4188 matches found
Google Releases Security Updates for Chrome
Google has released Chrome version 60.0.3112.78 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the...
Joomla! Releases Security Update
Joomla! has released version 3.7.4 of its Content Management System CMS software to address several vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. US-CERT encourages users and administrators to review the Joomla! Security...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its Web Security Appliance WSA. A remote attacker could exploit this vulnerability to take control of a system. US-CERT encourages users and administrators to review the Cisco Security Advisory for vulnerability and mitigation...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in its WebEx browser extension on Google Chrome and Mozilla Firefox. A remote attacker could exploit this vulnerability to take control of a system. US-CERT encourages users and administrators to review the Cisco Security Advisory for...
SEI Issues Advice on Ransomware
The Software Engineering Institute SEI of Carnegie Mellon University has released a blog post on best practices for preventing and responding to ransomware. This common malware captures, encrypts, and holds your data to extort a ransom. SEI’s top recommendation to thwart ransomware attacks is to...
FTC Releases Alert on Identity Theft
The Federal Trade Commission FTC has released an alert about how quickly criminals begin using your personal information once it is posted to a hacker site by an identity thief. FTC researchers found that it can take as few as 9 minutes for crooks to access stolen personal information posted to...
Mozilla Releases Security Updates
Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisories for Firefox 53.0.2 and Firefox ESR...
Apple Releases Multiple Security Updates
Apple has released security updates for several products to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Apple Support Articles...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in its IOS, IOS XE, and IOx Software. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system or cause a denial-of-service condition. Users and administrators are encouraged to...
Drupal Releases Security Update
Drupal has released an advisory to address vulnerabilities in Drupal core 8.x versions prior to 8.2.7. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Drupal's Security Advisory and apply th...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in its Prime Home platform. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisory for vulnerability an...
Week Four of National Cyber Security Awareness Month
In partnership with DHS, the National Cyber Security Alliance has released information on Navigating Your Continuously Connected Life which examines our future using Internet of Things IoT devices. The CyberAware Tip of the Week details the infographic on the growing IoT and provides safe computi...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its Cisco WebEx Meetings Player. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisory and apply t...
Mozilla Releases Security Update for Firefox
Mozilla has released Firefox 49.0.2 to address a security vulnerability. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Mozilla Security Advisory for Firefox and apply the necessary update...
Week Two of National Cyber Security Awareness Month
October is National Cyber Security Awareness Month, an annual campaign to raise awareness about cybersecurity. In partnership with DHS, the National Cyber Security Alliance has released information on “Cyber from the Break Room to the Board Room” describing how users can protect their businesses...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Flash Player and the Creative Cloud Desktop Application. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
Google Releases Security Update for Chrome
Google has released Chrome version 53.0.2785.113 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releases pa...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in watchOS, Xcode, and iOS. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security page for watchOS, Xcode,...
FTC Releases Alert on Louisiana Flood Disaster Scams
The Federal Trade Commission FTC has released an alert on scams that cite the recent flood disaster in Louisiana. These charity scams take many forms, including emails containing links or attachments that direct users to phishing or malware-infected websites. Donation requests from fraudulent...
VMware Releases Security Update
VMware has released a security update to address vulnerabilities in vCenter Server, vSphere Hypervisor ESXi, Workstation Pro, Workstation Player, Fusion, and Tools. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in several products. Exploitation of some of these vulnerabilities could allow an unauthenticated remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Securit...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 48 Firefox ESR 45.3 Users and administrators ar...
Cybersecurity Tips for the Rio Olympics
As the 2016 Olympic Games begin in Rio de Janeiro, US-CERT reminds travelers to be aware of cybersecurity risks. At high-profile events, hacktivists may take advantage of the large audience to spread their message. Cyber criminals may attempt to steal personally identifiable information or harves...
Google Releases Security Update for Chrome
Google has released Chrome version 52.0.2743.82 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in several products. Exploitation of some of these vulnerabilities could allow an unauthenticated remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Securit...
WordPress Releases Security Update
WordPress 4.5.1 and prior versions are affected by two vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress...
OpenSSL Releases Security Updates
OpenSSL has released security updates to address vulnerabilities in previous versions. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: OpenSSL 1.0.2h for 1.0.2 users OpenSSL 1.0.1t for 1.0.1 users US-CERT...
IRS Warns Taxpayers About Scams as Tax Deadline Approaches
The Internal Revenue Service IRS has issued a press release to warn of a potential increase in scams targeting taxpayers around the April 18 tax deadline. Before and after the deadline, scammers may tempt or pressure taxpayers into revealing personal information. US-CERT and IRS recommend taxpaye...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and app...
Google Releases Security Update for Chrome
Google has released Chrome version 49.0.2623.87 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...
OpenSSL Releases Security Advisory
OpenSSL has released updates to address vulnerabilities in prior versions. Exploitation of some of these vulnerabilities may allow a remote attacker to obtain sensitive information. Updates available include: OpenSSL 1.0.2g for 1.0.2 users OpenSSL 1.0.1s for 1.0.1 users Users and administrators a...
Apple Releases Security Update for Apple TV
Apple has released a security update for Apple TV to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected device. US-CERT encourages users and administrators to review the Apple security update for Apple TV 7.2....
GNU glibc Vulnerability
GNU glibc contains a buffer overflow vulnerability in the DNS resolver. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Vulnerability Note VU457759 and the glibc Project Notification for...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Connect, Experience Manager, Flash Player, and Photoshop CC and Bridge CC. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to...
IRS Releases Fifth Tax Security Tip
The Internal Revenue Service IRS has released the fifth in a series of tips intended to help the public protect personal and financial data online and at home. This tip focuses on guarding personal information for family members who are susceptible to cyber threats. Recommendations include keepin...
Juniper Releases Out-of-band Security Advisory for ScreenOS
Juniper has discovered unauthorized code in ScreenOS which could allow an attacker to take control of NetScreen devices and to decrypt VPN connections. US-CERT recommends that users and administrators review Juniper Security Bulletin 2015-12 and update all affected ScreenOS versions. This product...
Joomla Releases Security Update for CMS
Joomla has released version 3.4.6 of its content management system CMS software to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. US-CERT encourages users and administrators to review the Joomla...
US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns
US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed email messages and fraudulent posts on social networking...
Microsoft Releases November 2015 Security Bulletin
Microsoft has released 12 updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-112 through...
Mozilla Releases Security Update for Firefox
Mozilla has released Firefox 41.0.2 to address a security vulnerability. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system. US-CERT encourages users and administrators to review Mozilla Security Advisory 2015-115 and apply the...
Google Releases Security Update for Chrome
Google has released Chrome version 46.0.2490.71 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases...
Apple Releases Security Updates for OS X El Capitan, Safari, and iOS
Apple has released security updates for OS X El Capitan, Safari, and iOS to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow an attacker to run arbitrary code. Available updates include: OS X El Capitan 10.11 for Mac OS X v10.6.8 and later Safari 9 for OS ...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities in Prime Collaboration Assurance, Prime Collaboration Provisioning, and TelePresence Server software. Exploitation of these vulnerabilities could allow a remote attacker to escalate privileges, obtain sensitive information, or cause a...
Adobe Releases Security Update for ColdFusion
Adobe has released a security update for ColdFusion to address a vulnerability. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are encouraged to review the Adobe Security Bulletin APSB15-21 and apply...
Internet Systems Consortium (ISC) Releases Security Updates for BIND
ISC has released security updates to address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Updates available include: BIND 9-version 9.9.7-P2 BIND 9-version 9.10.2-P3 Users and administrators are encouraged to revie...
OpenSSL Releases Security Advisory
OpenSSL has released updates to address a vulnerability that could impact proper certificate verification. A remote attacker could ‘issue’ invalid certificates that pass validation by affected versions. Updates available include: OpenSSL 1.0.2d for 1.0.2b/1.02c users OpenSSL 1.0.1p for...
OPM Identity-Protection Phishing Campaigns
US-CERT is aware of suspicious domain names that may be used in phishing campaigns masquerading as official communication from the Office of Personnel Management OPM or the identity protection firm CSID. Https://opm.csid.com is the legitimate domain used by CSID, which is responsible for identity...
Fraud Alert Issued on Business Email Compromise Scam
The Financial Services Information Sharing and Analysis Center FS-ISAC and federal law enforcement agencies have released a joint alert warning companies of a sophisticated wire payment scam referred to as business email compromise BEC. Scammers use fraudulent information to trick companies into...