ANSSI

The National Information Systems Security Agency (ANSSI) is a French service created by decree in July 2009. It ensures the mission of national authority in matters of information systems security.

A cyberattack by the LockBit 2.0 hacker group on the French Ministry of Justice.

Par / 30th January 2022 / 2 minutes of reading / ANSSI, Cyber ​​attack, Piracy, Ransomware

211 A cyberattack by the LockBit 2.0 hacker group on the French Ministry of Justice. The LockBit 2.0 hacker group claims to have infiltrated the French Ministry of Justice. Hackers announce that they have succeeded in dropping ransomware payloads and encrypting their victims' data. On the Dark Web, cybercriminals threaten to publish stolen information if they do not receive the ransom demanded in exchange for decryption of their data. The Ministry confirmed the cyberattack but its extent is not yet known, however it could concern nearly 10000 files according to the group's hackers who are giving a 13-day ultimatum to pay. Experts from ANSSI, the National Agency for Security […]

A cyberattack by the LockBit 2.0 hacker group on the French Ministry of Justice. Read more "

ANSSI, Cyber ​​attack, Piracy, Ransomware

Discovery of 19 vulnerabilities in Treck's TCP/IP stack.

Par / 18th June 2020 / 1 minute read / AlaUne, ANSSI, CERT, News

129 Discovery of 19 vulnerabilities in Treck's TCP/IP stack. On June 16, 2020, researchers announced the discovery of nineteen vulnerabilities in Treck's TCP/IP stack implementation. This component is used in many embedded systems and connected objects, including certain medical equipment and industrial control equipment. The most critical vulnerabilities allow remote arbitrary code execution. Treck Security Bulletin June 16, 2020 Other security advisories are issued by Ripple20, Carnegie Mellon, Braun, Green Hills Software and Schneider Electric. (Read more) The JSOF research laboratory announces the discovery of 19 critical zero-day flaws that affect the implementation of the TCP/IP stack dedicated to systems

Discovery of 19 vulnerabilities in Treck's TCP/IP stack. Read more "

AlaUne, ANSSI, CERT, News

Alert on multiple vulnerabilities in Microsoft Windows

Par / March 24, 2020 / 1 minute read / AlaUne, ANSSI, CERT, News

143 CERT-FR Alert: Multiple vulnerabilities in Microsoft Windows CERT-FR publishes an alert regarding multiple vulnerabilities in Microsoft Windows that allow remote execution of arbitrary code. Microsoft said on Monday that it is aware of an unpatched vulnerability in the Windows Adobe Type Manager library that is being actively exploited by hackers. As part of a new security advisory, Microsoft warns that there are two remote code execution (RCE) vulnerabilities rated critical in the library that can be exploited in several ways. The Adobe Type Manager Library used in Microsoft Windows provides font management for the postscript format. This is loaded when reading a file. Playing a file can be

Alert on multiple vulnerabilities in Microsoft Windows Read more "

AlaUne, ANSSI, CERT, News

Multiple vulnerabilities in Adobe

Par / March 19, 2020 / 1 minute read / AlaUne, ANSSI, CERT, News

103 Multiple vulnerabilities in Adobe Acrobat and Acrobat Reader CERT-FR has just issued an opinion on multiple vulnerabilities discovered in Adobe Acrobat and Acrobat Reader. These vulnerabilities allow an attacker to cause arbitrary code execution, data privacy breach, and privilege escalation. (Read more) Refer to the publisher's security bulletin to obtain fixes (see Documentation section). Adobe Security Bulletin apsb20-13 March 18, 2020  

Multiple vulnerabilities in Adobe Read more "

AlaUne, ANSSI, CERT, News

Alert: Vulnerability in Microsoft SharePoint Server

Par / 30th May 2019 / 1 minute read / ANSSI, CERT

145 Alert: Vulnerability in Microsoft SharePoint Server On May 29, 2019, CERT-FR published an alert bulletin relating to the discovery of a vulnerability in Microsoft SharePoint Server. This vulnerability allows an attacker to execute arbitrary code remotely by exploiting a deserialization flaw in SharePoint servers by sending a specially crafted malicious request. Cloudflare indicates in its analysis that the vulnerability is exploitable without authentication, which has not been confirmed by Microsoft. Microsoft offers a fix in its security bulletin.

Alert: Vulnerability in Microsoft SharePoint Server Read more "

ANSSI, CERT

Alert, Vulnerability in Microsoft Remote Desktop Services.

Par / 20th May 2019 / 1 minute read / ANSSI, CERT, News

101 Alert, Vulnerability in Microsoft Remote Desktop Services. The CERTFR has just issued an alert on May 15 on a vulnerability in Microsoft Windows remote desktop services. More precisely, it is Remote Desktop Services (RDS) which allows the execution of arbitrary code on a vulnerable system, without authentication or user interaction. Indeed, in addition to fixes for systems currently maintained by Microsoft. The company has also made exceptional updates available for older systems that are no longer supported. This includes Windows 2003 systems as well as Windows XP.    

Alert, Vulnerability in Microsoft Remote Desktop Services. Read more "

ANSSI, CERT, News
Back to top