Catégorie : #SECURITE

Today’s VERT Alert addresses Microsoft’s September 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-849 on Wednesday, September 11th. In-The-Wild & Disclosed CVEs CVE-2019-1214 An elevation of privilege vulnerability in the Windows Common Log File System (CLFS) driver can allow an attacker…

The times, they are a changin’. When users once felt free to browse the Internet anonymously, post about their innermost lives on social media, and download apps with frivolity, folks are playing things a little closer to the vest these days. Source : https://blog.malwarebytes.com/privacy-2/2019/09/300-shades-of-gray-a-look-into-free-mobile-vpn-apps/ Date : September 10, 2019 at…

DeepSight Intelligence can help organizations deal with the scope of today’s threats and the scarcity of top cyber security talent Source : https://www.symantec.com/blogs/feature-stories/how-maximize-threat-intelligence-human-touch Date : September 10, 2019 at 06:45PM Tag(s) : Sécurité Share this… Email Facebook Twitter Linkedin Whatsapp Print

Cybersecurity threats to manufacturing and process plants are coming from a wide range of attack vectors including supply chain, logistics, enterprise computing, remote connections, operator stations, programmable logic controllers, distributed control systems (DCSs), smart sensors and new smart devices. Many emerging Internet of Things (IoT) and communications technologies offer greater…

WOLCOTT, Conn. (AP) – A Connecticut school district’s teachers are working without computer access less than a week after a second malware attack targeted the district’s servers. Source : https://www.washingtontimes.com/news/2019/sep/10/ransomware-attack-hits-school-district-twice-in-4-/?utm_source=RSS_Feed&utm_medium=RSS Date : September 11, 2019 at 12:39AM Tag(s) : Médias internationaux Share this… Email Facebook Twitter Linkedin Whatsapp Print

La solide réputation de la firme de Cupertino en termes de sécurité et de respect de la vie privée a été mise à mal ces derniers mois par plusieurs scandales. Source : http://www.lefigaro.fr/secteur/high-tech/apple-une-image-ecornee-sur-la-vie-privee-et-la-securite-des-donnees-20190910 Date : September 10, 2019 at 09:49PM Tag(s) : Médias,Apple Share this… Email Facebook Twitter Linkedin Whatsapp…

Cofense attire l’attention sur une campagne de phishing qui tire parti d’un captcha pour contourner les systèmes de détection d’URL malveillantes. Source : https://www.silicon.fr/phishing-captchas-260567.html Date : September 10, 2019 at 06:46PM Tag(s) : Médias spécialisés Share this… Email Facebook Twitter Linkedin Whatsapp Print

Adobe has released security updates to address vulnerabilities affecting Flash Player and Application Manager. An attacker could exploit these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/adobe-releases-security-updates Date : September 10, 2019 at 07:31PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/microsoft-releases-september-2019-security-updates Date : September 10, 2019 at 07:51PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released a Security Event Primer on Malware. The white paper outlines general malware operations and includes common malware event types and best practice recommendations. An attacker can use malware to gain access to a network, obtain sensitive data, and damage systems….

Google has released Chrome version 77.0.3865.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/google-releases-security-updates-chrome Date : September 11, 2019 at 01:44AM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit one of these vulnerabilities to gain an escalation of privileges on a previously infected machine. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/intel-releases-security-updates Date : September 11, 2019 at 02:55AM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp…

Prior to developing a community-based data collection program, it is essential to think through the scientific process and the steps necessary to create a program where the data collected match your monitoring objectives and data use goals. Source : https://digital.gov/event/2019/10/16/study-design-developing-a-citizen-science-project-that-delivers-results/ Date : September 10, 2019 at 07:04PM Tag(s) : US…

The NCSC’s weekly threat report is drawn from recent open source reporting. Source : https://www.ncsc.gov.uk/report/weekly-threat-report-6th-september-2019 Date : September 6, 2019 at 04:20PM Tag(s) : UK GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d’entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l’éditeur, un déni de service et un contournement de la politique de sécurité. Source : https://www.cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-428/ Date : September 10, 2019…

L’idée selon laquelle les iPhones sont totalement immunisés contre les menaces n’a cessé d’être décriée. Source : https://www.kaspersky.fr/blog/malicious-websites-infect-iphones/12266/ Date : September 10, 2019 at 03:36PM Tag(s) : Sécurité,iPhone Share this… Email Facebook Twitter Linkedin Whatsapp Print

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d’entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité. Source : https://www.cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-429/ Date : September 10, 2019 at 03:33PM…

Changing consumer demands posed a serious challenge to the IT industry; it pushed firms to brainstorm about quick product delivery. This demand eventually gave rise to the demand for collaboration between Development (Dev) and Operations (Ops) teams, welcoming the DevOps trend. As a result, everything started progressing well with increased…

Chaque entreprise a des employés qui traitent un grand nombre de mails externes. Les agents des ressources humaines, les directeurs des relations publiques et les vendeurs en sont quelques exemples communs. Source : https://www.kaspersky.fr/blog/vlan-securite/12261/ Date : September 9, 2019 at 05:19PM Tag(s) : Sécurité Share this… Email Facebook Twitter Linkedin…

Nous avons déjà publié de nombreux articles qui expliquent à quel point il est facile d’attraper par inadvertance des éléments malveillants lorsque vous essayez de télécharger des émissions de télévision populaires ou des triches pour les jeux. Source : https://www.kaspersky.fr/blog/back-to-school-malware-2019/12207/ Date : September 9, 2019 at 12:05PM Tag(s) : Sécurité…