4188 matches found
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in Unified Access Gateway, Horizon View, and Workstation. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Securit...
Microsoft Releases April 2017 Security Updates
Microsoft has released 61 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of a system. This Security Update addresses a Microsoft Office vulnerability that is actively being exploited to spread...
Aviation Phishing Scams
US-CERT has received reports of email-based phishing campaigns targeting airline consumers. Systems infected through phishing campaigns act as an entry point for attackers to gain access to sensitive business or personal information. US-CERT encourages users and administrators to review an airlin...
Mozilla Releases Security Updates
Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. Exploitation of this vulnerability may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox and Firefox...
Microsoft Releases March 2017 Security Bulletin
Microsoft has released 18 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS17-006 through...
IRS Releases Tax-Time Guide
The Internal Revenue Service IRS has released tax-time advice intended to help the public protect their personal and financial data and computers. Recommendations include using strong passwords, backing up files, and using robust security software to help block malware and viruses. Users and...
Apple Releases Security Update
Apple has released a security update to address a vulnerability in Logic Pro X. Exploitation of this vulnerability may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security page for Logic Pro X and apply the necessary...
CERT/CC Reports a Microsoft SMB Vulnerability
CERT Coordination Center CERT/CC has released information on a Server Message Block SMB vulnerability affecting Microsoft Windows. Exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service condition. No patches are currently available, but mitigations include...
Mozilla Releases Security Updates
Mozilla has released a security update to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Adviso...
Apple Releases Security Updates
Apple has released security updates to address multiple vulnerabilities in several products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security pages for the followin...
ISC Releases Security Updates for BIND
The Internet Systems Consortium ISC has released updates that address multiple vulnerabilities in BIND. A remote attacker could exploit any of these vulnerabilities to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.9-P5 BIND 9 version 9.10.4-P5 BIND 9 version...
GRIZZLY STEPPE - Russian Malicious Cyber Activity
The Department of Homeland Security DHS has released a Joint Analysis Report JAR that details Russian malicious cyber activity, designated as GRIZZLY STEPPE. This activity by Russian civilian and military intelligence services RIS is part of an ongoing campaign of cyber-enabled operations directe...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 50.1 Firefox ESR 45.6 Users and administrators...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-38, APSB16-39,...
Mozilla Releases Security Updates
Mozilla has released security updates to address a vulnerability in Firefox, Firefox ESR, and Thunderbird. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Available updates include: Firefox 50.0.2 Firefox ESR 45.5.1 Thunderbird 45.5.1 US-CERT...
US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns
US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed email messages and fraudulent posts on social networking...
VMware Releases Security Update
VMware has released a security update to address a vulnerability in vRealize Operations. Exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2016-0020 and apply the...
Strategic Principles for Securing the IoT
DHS has released a set of Strategic Principles for Securing the Internet of Things IoT to help inform consumers, operators and manufacturers in their decision-making regarding networked and networkable devices. While the IoT can provide efficiency, convenience, and interactivity features that are...
Microsoft Releases Security Updates
Microsoft has released 14 updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS16-129 through MS16-14...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Flash Player and Connect. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB16-37 and...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the...
Joomla! Releases Security Update for CMS
Joomla! has released version 3.6.4 of its Content Management System CMS software to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the Joomla!...
ISC Releases Security Advisory
The Internet Systems Consortium ISC has released a security advisory to highlight a vulnerability in versions of BIND software released before May 2013, and in third-party versions that do not include fix 3548. Exploitation of this vulnerability may allow a remote attacker to cause a...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Flash Player and the Creative Cloud Desktop Application. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe...
VMware Releases Security Updates
VMware has released security updates to address a vulnerability in Horizon View. Exploitation of this vulnerability could allow a remote attacker to obtain sensitive information. Users and administrators are encouraged to review VMware Security Advisory VMSA-2016-0015 and apply the necessary...
Drupal Releases Security Advisory
Drupal has released an advisory to address vulnerabilities in Drupal core 8.x versions prior to 8.1.10. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Drupal's Security Advisory an...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in macOS Server, macOS Sierra, Safari, and iCloud for Windows. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in several products. Exploitation of this vulnerability could allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are encouraged to review the Cisco Security Advisory and apply the...
WordPress Releases Security Update
WordPress 4.6 and prior versions are affected by two vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected website. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in OS X and Safari. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security page for OS X and Safari and app...
Cybersecurity Tips for the Rio Olympics
As the 2016 Olympic Games begin in Rio de Janeiro, US-CERT reminds travelers to be aware of cybersecurity risks. At high-profile events, hacktivists may take advantage of the large audience to spread their message. Cyber criminals may attempt to steal personally identifiable information or harves...
Apple Releases Multiple Security Updates
Apple has released security updates for iTunes, Safari, tvOS, watchOS, iOS, and OS X El Captain. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: iTunes 12.4.2 for Windows 7 and later Safari 9.1.2 for OS X...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe AIR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. The critical vulnerability in Flash Player is being used in limited, targeted attack...
Symantec Releases Security Update
Symantec has released Anti-Virus Engine 20151.1.1.4 to address a vulnerability in Symantec Antivirus products. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Symantec Security Advisory...
Microsoft Releases May 2016 Security Bulletin
Microsoft has released 16 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the following Microsoft Security Bulletins...
WordPress Releases Security Update
WordPress 4.5.1 and prior versions are affected by two vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress...
FBI Releases Article on Ransomware
The Federal Bureau of Investigation FBI has released an article addressing the proliferation of ransomware campaigns. Ransomware is a type of malicious software that infects a computer and restricts users' access to it until a ransom is paid to unlock it. Individuals and organizations are...
Symantec Releases Security Updates
Symantec has released security updates to address vulnerabilities in its Messaging Gateway SMG Appliance software. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Symantec...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Flash Player, Creative Cloud Desktop Application, and RoboHelp Server. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to...
IRS Issues Warning for Tax Phishing Scam
The Internal Revenue Service IRS has issued a press release to address a phishing scam targeting taxpayers. Email scammers have been observed citing tax fraud to trick victims into clicking on a malicious link. Taxpayers should be suspicious of unsolicited emails. Users and administrators are...
Google Releases Security Update for Chrome
Google has released Chrome version 49.0.2623.108 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected device. Users and administrators are encouraged to review the following Cisco Security Advisories and appl...
Google Releases Security Update for Chrome
Google has released Chrome version 49.0.2623.87 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...
Apple Releases Security Update for Apple TV
Apple has released a security update for Apple TV to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected device. US-CERT encourages users and administrators to review the Apple security update for Apple TV 7.2....
Google Releases Security Update for Chrome
Google has released Chrome version 48.0.2564.116 to address a vulnerability for Windows, Mac, and Linux. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releases page and apply t...
Microsoft Releases February 2016 Security Bulletin
Microsoft has released 13 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS16-009 through...
OpenSSH Client Vulnerability
OpenSSH version 7.1p2 has been released to address vulnerabilities in versions 5.4 through 7.1p1. Exploitation of one of these vulnerabilities may allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are encouraged to review the OpenSSH Release...
Apple Releases Security Update for QuickTime
Apple has released a security update to address multiple vulnerabilities in QuickTime for Windows 7 and Windows Vista. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security...
WordPress Releases Security Update
WordPress 4.4 and prior versions contain a cross-site scripting vulnerability. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade to...
Joomla Releases Security Update for CMS
Joomla has released version 3.4.6 of its content management system CMS software to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. US-CERT encourages users and administrators to review the Joomla...