuzzy Hashing Debate
- CERTFR-2024-AVI-0339 : Vulnérabilité dans Microsoft Edge (22 avril 2024)
- CERTFR-2024-AVI-0338 : [SCADA] Vulnérabilité dans Siemens RUGGEDCOM APE1808 (22 avril 2024)
- CERTFR-2024-AVI-0340 : [SCADA] Multiples vulnérabilités dans les produits Moxa (22 avril 2024)
- CERTFR-2024-AVI-0341 : Multiples vulnérabilités dans Synacor Zimbra Collaboration (22 avril 2024)
- CERTFR-2024-AVI-0336 : Multiples vulnérabilités dans les produits OwnCloud (22 avril 2024)
- CERTFR-2024-AVI-0337 : Multiples vulnérabilités dans Mozilla Thunderbird (22 avril 2024)
- CERTFR-2024-AVI-0335 : Vulnérabilité dans SolarWinds Platform (22 avril 2024)
- CERTFR-2024-ACT-018 : Bulletin d’actualité CERTFR-2024-ACT-018 (22 avril 2024)
- PhaaS-tjeneste lukket ned
- 0-dagssårbarhed i CrushFTP
- JVN: オムロン製Sysmac Studio/CX-OneおよびCX-Programmerにおける複数の脆弱性
- JVN: LINE client for iOSにおけるサーバ証明書の検証不備の脆弱性
- JVN: Unitronics製VisionシリーズPLCにおける復元可能な形式でのパスワード保存の脆弱性
- JVN: TensorFlowベースのKerasモデルに含まれるLambdaレイヤにコードインジェクションが発生する問題
- JVN: Armeria-samlにおけるSAMLメッセージ取り扱い不備
- Multiple vulnerabilities in OMRON Sysmac Studio/CX-One and CX-Programmer
- Junos OS: CVSS (Max): 5.3
- wireshark: CVSS (Max): 7.5
- wireshark: CVSS (Max): 7.5
- libdatetime-timezone-perl: CVSS (Max): None
- Linux kernel: CVSS (Max): 7.8
- Mozilla Thunderbird: CVSS (Max): 7.5*
Strategic Efficiency Consortium Security Intelligence Reading and References – SEC Report
Reading and References Competitive Intelligence – CI For Beginners Part 1: Insight Work “Intelligence is a set […]
SEC Threat Intelligence as a Critical Organizational Need – SEC Report
The critical need for an evidence based, automated, holistic approach of the threat landscape. These are challenging times […]
SEC Security Data Services – SEC Report
This service is specifically designed to deliver well defined deliverables into critical intelligence demands of our client. These […]
What Is Threat Intelligence? Definition and Examples
Key Takeaways Threat intelligence is the output of analysis based on identification, collection, and enrichment of relevant data and information. […]
Building a Threat Intelligence Framework to Defend Against Cyberattacks
Goals Before Data What systems, data, and other digital assets must be protected? How do you anticipate threat intelligence will […]
Threat Intelligence’s Big Data Problem
Threat Intelligence’s Big Data Problem Security teams are drowning in often useless threat intel data, but signs of maturity are […]
Finding The ROI Of Threat Intelligence: 5 Steps
Finding The ROI Of Threat Intelligence: 5 Steps Advice from a former SOC manager on how to leverage threat intel […]
6 Surprising Benefits of Threat Intelligence From the Web
6 Surprising Benefits of Threat Intelligence From the Web Key Takeaways The internet is the single greatest learning resource ever […]
Threat Intelligence, Information, and Data: What Is the Difference?
Threat Intelligence, Information, and Data: What Is the Difference? Key Takeaways There’s a huge difference between threat data, information, and […]