Security CERT Global
- CISA and ENISA enhance their Cooperation
- VU#811862: Image files in UEFI can be abused to modify boot behavior
- CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps
- CERTFR-2023-AVI-0998 : Multiples vulnérabilités dans Google Chrome (06 décembre 2023)
- CERTFR-2023-AVI-0997 : Vulnérabilité dans SolarWinds Serv-U (06 décembre 2023)
- CERTFR-2023-AVI-1000 : Multiples vulnérabilités dans Progress MOVEit Transfer (06 décembre 2023)
- CERTFR-2023-AVI-1001 : Vulnérabilité dans Atlassian Confluence (06 décembre 2023)
- CERTFR-2023-AVI-0999 : Vulnérabilité dans ElasticSearch pour Hadoop (06 décembre 2023)
- Kritisk RCE-sårbarhet i Confluence-produkter
- Warfare and Geopolitics are Fuelling Denial-of-Service Attacks
- Oracle Security Update
- SUSE Security Update
- Lenovo Security Update
- Red Hat Security Update
- Mageia Security Update
- Chrome Security Update
- MediaTek Security Update
- Ubuntu Security Update
- IBM Security Update
- Dell Security Update
- Android Security Update
- JVN: Zebra Technologies製ZTCプリンターにおける代替パスまたはチャネルを使用した認証回避の脆弱性
- JVN: 複数のCODESYS Control製品におけるOSコマンドインジェクションの脆弱性
- JVN: FXC製無線LANルータ「AE1021PE」および「AE1021」におけるOSコマンドインジェクションの脆弱性
- お知らせ:制御システムセキュリティカンファレンス 2024参加登録開始
- FXC wireless LAN routers "AE1021PE" and "AE1021" vulnerable to OS command injection
- ESB-2023.7260 - [RedHat] OpenShift Container Platform 4.14.5: CVSS (Max): 7.5
- ESB-2023.7265 - [Ubuntu] Linux kernel: CVSS (Max): 8.8
- ESB-2023.7261 - [Appliance] Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d: CVSS (Max): 5.4
- ESB-2023.7257 - [Ubuntu] Redis: CVSS (Max): 8.8
- ESB-2023.7263 - [RedHat] postgresql:12: CVSS (Max): 8.8
- ESB-2023.7258 - [Ubuntu] HAProxy: CVSS (Max): 7.5
- ESB-2023.7264 - [Cisco] Cisco Systems: CVSS (Max): 4.1
- ESB-2023.7259 - [RedHat] Service Registry: CVSS (Max): 8.1
- ESB-2023.7266 - [Ubuntu] Linux kernel (OEM): CVSS (Max): 7.0
- ESB-2023.7262 - [Win][UNIX/Linux] Google Chrome: CVSS (Max): None
- Weekly Report: 複数のApple製品に脆弱性
- Weekly Report: JPCERT/CCが「ICS脆弱性分析レポート - 2023年度上期 -」を公開
- Weekly Report: Apache Tomcatにリクエストスマグリングの脆弱性
- Weekly Report: Ruckus Access Pointにクロスサイトスクリプティングの脆弱性
- Weekly Report: Google Chromeに複数の脆弱性
- CISA Adds Four Known Exploited Vulnerabilities to Catalog
- Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d
- CISA Releases Two Industrial Control Systems Advisories
- CERTFR-2023-AVI-0994 : Multiples vulnérabilités dans SonicWall SMA (05 décembre 2023)
- CERTFR-2023-AVI-0996 : Vulnérabilité dans TheGreenBow VPN Client (05 décembre 2023)
- CERTFR-2023-AVI-0995 : Multiples vulnérabilités dans Google Android (05 décembre 2023)
- CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion
- Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers
- お知らせ:JPCERT/CC Eyes「サイバー攻撃被害に係る情報の意図しない開示がもたらす情報共有活動への影響について」
Threat Intelligence, Information, and Data: What Is the Difference?
Threat Intelligence, Information, and Data: What Is the Difference?
Key Takeaways
There’s a huge difference between threat data, information, and intelligence, and understanding the difference is essential to getting the most out of your threat intelligence platform.
As we progress from data to information to intelligence, the volume of outputs reduces while the value of those outputs increases.
Threat intelligence platforms produce data and information, which human analysts can use to produce actionable threat intelligence.
A computer can never produce threat intelligence, but humans are unsuited to the task of collecting and processing huge volumes of threat data.
Action must always be the end goal. Threat intelligence is useless unless it can be used to improve cyber security.
Source:
https://www.recordedfuture.com/threat-intelligence-data/
Tags: Threat Intelligence,Threat Intelligence Data,Threat Intelligence Information,Threat Intelligence Platforms,