You are on the Cert-IST public site

The CERT-IST/AL-2019.007 alert has been updated following the publication and integration as a MetaSploit module of the RDP exploit code vulnerability affecting Microsoft Windows systems (CVE-2019-0708 / #bluekeep).

2014 annual review regarding major vulnerabilities and attacks

Date :March 18, 2015

Publication: Annual reports

The goal of this review is to present the trends regarding attacks and threats, and to help readers to better protect their assets.

For 2014, Cert-IST identified the 3 major  topics:

  • More sophisticated attacks that modify the risk level
  • Many attacks targeting cryptography
  • Cyber-spying: governments at the cutting edge of cyber attacks

The review also presents (in chapter 3.2) the main vulnerabilities and attacks seen in 2014 and the Alerts released by Cert-IST about them. It also analyzes some of the interesting technical topics seen during the year, such as:

  • Attack against Kerberos and Active Directory on Windows,
  • Attack against isolated (“air gapped”) systems.

 

This document is available in French and English on Cert-IST public website:

  Report in English

  Report in French