Thanks to this article, you'll discover the different types of Yuno newsletter available and how they are structured.

SUMMARY

• Common elements to all Yuno newsletters
• Exclusives elements for INFO and XMCO newsletters
• Exclusives elements for VULN, PATCH and EXPLOIT newsletters
  • VULN newsletter
  • PATCH newsletter
  • EXPLOIT newsletter

Yuno's intelligence bulletins follow a precise structure, enabling you to quickly find the information you need to make the right decisions.

This structure is similar whether you consult the newsletter from the SaaS platform (Le Portail), from the e-mail sent to you daily or via API.

Common elements to all Yuno newsletters

All Yuno newsletters, whether technical or environmental, have the following elements in common:

1. Bulletin type
2. Bulletin title
3. Bulletin severity
4. Bulletin description
5. References used to produce the bulletin
6. Reference to find the bulletin in the XMCO database

Note : When a newsletter contains several severity (e.g. a PATCH newsletter mentioning several vulnerabilities), we automatically apply the highest severity among those mentioned.

Exclusives elements for INFO and XMCO newsletters

1. tags
2. Indicators of Compromise (IoC)

an INFO newsletter includes a summary of a cyber news.
an XMCO bulletin includes :

• a selection of articles in "press review" newsletters;
• a summary of cyber technical and environmental news in "weekly summary" newsletters;
• a description of the week's highlights in "expert opinion" newsletters;
• notification of the release of a new issue of Actusécu (a cybersecurity magazine published by XMCO and available free of charge on the XMCO website).

Exclusives elements for VULN, PATCH and EXPLOIT newsletters

VULN newsletter

VULN newsletters deal with the appearance of a new vulnerability in one of your technologies. In addition to common elements, they contain the following information:

1. The name of the publisher of the technology concerned
2. Damage
3. Type of exploitation
4. The platforms concerned
5. Yuno perimeter(s) affected by the vulnerability
6. Technology concerned
7. A recommendation
8. Vulnerable technology versions
9. CVE associated reference(s) and their CVSS score

PATCH newsletter

PATCH newsletters deal with the release of a patch by the publisher that affects your technology. In addition to common elements, they include the following information:

1. The name of the publisher of the technology concerned
2. Damage of the vulnerability(ies) resolved by the patch
3. The type(s) of exploitation of the vulnerability(ies) resolved by the patch
4. Yuno perimeter(s) affected by this vulnerability
5. Platform(s) affected by the vulnerability(ies) resolved by the patch
6. Technology concerned
7. Technology versions affected by the patch
8. A recommendation, generally consisting of an explanation of how to apply the patch
9. The CVE reference(s) concerning the vulnerability(ies) to be patched, and their CVSS score.

EXPLOIT newsletter

EXPLOIT newsletters deal with the development of exploit code for a vulnerability affecting your technology. In addition to common elements, they include the following information:

1. The name of the publisher of the technology concerned
2. The damage of the vulnerability used
3. The type of vulnerability exploitation used
4. Yuno perimeter(s) affected
5. Platform(s) affected
6. Technology versions affected
7. Exploit code
8. A recommendation to remedy the use of the exploit code
9. The CVE reference used by the exploit code and its CVSS score

Note: the operating code is not included in the email. You can consult it directly from Le Portail.