You are on the Cert-IST public site

The CERT-IST/AL-2019.007 alert has been updated following the publication and integration as a MetaSploit module of the RDP exploit code vulnerability affecting Microsoft Windows systems (CVE-2019-0708 / #bluekeep).

2017 annual review regarding major vulnerabilities and attacks

Date :March 15, 2018

Publication: Annual reports

The goal of this review is to present the trends regarding attacks and threats, and to help readers to better protect their assets.

In this report, Cert-IST analyses the topics that have marked 2017:

  • The return of worms
  • The trapping of legitimate software
  • Hardware flaws
  • Fileless attacks
  • Imitation Effects
  • Cryptojacking
  • IOT Botnets

It also identifies areas where increased vigilance will be needed in the coming years:

  • Typical attack scenarios
  • Cloud security
  • SCADA: Industrial-IOT and Enterprise 4.0

This document is available (in French) on the Cert-IST public website: Bilan Cert-IST 2017 des failles et attaques