Crisis management HUB
May 29, 2023
Medium risk
Medium risk
(*) Excluding RU-UA conflict: The lock does not take into account the risk induced by the RU-UA conflict, although this threat is still present.
Alert level
Last Info
3CX Desktop App (CVE-2023-29059) <3 month
Outlook (CVE-2023-23397) <1 month
VMware ESXiArgs       <6 month
ManageEngine (CVE-2022-47966)       <6 month
Exchange ProxyNotShell       <6 month
Spring4Shell >6 months
Russie - Ukraine <1 month
Log4j       >6 months
Exchange (CVE-2021-26855)       >6 months
Ransomware <6 month
Meltdown/Spectre       <1 week

 
Latest public releases
15-Feb-2023 Annual review regarding vulnerabilities and attacks for 2022

Now available in ENGLISH!
Cert-IST has made public its Annual review regarding vulnerabilities and attacks for 2022.
02-Jan-2023 FORUM Cert-IST 2022

Presentation materials (in French) are available
01-Jun-2022 In Brief: A look at the FBI IC3 report
This article comes from the Cert-IST monthly bulletin n°294 (March 2022).
24-May-2022 What does the Conti leak tell us?
This article comes from the Cert-IST monthly bulletin n°293 (February 2022).
18-Feb-2022 Annual review regarding vulnerabilities and attacks for 2021

Now available in ENGLISH!
Cert-IST has made public its 2021 annual review regarding vulnerabilities and attacks.
11-Jan-2022 Patch management strategy
This article comes from the Cert-IST monthly bulletin n°289 (October 2021).
15-Nov-2021 This is how they tell me the world ends
This article comes from the Cert-IST monthly bulletin n°287 (August 2021).
Advisory exemples sent the previous week.
Risk High AV-2023.0857 - Vulnerabilities in VMware Aria Operations (formerly vRealize Operations)
Risk Medium AV-2023.0856 - Vulnerabilities in PostgreSQL
Risk Low AV-2023.0855 - Vulnerability in IBM Security Verify Access (formerly Security Access Manager)
Risk Medium AV-2023.0854 - Vulnerabilities in Canon printers
Risk High AV-2023.0594 - Vulnerability in the Linux kernel