4188 matches found
Google Releases Security Updates for Chrome
Google has released Chrome version 84.0.4147.105 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Citrix Releases Security Updates for Workspace App for Windows
Citrix has released security updates to address a vulnerability in Workspace app for Windows. A remote attacker could exploit this vulnerability to take control of an affected system if Windows Server Message Block SMB is enabled. The Cybersecurity and Infrastructure Security Agency CISA recommen...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Microsoft Releases July 2020 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Google Releases Security Updates for Chrome
Google has released Chrome version 83.0.4103.116 for Windows, Mac, and Linux. This version addresses a vulnerability that a remote attacker could exploit to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Adobe Releases Security Updates for Magento
Adobe has released security updates to address vulnerabilities in Magento Commerce 1 and Magento Open Source 1. An attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrato...
IC3 Releases Alert on Mobile Banking Apps
The Internet Crime Complaint Center IC3 has released an alert warning consumers of cyber risks associated with mobile banking apps. As more consumers rely on mobile apps for banking, malicious cyber actors are likely to increasingly target them with app-based banking Trojans and fake banking apps...
CISA, DOE, and UK’s NCSC Issue Guidance on Protecting Industrial Control Systems
The Cybersecurity and Infrastructure Security Agency CISA, the Department of Energy DOE, and the UK's National Cyber Security Centre NCSC have released Cybersecurity Best Practices for Industrial Control Systems, an infographic providing recommended cybersecurity practices for industrial control...
VMware Releases Security Updates for ESXi
VMware has released security updates to address a vulnerability in ESXi. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review VMware Security Advisory...
Google Releases Security Updates for Chrome
Google has released Chrome version 81.0.4044.129 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
NSA, ASD Release Guidance for Mitigating Web Shell Malware
The U.S. National Security Agency NSA and the Australian Signals Directorate ASD have jointly released a Cybersecurity Information Sheet CSI on mitigating web shell malware. Malicious cyber actors are increasingly deploying web shell malware on victim web servers to execute arbitrary system...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the following...
VMware Releases Security Updates for vRealize Log Insight
VMware has released security updates to address vulnerabilities in VMware vRealize Log Insight. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review VMware...
Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. The...
North Korean Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified the following malware variants used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean...
Adobe Releases Security Updates for Magento
Adobe has released security updates to address vulnerabilities affecting Magento Commerce and Open Source editions. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
Tax Identity Theft Awareness Week
Tax Identity Theft Awareness Week is February 3-7. The Federal Trade Commission FTC Tax Identity Theft Awareness Week webpage will provide webinars and other resources from FTC and its partners throughout the week to help educate the public on how to protect against identity theft this tax season...
Data Privacy Day: A Vision for the Future
January 28 is Data Privacy Day, an annual effort to empower individuals and organizations to respect privacy, safeguard data, and enable trust. This year, the National Cyber Security Alliance NCSA is bringing together experts on U.S. and international privacy for A Vision for the Future, an...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Apple...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. The Cybersecurity...
IC3 Issues Alert on Employment Scams
The Internet Crime Complaint Center IC3 has issued an alert warning consumers of fake jobs and hiring scams targeting applicants’ personally identifiable information PII. Cyber criminals posing as legitimate employers spoof company websites and post fake job openings to lure victims. Cyber...
Oracle Releases January 2020 Security Bulletin
Oracle has released its Critical Patch Update for January 2020 containing 334 new security patches to address vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Securit...
VMware Releases Security Update
VMware has released a security update to address a vulnerability in VMware Tools. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review VMware Security Advisory...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in Cisco Webex Video Mesh, Cisco IOS, and Cisco IOS XE Software. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Securit...
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities in Drupal 7.x, 8.7.x, and 8.8.x. An attacker could exploit some of these vulnerabilities to modify data on an affected website. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...
Microsoft Releases December 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Apple...
Cyber Monday: Tips for Safeguarding Personal Information
Cyber Monday draw millions of shoppers online for deals and savings, but this day also provides opportunities for an attacker to steal personal information. The Cybersecurity and Infrastructure Security Agency CISA reminds users to remain vigilant when browsing or shopping online. CISA encourages...
Caller Poses as CISA Rep in Extortion Scam
The Cybersecurity and Infrastructure Security Agency CISA is aware of a phone scam where a caller pretends to be a CISA representative. The scammer claims to have knowledge of the potential victim’s questionable behavior and attempts to extort money. If you receive a threatening call from someone...
Holiday Shopping, Phishing, and Malware Scams
As this holiday season approaches, the Cybersecurity and Infrastructure Security Agency CISA encourages users to be aware of potential holiday scams and malicious cyber campaigns, particularly when browsing or shopping online. Cyber actors may send emails and ecards containing malicious links or...
FTC Provides Tips for Warding Off Hackers
The Federal Trade Commission FTC has released an article with tips on how protect your personal information from being stolen by hackers. In support of National Cybersecurity Awareness Month NCSAM, FTC provides recommendations on how to safeguard phones, computers, accounts, and personally...
ACSC Releases Advisory on Emotet Malware Campaign
The Australian Cyber Security Centre ACSC has released an advisory on an ongoing, widespread Emotet malware campaign. Emotet is a Trojan—commonly spread via malicious email attachments—that attempts to proliferate within a network by brute forcing user credentials and writing to shared drives. AC...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. The Cybersecurity an...
FBI Releases Article on Defending Against Phishing and Spearphishing Attacks
In recognition of National Cybersecurity Awareness Month NCSAM, the Federal Bureau of Investigation FBI has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks. The Cybersecurity and Infrastructure...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Apple...
Google Releases Security Updates for Chrome
Google has released Chrome version 77.0.3865.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to revie...
Ransomware Protection Strategies
The Cybersecurity and Infrastructure Security Agency CISA has observed an increase in ransomware attacks across the Nation. Helping organizations protect themselves from ransomware is a chief priority for CISA. Organizations are encouraged to review the following resources to help prevent,...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
FISMA Annual Report to Congress
The Office of Management and Budget OMB has published its Fiscal Year FY 2018 Annual Report to Congress on the implementation of the Federal Information Security Modernization Act of 2014 FISMA. The document includes data reported by agencies to OMB and the Cybersecurity and Infrastructure Securi...
CISA Insights: Ransomware Outbreak
The Cybersecurity and Infrastructure Security Agency CISA has released its first CISA Insights product, which discusses the rapid emergence of ransomware across our Nation’s networks. CISA Insights – Ransomware Outbreak includes steps in the following key areas to help organizations protect...
Cyber Safety for Students
As summer break ends, many students will return to school with mobile devices, such as smart phones, tablets, and laptops. Although these devices can help students complete schoolwork and stay in touch with family and friends, there are risks associated with using them. However, there are simple...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Vulnerabilities in Multiple VPN Applications
The Cybersecurity and Infrastructure Security Agency CISA is aware of vulnerabilities affecting multiple Virtual Private Network VPN applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages administrators to review the following...
IRS Reminds Tax Professionals: Create a Data Security Plan
The Internal Revenue Service IRS has issued a news release reminding professional tax preparers that they are required by law to have a written data security plan. Creating and maintaining a data security plan ensures that tax professionals are reviewing their data security protections and...
Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
VMware Releases Security Advisory for Multiple Products
VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the VMwar...
NIST Releases Report on Managing IoT Risks
The National Institute of Standards and Technology NIST has released the Considerations for Managing Internet of Things IoT Cybersecurity and Privacy Risks report. The publication—the first in a planned series on IoT—aims to help federal agencies and other organizations manage the cybersecurity a...
Multiple Vulnerabilities Affecting Linux, FreeBSD Kernels
The CERT Coordination Center CERT/CC has released information on TCP networking vulnerabilities affecting Linux and FreeBSD kernels. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CISA encourages...
Privacy Awareness Week
The Federal Trade Commission FTC has released an announcement promoting Privacy Awareness Week PAW. PAW is an annual event fostering awareness of privacy issues and the importance of protecting personal information. This year’s theme, “Protecting Privacy is Everyone’s Responsibility,” focuses on...