4188 matches found
Week Three of National Cyber Security Awareness Month
In partnership with DHS, the National Cyber Security Alliance has released information on recognizing cyber crime and how to protect yourself online. Recommendations include deleting suspicious communications, being wary of "too good to be true" offers, and using strong authentication. The...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
OpenSSL Releases Security Updates
OpenSSL has released security updates to address vulnerabilities in previous versions. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Available updates include: OpenSSL 1.1.0b for 1.1.0 users OpenSSL 1.0.2j for 1.0.2i users OpenSS...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in several products. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and appl...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in several products. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and...
Apple Releases Security Update
Apple has released a security update to address multiple vulnerabilites in iOS. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. The update is for iPhone 4s and later, iPad 2 and later, and iPod touch 5th generation and later. US-CER...
FTC Releases Alert on Louisiana Flood Disaster Scams
The Federal Trade Commission FTC has released an alert on scams that cite the recent flood disaster in Louisiana. These charity scams take many forms, including emails containing links or attachments that direct users to phishing or malware-infected websites. Donation requests from fraudulent...
Apple Releases Security Update
Apple has released a security update to address a vulnerability in iOS. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. The update is for iPhone 4s and later, iPad 2 and later, and iPod touch 5th generation and later. US-CERT encourages users...
Google Releases Security Update for Chrome
Google has released Chrome version 52.0.2743.82 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in several products. Exploitation of some of these vulnerabilities could allow an unauthenticated remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Securit...
WordPress Releases Security Update
WordPress 4.5.2 and prior versions are affected by several security issues. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPre...
Microsoft Releases June 2016 Security Bulletin
Microsoft has released 16 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Microsoft Security Bulletins...
IC3 Warns of Extortion Email Schemes
The Internet Crime Complaint Center IC3 has issued an alert on extortion schemes that relate to recent high-profile data thefts. Fraudsters often use the news release of high-profile data breaches to scare victims into clicking on a link or paying a ransom. US-CERT encourages users and...
Google Releases Security Update for Chrome
Google has released Chrome version 50.0.2661.75 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities could allow a remote attacker to create a denial-of-service condition. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply...
Citrix Releases Security Update
Citrix has released updates to address a vulnerability in its Citrix Licensing Server. Exploitation of this vulnerability could allow a remote attacker to take control of an affected server. Users and administrators are encouraged to review Citrix Security Bulletin CTX207824 and Vulnerability Not...
Microsoft Releases March 2016 Security Bulletin
Microsoft has released 13 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS16-023 throug...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Connect, Experience Manager, Flash Player, and Photoshop CC and Bridge CC. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to...
IRS Releases Eighth Security Tip
The Internal Revenue Service IRS has released the eighth in a series of tips intended to help the public protect personal and financial data online and at home. A new tip will be available each Monday through the start of the tax season in January. This tip describes methods users should follow t...
Mozilla Releases Security Updates
Mozilla has released security updates to address a vulnerability in Firefox. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system. Available updates include: Firefox 43.0.2 Firefox ESR 38.5.2 US-CERT encourages users and...
Juniper Releases Out-of-band Security Advisory for ScreenOS
Juniper has discovered unauthorized code in ScreenOS which could allow an attacker to take control of NetScreen devices and to decrypt VPN connections. US-CERT recommends that users and administrators review Juniper Security Bulletin 2015-12 and update all affected ScreenOS versions. This product...
Internet Systems Consortium (ISC) Releases Security Updates for BIND
ISC has released security updates to address vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.8-P2 BIND 9 version 9.10.3-P2 BIND 9 version 9.9.8-S3 Users and...
US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns
US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed email messages and fraudulent posts on social networking...
Microsoft Releases November 2015 Security Bulletin
Microsoft has released 12 updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-112 through...
Google Releases Security Update for Chrome
Google has released Chrome version 46.0.2490.71 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities in Prime Collaboration Assurance, Prime Collaboration Provisioning, and TelePresence Server software. Exploitation of these vulnerabilities could allow a remote attacker to escalate privileges, obtain sensitive information, or cause a...
Apple Releases Security Updates for OS X Server, iTunes, Xcode, and iOS
Apple has released security updates for OS X Server, iTunes, Xcode, and iOS to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: OS X Server v5.0.3 for OS X Yosemite v10.10....
Adobe Releases Security Update for ColdFusion
Adobe has released a security update for ColdFusion to address a vulnerability. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are encouraged to review the Adobe Security Bulletin APSB15-21 and apply...
Internet Systems Consortium (ISC) Releases Security Updates for BIND
ISC has released security updates to address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Updates available include: BIND 9-version 9.9.7-P2 BIND 9-version 9.10.2-P3 Users and administrators are encouraged to revie...
Microsoft Releases July 2015 Security Bulletin
Microsoft has released 14 updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow remote code execution or elevation of privileges. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-058 and MS15-065...
OpenSSL Releases Security Advisory
OpenSSL has released updates to address a vulnerability that could impact proper certificate verification. A remote attacker could ‘issue’ invalid certificates that pass validation by affected versions. Updates available include: OpenSSL 1.0.2d for 1.0.2b/1.02c users OpenSSL 1.0.1p for...
Security Updates for Node.js and io.js
Networking applications using Node.js or io.js contain a vulnerability in the V8 JavaScript engine. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Available updates include: node.js-v0.12.6 io.js-v2.2.3 io.js-v1.8.3 Users and administrators...
Apple Releases Security Updates for QuickTime, Safari, Mac EFI, OS X Yosemite, and iOS
Apple has released security updates for QuickTime, Safari, Mac Extensible Firmware Interface EFI, OS X Yosemite, and iOS. Exploitation of some of these vulnerabilities may allow an attacker to obtain elevated privileges or crash applications. Available updates include: QuickTime 7.7.7 for Windows...
Drupal Releases Security Updates
Drupal has released updates to address multiple vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to gain access to a system account, including an administrator's. Available updates include: • Drupal core 6.36 for 6.x users • Drupal core 7.38 for 7.x user...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address multiple vulnerabilities in Flash Player for Windows, Macintosh, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe...
Google Releases Security Update for Chrome
Google has released Chrome version 42.0.2311.135 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Google Chrome...
WordPress Releases Security Update
WordPress 4.2 and prior versions contain critical cross-site scripting vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the WordPress Security Release and upgrade to...
IC3 Issues Alert for Fake Government Websites
The Internet Crime Complaint Center IC3 has released an alert that warns consumers of fraudulent government-services websites that mimic legitimate ones. Scam operators lure consumers to these fraudulent websites in order to steal their personal identifiable information PII and collect fees for...
Mozilla Releases Security Update for Firefox
The Mozilla Foundation has released Firefox 37.0.1 to address two vulnerabilities, one of which may allow a remote attacker to conduct man-in-the-middle attacks. Users and administrators are encouraged to review the security advisories for Firefox and apply the necessary updates. This product is...
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
The Mozilla Foundation has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 37 Firefox ESR 31.6...
Installer Hijacking Vulnerability in Android Devices
A vulnerability in Google's Android OS has been discovered that could allow an attacker to change or replace a seemingly safe Android application with malware during installation. An attacker exploiting this vulnerability could access and steal user data on compromised devices without user...
Apple Releases Security Update for OS X Yosemite
Apple has released Security Update 2015-003 for OS X Yosemite v10.10.2 to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Apple Security Update...
Drupal Releases Security Updates
Drupal has released updates to address multiple vulnerabilities, one of which could allow a remote attacker to gain access to a system account. Available updates include: Drupal core 6.35 for 6.x users Drupal core 7.35 for 7.x users US-CERT encourages users and administrators to review Drupal's...
Ubuntu Releases Security Update
Ubuntu has released a security update to address multiple vulnerabilities in PHP5 affecting Ubuntu 14.10, 14.04 LTS, 12.04 LTS, and 10.04 LTS. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service or execute arbitrary code. Users and administrators are encourage...
FTC Details the Top 10 Imposter Scams of 2014
The Federal Trade Commission FTC has released an advisory describing the top 10 reported imposter scams for 2014. Scam operators often impersonate individuals, companies, and organizations to entice targets to participate in fraudulent financial transactions. Users are encouraged to review the FT...
Cisco IPv6 Denial of Service Vulnerability
Cisco has identified a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. Cisco Network Convergence System 6000 NCS 6000 and Cisco Carrier...
IRS Issues Warning for a Scam Targeting Tax Preparers
The Internal Revenue Service IRS has issued a press release addressing a new spear phishing scam targeting tax preparers and other tax professionals. Scam operators often use fraudulent e-mails to entice their targets to reveal login credentials. US-CERT encourages users and administrators to...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address a vulnerability in Flash Player, which could potentially allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-02 and apply the necessary updates. This product ...
Ubuntu Releases Security Updates
Ubuntu has released security updates to address multiple vulnerabilities affecting Ubuntu 10.04 LTS, 12.04 LTS, 14.04 LTS, and 14.10. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service or execute arbitrary code. Users and administrators are encouraged to revi...
Apple Releases Security Updates for OS X
Apple has released security updates for OS X Mountain Lion, Mavericks, and Yosemite to address multiple vulnerabilities in the Network Time Protocol daemon. Exploitation of these vulnerabilities may allow a remote attacker to take control of a vulnerable system. US-CERT encourages users and...