Lucene search
K
CisaMost viewed

4188 matches found

CISA
CISA
added 2018/05/07 12:0 a.m.14 views

FBI Releases IC3 2017 Internet Crime Report

FBI has released the Internet Crime Complaint Center IC3 2017 Internet Crime Report, which highlights scams trending online. The top three crime types reported by victims in 2017 were non-payment/non-delivery, personal data breach, and phishing. Hot topics for 2017 include ransomware, business...

6.8AI score
Exploits0References3
CISA
CISA
added 2018/04/18 12:0 a.m.14 views

Cisco Releases Security Updates for Multiple Products

Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the...

7.7AI score
Exploits0References11
CISA
CISA
added 2018/03/29 12:0 a.m.14 views

Apache Software Foundation Releases Security Update

The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. NCCIC/US-CERT encourages users and administrators to review the Apache Security Bulletin and make the...

6.7AI score
Exploits0References1
CISA
CISA
added 2018/03/28 12:0 a.m.14 views

North Korean Malicious Cyber Activity

The Department of Homeland Security DHS and the Federal Bureau of Investigation FBI have identified Trojan malware variants—referred to as SHARPKNOT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA...

6.9AI score
Exploits0References1
CISA
CISA
added 2018/02/22 12:0 a.m.14 views

FTC Releases Article on Choosing VPN Apps for Mobile Phones

The Federal Trade Commission FTC has issued guidance to consumers considering using a Virtual Private Network VPN for their mobile phones. Some mobile phone users choose to use VPNs to shield the information on their phones when using public Wi-Fi networks. NCCIC/US-CERT encourages consumers to...

6.7AI score
Exploits0References1
CISA
CISA
added 2017/11/29 12:0 a.m.14 views

Apple Releases Security Update for macOS High Sierra

Apple has released a supplemental security update to address a vulnerability in macOS High Sierra 10.13. An attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review CERT/CC Vulnerability Note VU113765 and the Apple...

6.6AI score
Exploits0References2
CISA
CISA
added 2017/10/03 12:0 a.m.14 views

National Cybersecurity Awareness Month: Simple Steps to Online Safety

October is National Cybersecurity Awareness Month NCSAM, an annual campaign to raise awareness about cybersecurity. The National Cyber Security Alliance NCSA has published general tips to help you increase your cybersecurity awareness—including whom to contact if you are the victim of cyber...

7.1AI score
Exploits0References3
CISA
CISA
added 2017/09/15 12:0 a.m.14 views

VMware Releases Security Updates

VMware has released security updates to address vulnerabilities in ESXi, vCenter Server, Fusion, and Workstation. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Security...

6.9AI score
Exploits0References1
CISA
CISA
added 2017/09/12 12:0 a.m.14 views

Microsoft Releases September 2017 Security Updates

Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review Microsoft's September 2017 Security Update Summary and Deployment...

7AI score
Exploits0References2
CISA
CISA
added 2017/07/18 12:0 a.m.14 views

Oracle Releases Security Bulletin

Oracle has released its Critical Patch Update for July 2017 to address 308 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle July...

7AI score
Exploits0References1
CISA
CISA
added 2017/07/05 12:0 a.m.14 views

Joomla! Releases Security Update

Joomla! has released version 3.7.3 of its Content Management System CMS software to address several vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. US-CERT encourages users and administrators to review the Joomla! Security...

7.1AI score
Exploits0References2
CISA
CISA
added 2017/06/13 12:0 a.m.14 views

Mozilla Releases Security Updates

Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefo...

7.3AI score
Exploits0References2
CISA
CISA
added 2017/05/16 12:0 a.m.14 views

FTC Releases Alert on Fraudulent Emails

The Federal Trade Commission FTC has released an alert about scammers sending out fake emails that look authentic to trick you into sending money to them. Users should be suspicious of unsolicited phone calls or email messages from individuals asking about your information. If an unknown individu...

6.8AI score
Exploits0References2
CISA
CISA
added 2017/05/15 12:0 a.m.14 views

Apple Releases Security Updates

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker may exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Apple security pages for the following products and apply t...

7.1AI score
Exploits0References7
CISA
CISA
added 2017/05/07 12:0 a.m.14 views

Intel Firmware Vulnerability

Intel has released recommendations to address a vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect...

6.7AI score
Exploits0References5
CISA
CISA
added 2017/05/04 12:0 a.m.14 views

IC3 Warns of Increase in BEC/EAC Schemes

The Internet Crime Complaint Center IC3 has issued an alert describing a growing number of scams targeting businesses working with foreign suppliers or businesses that regularly perform wire transfer payments. These sophisticated scams are classified as business email compromise BEC or email...

6.8AI score
Exploits0References2
CISA
CISA
added 2017/05/04 12:0 a.m.14 views

Microsoft Ending Security Updates for Windows 10 version 1507

After May 9, 2017, devices running Windows 10 version 1507 will no longer receive security updates. US-CERT encourages users and administrators to review Microsoft's Windows 10 version 1507 post for more information and to apply necessary updates. This product is provided subject to this...

6.7AI score
Exploits0References1
CISA
CISA
added 2017/01/26 12:0 a.m.14 views

WordPress Releases Security Update

WordPress 4.7.1 and prior versions are affected by multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. On February 1, WordPress disclosed an additional vulnerability that is fixed in version 4.7.2. US-CERT encourages user...

7.2AI score
Exploits0References2
CISA
CISA
added 2017/01/18 12:0 a.m.14 views

Oracle Releases Security Bulletin

Oracle has released its Critical Patch Update for January 2017 to address 270 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle...

7AI score
Exploits0References1
CISA
CISA
added 2016/12/22 12:0 a.m.14 views

Cisco Releases Security Updates

Cisco has released security updates to address a vulnerability in its Cisco CloudCenter Orchestrator. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Cisco Security Advisory and apply the...

6.8AI score
Exploits0References1
CISA
CISA
added 2016/11/02 12:0 a.m.14 views

Google Releases Security Updates for Chrome

Google has released Chrome version 54.0.2840.87 for Windows and Mac, and version 54.0.2840.90 for Linux. These new versions address a vulnerability that, if exploited, may allow an attacker to create a denial-of-service condition. US-CERT encourages users and administrators to review the Chrome...

6.7AI score
Exploits0References1
CISA
CISA
added 2016/10/19 12:0 a.m.14 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...

7.2AI score
Exploits0References5
CISA
CISA
added 2016/09/28 12:0 a.m.14 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of one of these vulnerabilities could allow a remote attacker to take over an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the...

7.9AI score
Exploits0References13
CISA
CISA
added 2016/07/19 12:0 a.m.14 views

Oracle Releases Security Bulletin

Oracle has released its Critical Patch Update for July 2016 to address 276 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Oracle Ju...

7AI score
Exploits0References1
CISA
CISA
added 2016/06/03 12:0 a.m.14 views

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

The Network Time Foundation's NTP Project has released version ntp-4.2.8p8 to address multiple vulnerabilities in ntpd. Exploitation of one of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review Vulnerability...

7AI score
Exploits0References2
CISA
CISA
added 2016/06/03 12:0 a.m.14 views

WP Mobile Detector Vulnerability

WP Mobile Detector, a WordPress plugin, contains a vulnerability in versions prior to 3.6. Exploitation of this vulnerability could allow an attacker to take control of an affected website. US-CERT encourages users and administrators to disable the configuration option allowurlfopen if it is not...

6.8AI score
Exploits0References2
CISA
CISA
added 2016/04/28 12:0 a.m.14 views

Google Releases Security Update for Chrome

Google has released Chrome version 50.0.2661.94 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...

7.2AI score
Exploits0References1
CISA
CISA
added 2016/03/30 12:0 a.m.14 views

Cisco Releases Security Update

Cisco has released a security update to address a vulnerability in its Cisco Firepower System software. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Cisco Security Advisory and apply t...

6.8AI score
Exploits0References1
CISA
CISA
added 2016/03/17 12:0 a.m.14 views

Symantec Releases Security Update

Symantec has released an update to address vulnerabilities in Symantec Endpoint Protection version 12.1. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Security Advisory from...

7AI score
Exploits0References1
CISA
CISA
added 2016/03/09 12:0 a.m.14 views

ISC Releases Security Updates for BIND

The Internet Systems Consortium ISC has released updates that address three vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.8-P4 BIND 9 version 9.10.3-P4 BIND 9 version...

6.8AI score
Exploits0References3
CISA
CISA
added 2016/03/01 12:0 a.m.14 views

SSLv2 DROWN Attack

Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. Exploitation of this vulnerability—referred to as DROWN in public reporting—may allow a remote attacker to decrypt individual messages from a server supporting SSLv2...

6.5AI score
Exploits0References2
CISA
CISA
added 2016/02/09 12:0 a.m.14 views

Google Releases Security Update for Chrome

Google has released Chrome version 48.0.2564.109 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome...

7.2AI score
Exploits0References1
CISA
CISA
added 2016/01/19 12:0 a.m.14 views

ISC Releases Security Updates for BIND

The Internet Systems Consortium ISC has released security updates to address vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.8-P3 BIND 9 version 9.10.3-P3 BIND 9 versio...

6.8AI score
Exploits0References2
CISA
CISA
added 2015/12/28 12:0 a.m.14 views

Adobe Releases Security Updates for Flash Player

Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB16-01 and apply t...

7.1AI score
Exploits0References1
CISA
CISA
added 2015/12/11 12:0 a.m.14 views

Apple Releases Security Update for iTunes

Apple has released a security update for Apple iTunes to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review information on iTunes 12.3.2 and apply the...

6.9AI score
Exploits0References1
CISA
CISA
added 2015/09/25 12:0 a.m.14 views

Google Releases Security Update for Chrome

Google has released Chrome version 45.0.2454.101 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are encouraged to review the...

6.7AI score
Exploits0References1
CISA
CISA
added 2015/09/08 12:0 a.m.14 views

Microsoft Releases September 2015 Security Bulletin

Microsoft has released 12 updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-094 through...

6.9AI score
Exploits0References1
CISA
CISA
added 2015/08/27 12:0 a.m.14 views

Mozilla Releases Security Updates for Firefox

The Mozilla Foundation has released security updates to address a critical vulnerability in Firefox and Firefox ESR. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Available updates include: Firefox 40.0.3 Firefox ESR 38.2.1 US-CERT encourage...

7.2AI score
Exploits0References2
CISA
CISA
added 2015/08/19 12:0 a.m.14 views

Microsoft Releases Critical Security Update for Internet Explorer

Microsoft has released a critical security update to address a vulnerability in Internet Explorer. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system if the user views a specially crafted webpage. Users and administrators are encouraged to revie...

6.8AI score
Exploits0References1
CISA
CISA
added 2015/08/18 12:0 a.m.14 views

Adobe Releases Security Update for LiveCycle Data Services

Adobe has released a security update to address a vulnerability in LiveCycle Data Services versions 4.7, 4.6.2, 4.5, and 3.0.x. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system. US-CERT recommends that users and administrators...

6.3AI score
Exploits0References1
CISA
CISA
added 2015/08/12 12:0 a.m.14 views

Evolution in Attacks Against Cisco IOS Software Platforms

Cisco has observed increasingly complex attacks that could allow an attacker to gain administrative access to a Cisco IOS device by installing a malicious ROMMON image. Successful exploitation using this image could allow an attacker to manipulate device behavior after the device is rebooted...

7AI score
Exploits0References1
CISA
CISA
added 2015/07/28 12:0 a.m.14 views

‘Stagefright’ Android Vulnerability

Android devices running Android versions 2.2 through 5.1.1r5 contain vulnerabilities in the Stagefright media playback engine. Exploitation of these vulnerabilities may allow an attacker to access multimedia files or potentially take control of a vulnerable device. Users and administrators are...

7AI score
Exploits0References1
CISA
CISA
added 2015/07/14 12:0 a.m.14 views

Adobe Releases Security Update for Shockwave Player

Adobe has released a security update to address critical vulnerabilities in Shockwave Player for Windows and Macintosh. Exploitation of these vulnerabilities could allow an attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin...

7AI score
Exploits0References1
CISA
CISA
added 2015/07/10 12:0 a.m.14 views

VMware Releases Security Advisory

VMware has released security updates to address a host privilege escalation vulnerability in VMware Workstation, Player and Horizon View Client for Windows. Exploitation of this vulnerability may allow an attacker to escalate privileges on an affected VMware system. Updates available include:...

7.2AI score
Exploits0References1
CISA
CISA
added 2015/06/11 12:0 a.m.14 views

Cisco IOS XR Denial-of-Service Vulnerability

Cisco has identified a vulnerability that could allow an unauthenticated remote attacker to cause a denial-of-service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. A Cisco Carrier Routing System 3 CRS-3 running a version of Cisco...

6.9AI score
Exploits0References1
CISA
CISA
added 2015/05/19 12:0 a.m.14 views

Google Releases Security Update for Chrome

Google has released Chrome version 43.0.2357.65 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Google Chrom...

7.1AI score
Exploits0References1
CISA
CISA
added 2015/05/12 12:0 a.m.14 views

Microsoft Releases May 2015 Security Bulletin

Microsoft has released 13 updates to address vulnerabilities in Microsoft Windows. Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, information disclosure, or security feature bypass. US-CERT encourages users and administrators to review...

7.4AI score
Exploits0References1
CISA
CISA
added 2015/04/21 12:0 a.m.14 views

IC3 Warns of Cyber Attacks Focused on Law Enforcement and Public Officials

The Internet Crime Complaint Center IC3 has issued an alert warning that law enforcement personnel and public officials may be at an increased risk of cyber attacks. Doxing—the act of gathering and publishing individuals’ personal information without permission—has been observed. Hacking...

6.7AI score
Exploits0References2
CISA
CISA
added 2015/04/08 12:0 a.m.14 views

Apple Releases Security Updates for OS X, iOS, Safari, and Apple TV

Apple has released security updates for OS X, iOS, Safari, and Apple TV to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of the affected system. Available updates include: OS X Yosemite v10.10.3 and Security Update...

7AI score
Exploits0References4
CISA
CISA
added 2015/04/07 12:0 a.m.14 views

IC3 Releases Alert on Web Site Defacements

The Internet Crime Complaint Center IC3 has issued an alert addressing recently perpetrated Web site defacements. The defacements advertise themselves as associated with the Islamic State in the Levant ISIL a.k.a. Islamic State of Iraq and al-Shams ISIS. However, FBI assesses that the perpetrator...

6.6AI score
Exploits0References2
Total number of security vulnerabilities4188