4188 matches found
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Connect and Adobe Digital Editions. An attacker could exploit one of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecuri...
Bomb Threats Emailed Around the World
The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Security Agency CISA, is aware of a worldwide email campaign targeting businesses and organizations with bomb threats. The emails claim that a device will detonate unless a ransom ...
Google Releases Security Updates for Chrome
Google has released Chrome Version 71.0.3578.98 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in Cisco Prime License Manager. A remote attacker could exploit this vulnerability to obtain sensitive information. NCCIC encourages users and administrators to review the Cisco Security Advisory and apply the necessary update. This...
Google Releases Security Updates for Chrome
Google has released Chrome version 70.0.3538.110 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary updates...
November is National Critical Infrastructure Security and Resilience Month
November is National Critical Infrastructure Security and Resilience Month. Critical Infrastructure CI is our Nation’s backbone; it is the physical and cyber systems and assets that are so vital to the United States that their incapacity or destruction would have a debilitating impact on our...
Mozilla Releases Security Update for Thunderbird ESR
Mozilla has released a security update to address vulnerabilities in Thunderbird ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird ESR 60.3 and apply...
libssh Releases Security Updates
libssh has released security updates addressing a vulnerability affecting libssh versions 0.6 and above. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the libssh Security Release for additional...
Apple Releases Security Updates for iCloud, iOS
Apple has released security updates to address vulnerabilities in iCloud for Windows and iOS. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Apple security pages for iCloud for Windows 7.7 and...
National Cybersecurity Awareness Month Webinar on Securing the Internet
The Multi-State Information Sharing and Analysis Center, National Cyber Security Alliance, and the Department of Homeland Security are conducting a National Cybersecurity Awareness Month NCSAM webinar focused on securing the internet. The webinar will be held on Tuesday, October 9, 2018, at 2 p.m...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.2.1 and apply the...
FTC Issues Alert on Recent Facebook Breach
The Federal Trade Commission FTC has released an alert to provide Facebook users with recommended precautions against identity theft after the recent breach of the Facebook social media platform. NCCIC encourages users and administrators to review the FTC Alert and the NCCIC Tip on Preventing and...
Adobe Releases Security Updates
Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-30 and apply the...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in vSphere, Workstation, Fusion, and Virtual Appliances. An attacker could exploit these vulnerabilities to obtain sensitive information. NCCIC encourages users and administrators to review VMware Security Advisories VMSA-2018-0020,...
FBI Releases Guidance on Defending Against Travel Scams
The Federal Bureau of Investigation FBI has released an article on building a digital defense against travel scams. FBI explains how scammers trick consumers with "free" vacation ploys. These offers may be fake or involve hidden fees. Legitimate companies will not ask prize winners to pay to clai...
Google Releases Security Update for Chrome
Google has released Chrome version 68.0.3440.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update. Th...
IC3 Warns of Business Email Compromise Scams
The Internet Crime Complaint Center IC3 has released an alert on business email compromise scams. This type of scam targets businesses and individuals by using social engineering or computer intrusion to compromise legitimate email accounts and conduct unauthorized fund transfers or obtain...
FTC, Partners Help Small Businesses Stop Scams
The Federal Trade Commission FTC has launched Operation Main Street, an effort with the Better Business Bureau BBB and law enforcement to educate small business owners on how to stop scams targeting their businesses. Accordingly, FTC released Scams and Your Small Business, a guide for businesses...
Apple Releases Security Update for Xcode
Apple has released a security update to address vulnerabilities in Xcode. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Apple’s security page for Xcode 9.4.1 and apply the necessary update. This...
Intel Releases Security Advisory on Lazy FP State Restore Vulnerability
Intel has released recommendations to address a vulnerability—dubbed Lazy FP state restore—affecting Intel Core-based microprocessors. An attacker could exploit this vulnerability to obtain access to sensitive information. NCCIC encourages users and administrators to review Intel's Security...
VMware Releases Security Update
VMware has released a security update to address a vulnerability in VMware AirWatch Agent. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0015 and apply the...
Drupal Releases Security Updates
Drupal has released updates addressing a vulnerability in Drupal 8 and 7. A remote attacker could exploit this vulnerability to gain access to sensitive information. NCCIC encourages users and administrators to review the Drupal Security Advisory for additional information and apply the necessary...
Drupal Releases Security Updates
Drupal has released an advisory to address multiple vulnerabilities in Drupal 7.x and 8.4.x. An attacker could exploit some of these vulnerabilities to obtain access to sensitive information. NCCIC/US-CERT encourages users and administrators to review Drupal's Security Advisory and upgrade to...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review Apple security pages for the following products and apply...
Lenovo Releases Security Advisory
Lenovo has released security updates to address a vulnerability affecting Enterprise Network Operating System ENOS firmware. An attacker could exploit this vulnerability to obtain sensitive information. NCCIC/US-CERT encourages users and administrators to review Lenovo's Security Advisory and the...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply t...
Oracle Releases January 2018 Security Bulletin
Oracle has released its Critical Patch Update for January 2018 to address 237 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to obtain access to sensitive information. NCCIC/US-CERT encourages users and administrators to review the Oracle...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address a vulnerability in Flash Player. A remote attacker could exploit this vulnerability to obtain sensitive information. NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-01 and apply the necessary updates. This...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Apple security pages for the following products and apply...
Today’s Predictions for Tomorrow’s Internet
October is National Cybersecurity Awareness Month, an annual campaign to raise awareness about cybersecurity. Smart cities, connected devices, digitized records, as well as smart cars and homes, have become a new reality. While there are tremendous benefits to this technology, it is critical to...
CERT/CC Reports WPA2 Vulnerabilities
CERT Coordination Center CERT/CC has released information on Wi-Fi Protected Access II WPA2 protocol vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to take control of an affected system. The vulnerabilities are in the WPA2 protocol, not within individual WPA2...
Apache Software Foundation Releases Security Update
The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review the Apache Security Bulletin and Vulnerability Note...
DNSSEC Key Signing Key Rollover
On October 11, 2017, the Internet Corporation for Assigned Names and Numbers ICANN will be changing the Root Zone Key Signing Key KSK used in the domain name system DNS Security Extensions DNSSEC protocol. DNSSEC is a set of DNS protocol extensions used to digitally sign DNS information, which is...
Juniper Networks Releases Junos OS Security Advisory
Juniper Networks has released a security advisory that addresses a vulnerability in Junos OS. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. US-CERT encourages users and administrators to review the Juniper Security Advisory and apply necessary updates...
Microsoft Releases August 2017 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review Microsoft's August 2017 Security Update Summary and Deployment...
Google Releases Security Updates for Chrome
Google has released Chrome version 60.0.3112.78 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the...
Joomla! Releases Security Update
Joomla! has released version 3.7.4 of its Content Management System CMS software to address several vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. US-CERT encourages users and administrators to review the Joomla! Security...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its Web Security Appliance WSA. A remote attacker could exploit this vulnerability to take control of a system. US-CERT encourages users and administrators to review the Cisco Security Advisory for vulnerability and mitigation...
SEI Issues Advice on Ransomware
The Software Engineering Institute SEI of Carnegie Mellon University has released a blog post on best practices for preventing and responding to ransomware. This common malware captures, encrypts, and holds your data to extort a ransom. SEI’s top recommendation to thwart ransomware attacks is to...
FTC Releases Alert on Identity Theft
The Federal Trade Commission FTC has released an alert about how quickly criminals begin using your personal information once it is posted to a hacker site by an identity thief. FTC researchers found that it can take as few as 9 minutes for crooks to access stolen personal information posted to...
Mozilla Releases Security Updates
Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisories for Firefox 53.0.2 and Firefox ESR...
Apple Releases Multiple Security Updates
Apple has released security updates for several products to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Apple Support Articles...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in its IOS, IOS XE, and IOx Software. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system or cause a denial-of-service condition. Users and administrators are encouraged to...
Drupal Releases Security Update
Drupal has released an advisory to address vulnerabilities in Drupal core 8.x versions prior to 8.2.7. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Drupal's Security Advisory and apply th...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in its Prime Home platform. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisory for vulnerability an...
Week Four of National Cyber Security Awareness Month
In partnership with DHS, the National Cyber Security Alliance has released information on Navigating Your Continuously Connected Life which examines our future using Internet of Things IoT devices. The CyberAware Tip of the Week details the infographic on the growing IoT and provides safe computi...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its Cisco WebEx Meetings Player. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisory and apply t...
Mozilla Releases Security Update for Firefox
Mozilla has released Firefox 49.0.2 to address a security vulnerability. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Mozilla Security Advisory for Firefox and apply the necessary update...
Week Two of National Cyber Security Awareness Month
October is National Cyber Security Awareness Month, an annual campaign to raise awareness about cybersecurity. In partnership with DHS, the National Cyber Security Alliance has released information on “Cyber from the Break Room to the Board Room” describing how users can protect their businesses...