4188 matches found
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
Apple Releases Security Update for iOS
Apple has released iOS 11.0.1 to address vulnerabilities in previous versions of iOS. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security page for iOS 11.0.1 and...
Joomla! Releases Security Update
Joomla! has released version 3.8.0 of its Content Management System CMS software to address a vulnerability. A remote attacker could exploit this vulnerability to obtain access to sensitive information. US-CERT encourages users and administrators to review the Joomla! Security Release and apply t...
FTC Releases Alerts on Protecting Against Identity Theft
The Federal Trade Commission FTC has released two alerts to educate consumers on recommended protections against identity theft after the recent data breach at Equifax. Users should consider placing security freezes with the three major credit reporting agencies: Equifax, Transunion, and Experian...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker may exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Apple security pages for the following products and apply t...
NIST Releases New Digital Identity Guidelines
The National Institute of Standards and Technology NIST has released the Digital Identity Guidelines document suite. The four-volume suite offers technical guidelines for organizations that use digital identity services. US-CERT encourages information security practitioners in industry, governmen...
FBI Releases Article on Protecting Business Email Systems
The Federal Bureau of Investigation FBI has released an article on Building a Digital Defense with an Email Fortress. FBI warns that scammers commonly target business email accounts with phishing and social engineering schemes. Strategies for preventing email compromises include avoiding the use ...
ICS-CERT Releases WannaCry Fact Sheet
The Industrial Control Systems Cyber Emergency Response Team ICS-CERT has released a short overview of the WannaCry ransomware infections. This fact sheet provides information on how the WannaCry program spreads, what users should do if they have been infected, and how to protect against similar...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its WebEx Meetings Server which could allow a remote attacker to obtain sensitive information. US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary update. This product is...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary...
Microsoft Releases April 2017 Security Updates
Microsoft has released 61 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of a system. This Security Update addresses a Microsoft Office vulnerability that is actively being exploited to spread...
Apple Releases Security Update for iTunes
Apple has released a security update for Apple iTunes to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review information on iTunes 12.6 and apply the...
Apache Software Foundation Releases Security Updates
The Apache Software Foundation has released security updates to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the Apache Security Bulletin and upgrade to Struts 2.3.3...
Mozilla Releases Security Update
Mozilla has released a security update to address multiple vulnerabilities in Firefox. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the Mozilla Security Advisory for Firefox and apply the...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its NetFlow Generation Appliance NGA. Exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review the Cisco Security Advisory and apply...
Mozilla Releases Security Updates
Mozilla has released a security update to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Adviso...
Apple Releases Security Updates
Apple has released security updates to address multiple vulnerabilities in several products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security pages for the followin...
Microsoft Releases January 2017 Security Bulletin
Microsoft has released four updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS17-001 through...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 50.1 Firefox ESR 45.6 Users and administrators...
Mozilla Releases Security Update
Mozilla has released a security update to address a vulnerability in Firefox versions 49 and 50. A remote attacker could exploit this vulnerability to take control of an affected system. Available updates include: Firefox 50.0.1 Users and administrators are encouraged to review the Mozilla Securi...
Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)
The Network Time Foundation's NTP Project has released version ntp-4.2.8p9 to address multiple vulnerabilities in ntpd. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review...
VMware Releases Security Update
VMware has released a security update to address a vulnerability in vRealize Operations. Exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2016-0020 and apply the...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the...
ISC Releases Security Updates for BIND
The Internet Systems Consortium ISC has released updates that address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.9-P4 BIND 9 version 9.10.4-P4 BIND 9 version 9.11.0-P...
Joomla! Releases Security Update for CMS
Joomla! has released version 3.6.4 of its Content Management System CMS software to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the Joomla!...
Week Three of National Cyber Security Awareness Month
In partnership with DHS, the National Cyber Security Alliance has released information on recognizing cyber crime and how to protect yourself online. Recommendations include deleting suspicious communications, being wary of "too good to be true" offers, and using strong authentication. The...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
OpenSSL Releases Security Updates
OpenSSL has released security updates to address vulnerabilities in previous versions. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Available updates include: OpenSSL 1.1.0b for 1.1.0 users OpenSSL 1.0.2j for 1.0.2i users OpenSS...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in several products. Exploitation of this vulnerability could allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are encouraged to review the Cisco Security Advisory and apply the...
Apple Releases Security Update
Apple has released a security update to address multiple vulnerabilites in iOS. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. The update is for iPhone 4s and later, iPad 2 and later, and iPod touch 5th generation and later. US-CER...
Apple Releases Security Update
Apple has released a security update to address a vulnerability in iOS. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. The update is for iPhone 4s and later, iPad 2 and later, and iPod touch 5th generation and later. US-CERT encourages users...
WordPress Releases Security Update
WordPress 4.5.2 and prior versions are affected by several security issues. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPre...
Microsoft Releases June 2016 Security Bulletin
Microsoft has released 16 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Microsoft Security Bulletins...
IC3 Warns of Extortion Email Schemes
The Internet Crime Complaint Center IC3 has issued an alert on extortion schemes that relate to recent high-profile data thefts. Fraudsters often use the news release of high-profile data breaches to scare victims into clicking on a link or paying a ransom. US-CERT encourages users and...
Symantec Releases Security Update
Symantec has released Anti-Virus Engine 20151.1.1.4 to address a vulnerability in Symantec Antivirus products. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Symantec Security Advisory...
FBI Releases Article on Ransomware
The Federal Bureau of Investigation FBI has released an article addressing the proliferation of ransomware campaigns. Ransomware is a type of malicious software that infects a computer and restricts users' access to it until a ransom is paid to unlock it. Individuals and organizations are...
FTC Releases Alert on Earthquake Disaster Email Scams
The Federal Trade Commission FTC has released an alert on email scams that cite the recent earthquakes in Ecuador and Japan. The scam emails may contain links or attachments that direct users to phishing or malware-infected websites. Donation requests from fraudulent charitable organizations...
Google Releases Security Update for Chrome
Google has released Chrome version 50.0.2661.75 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases...
Citrix Releases Security Update
Citrix has released updates to address a vulnerability in its Citrix Licensing Server. Exploitation of this vulnerability could allow a remote attacker to take control of an affected server. Users and administrators are encouraged to review Citrix Security Bulletin CTX207824 and Vulnerability Not...
Microsoft Releases March 2016 Security Bulletin
Microsoft has released 13 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS16-023 throug...
Microsoft Releases February 2016 Security Bulletin
Microsoft has released 13 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS16-009 through...
Apple Releases Security Updates for iOS, OS X El Capitan, and Safari
Apple has released security updates for iOS, OS X El Capitan, and Safari to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: iOS 9.2.1 for iPhone 4s and later, iPod touch 5...
OpenSSH Client Vulnerability
OpenSSH version 7.1p2 has been released to address vulnerabilities in versions 5.4 through 7.1p1. Exploitation of one of these vulnerabilities may allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are encouraged to review the OpenSSH Release...
Apple Releases Security Update for QuickTime
Apple has released a security update to address multiple vulnerabilities in QuickTime for Windows 7 and Windows Vista. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security...
WordPress Releases Security Update
WordPress 4.4 and prior versions contain a cross-site scripting vulnerability. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade to...
Microsoft Releases December 2015 Security Bulletin
Microsoft has released 12 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-124 throug...
IRS Releases First in a Series of Tax Security Tips
The Internal Revenue Service IRS has released the first in a series of tips intended to increase public awareness of how to protect personal and financial data online and at home. A new tip will be available each Monday through the start of the tax season in January. The first tip focuses on seve...
Dell Computers Contain CA Root Certificate Vulnerability
Dell personal computers using the preinstalled certificate authority CA root certificate eDellRoot contain a critical vulnerability. Exploitation of the vulnerability could allow a remote attacker to read encrypted web browser traffic HTTPS, impersonate spoof any website, or perform other attacks...
VMware Releases Security Updates
VMware has released security updates to address a vulnerability in vCenter, vCloud Director, and Horizon View. Exploitation of this vulnerability may allow an attacker to obtain sensitive information. Users and administrators are encouraged to review VMware Security Advisory VMSA-2015-0008 and...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-28 and apply t...