infojet
<<< <<>>
See the links below for current IT Alerts and useful user Tips/guides
US-CERT/NCAS(National Cyber Awareness System) Main Page
CERT Vulnerability Notes Database at the Carnegie Mellon University Software Engineering Institute
NATIONAL VULNERABILITY DATABASE-NIST
NVD Dashboard
CWE-Common Weakness Enumeration-Mitre
National Security Agency (NSA)-Cybersecurity
Mitre ATT&CK Framework
OWASP web app security checker
US-CERT/NCAS(National Cyber Awareness System) Main Page
CISA Cybersecurity-Combating Cybercrime
CISA Cyber Eessentials
CISA National Cyber Awareness System (NCAS)
NIST SMALL BUSINESS CYBERSECURITY CORNER
CISA - Resources for Small and Midsize Businesses (SMB)
US Small Business Administration (SBA) Cybersecurity for Small Businesses(training)
US Small Business Administration (SBA) Cybersecurity for Small Businesses(training)(direct)
US SBA Cybersecurity resources
FINRA cyber security
SEC cyber security
CISA main (US-CERT-computer emergency readiness team)
Ready.gov (Cyber security)
US Secret Service Cyber security investigations
FTC cyber security
FTC Cyber security for Small Business
US Dept. of Commerce, Cyber security for Small Business-10 tips
US FCC Small business cyber security
Palo Alto Networks (Enterprise Security)
PurpleSec cybersecurity
ATT Cybersecurity
PurpleSec cybersecurity
Cisco Cybersecurity
Warning: simplexml_load_file(/etc/xml/catalog): Failed to open stream: Permission denied in /webroot/m/c/mccou002/ij/www/govit.php on line 169
CERT Recently Published Vulnerability Notes
CERT publishes vulnerability advisories called "Vulnerability Notes." Vulnerability Notes include summaries, technical details, remediation information, and lists of affected vendors. Many vulnerability notes are the result of private coordination and disclosure efforts.
Last updated 2025-02-11T21:00:47.666327+00:00
Recent Vulnerabilities
DHS National Cyber Security Division_US Cert_National Vulnerability Database (Search form)
(1) VU#148244: PandasAI interactive prompt function can be exploited to run arbitrary Python code through prompt injection, which can lead to remote code execution (RCE)
(2) VU#733789: ChatGPT-4o contains security bypass vulnerability through time and search functions called "Time Bandit"
(3) VU#199397: Insecure Implementation of Tunneling Protocols (GRE/IPIP/4in6/6in4)
(4) VU#952657: Rsync contains six vulnerabilities
(5) VU#529659: Howyar Reloader UEFI bootloader vulnerable to unsigned software execution
(6) VU#164934: PDQ Deploy allows reuse of deleted credentials that can compromise a device and facilitate lateral movement
(7) VU#123336: Vulnerable WiFi Alliance example code found in Arcadyan FMIMG51AX000J
(8) VU#138043: A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server
(9) VU#455367: Insecure Platform Key (PK) used in UEFI system firmware signature
(10) VU#244112: Multiple SMTP services are susceptible to spoofing attacks due to insufficient enforcement
WordPress specific vulnerabilities in NIST NVD
Drupal specific vulnerabilities in NIST NVD
INFOJET HOME
FBI Internet Crime Complaint Center (IC3.gov)(file an Internet crime complaint Online)
US-CERT DHC Homepage
FBI
DHS(US Dept of Homeland Security)