4188 matches found
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit one of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure...
CISA Awareness Briefing on Chinese Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA will conduct a series of virtual awareness briefings on Chinese malicious cyber activity targeting managed service providers MSPs. Briefings will be held from 1–2 p.m. ET on the dates listed below: Wednesday, February 6 Friday, February 22...
CERT/CC Reports Microsoft Exchange 2013 and Newer are Vulnerable to NTLM Relay Attacks
The CERT Coordination Center CERT/CC has released information to address NTLM relay attacks affecting Microsoft Exchange 2013 and newer versions. A remote attacker could exploit this vulnerability to take control of an affected system. The National Cybersecurity and Communications Integration...
Tax Identity Theft Awareness Week
Tax Identity Theft Awareness Week is January 28 to February 1. This annual campaign aims to help consumers be more informed about protecting themselves from tax-related identity theft and scams. Tax-related identity theft occurs when someone steals a Social Security number and uses it to claim a...
Microsoft Releases January 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe Flash Player installer. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-...
SamSam Ransomware
The Department of Homeland Security and the Federal Bureau of Investigation have identified cyber threat actors using SamSam ransomware—also known as MSIL/SAMAS.A—to target industries in the United States and worldwide. NCCIC encourages users and administrators to review Alert AA18-337A: SamSam...
Cisco Releases Security Advisory
Cisco has released a security advisory to address a vulnerability affecting Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. NCCIC encourages users and administrators ...
FTC Releases Alert with Cybersecurity Resources for Non-Profits and Small Businesses
The Federal Trade Commission FTC has released an alert with new cybersecurity resources for non-profits and small businesses. These resources, which cover topics such as ransomware, phishing, and email authentication, aim to help organizations protect their network and information. NCCIC encourag...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in Cisco Webex Productivity Tools and the Cisco Webex Meetings Desktop App. An attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security...
VMware Releases Security Updates
VMware has released security updates to address a vulnerability in ESXi, Workstation, and Fusion. An attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review VMware Security Advisory VMSA-2018-0026 and apply the necessary...
FBI Releases Article on Defending Against Payroll Phishing Scams
The Federal Bureau of Investigation FBI has released an article on building a digital defense against phishing scams targeting electronically deposited paychecks. In these schemes, scammers use phishing emails to direct employees to fraudulent websites and collect their work credentials. Scammers...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Digital Editions, Framemaker, and Technical Communications Suite. An attacker could exploit these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security...
APTs Targeting IT Service Provider Customers
The National Cybersecurity and Communications Integration Center NCCIC has received multiple reports of advanced persistent threat APT actors actively exploiting trust relationships in information technology IT service provider networks around the world. NCCIC encourages users and administrators ...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisory for Firefox 62.0.3 and Firefo...
October is National Cybersecurity Awareness Month
October is National Cybersecurity Awareness Month NCSAM. NCSAM is a collaborative effort between DHS and its public and private partners—including the National Cyber Security Alliance NCSA—to raise awareness about the vital role cybersecurity plays in the lives of U.S. citizens. NCCIC will be...
DNSSEC Key Signing Key Rollover
On October 11, 2018, the Internet Corporation for Assigned Names and Numbers ICANN will be changing the Root Zone Key Signing Key KSK used in the Domain Name System DNS Security Extensions DNSSEC protocol. DNSSEC is a set of protocol extensions used to digitally sign DNS information, an important...
Apple Releases Security Update for macOS Mojave
Apple has released a security update to address multiple vulnerabilities in macOS Mojave 10.14. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Apple's security page for macOS Mojave 10.14 and apply...
MS-ISAC Releases Advisory on PHP Vulnerabilities
The Multi-State Information Sharing & Analysis Center MS-ISAC has released an advisory on multiple Hypertext Preprocessor PHP vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review MS-ISAC...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in VMware AirWatch Agent and Content Locker. An attacker could exploit these vulnerabilities to obtain access to sensitive information. NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0023 a...
VMware Releases Security Updates
VMware has released security updates to address a vulnerability in Horizon 6, 7, and Horizon Client for Windows. An attacker could exploit this vulnerability to obtain sensitive information. NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0019 and apply...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Apple security pages for the following products and apply the...
CIS Releases 2017 Year in Review
The Center for Internet Security CIS has released its 2017 Year in Review. CIS is home to the Multi-State Information Sharing and Analysis Center MS-ISAC, an NCCIC partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.9 and appl...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address multiple vulnerabilities in Firefox ESR and Firefox. A remote attacker could exploit some of these vulnerabilities to cause a denial-of-service condition. NCCIC encourages users and administrators to review the Mozilla Security Advisories for Firef...
Mozilla Releases Security Update
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisory for Firefox 60.0.2 and Firefo...
FTC Promotes Privacy Awareness Week
The Federal Trade Commission FTC has released an announcement promoting Privacy Awareness Week PAW May 14–18, 2018. PAW is an annual event fostering awareness of privacy issues and the importance of protecting personal information. This year’s theme, “From Principles to Practice,” focuses on...
MS-ISAC Releases Advisory on PHP Vulnerabilities
The Multi-State Information Sharing & Analysis Center MS-ISAC has released an advisory on multiple Hypertext Preprocessor PHP vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review MS-ISAC...
Tax Guidance as Deadline Approaches
As this year's April 17 tax deadline approaches, NCCIC/US-CERT offers taxpayers guidance to help protect their personal, financial, and tax information. Hackers can take advantage of taxpayers by using social engineering scams to attempt to steal personally identifiable information. NCCIC...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in VMware Workstation and Fusion. A remote attacker could exploit these vulnerabilities to cause a denial-of service condition. NCCIC/US-CERT encourages users and administrators to review the VMware Security Advisory VMSA-2018-0008 a...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address vulnerabilities in Flash Player. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-03 and apply the necessary...
FTC Warns of Online Dating Scams
The Federal Trade Commission FTC has released an article addressing scams targeting online daters. In this type of fraud, cyber criminals target victims, gain their confidence, and trick them into sending money. To stay safer online, review the FTC article on Online Dating Scams and the...
Tax Identity Theft Awareness Week
Tax Identity Theft Awareness Week is January 29 to February 2, and many federal agencies are offering information and resources to help consumers learn to protect themselves from tax-related identity theft and Internal Revenue Service IRS imposter scams. NCCIC/US-CERT encourages consumers to revi...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in vRealize Automation, vSphere Integrated Containers, and AirWatch Console. An attacker could exploit these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the VMwar...
Mozilla Releases Security Update
Mozilla has released a security update to address a vulnerability in Firefox. An attacker could exploit this vulnerability to obtain access to sensitive information. NCCIC/US-CERT encourages users and administrators to review the Mozilla Security Advisory and update to Firefox 57.0.4. This produc...
North Korean Malicious Cyber Activity
The Department of Homeland Security DHS and the Federal Bureau of Investigation FBI have identified Trojan malware variants—referred to as BANKSHOT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. US-CERT...
Securing Mobile Devices During Holiday Travel
As the holiday season begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them. US-CERT encourages users to...
Apache Software Foundation Releases Security Updates
The Apache Software Foundation has released security updates to address vulnerabilities in Apache Struts versions 2.5 to 2.5.14. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Apache Securit...
National Tax Security Awareness Week: IRS Helps Taxpayers Protect Against Cyber Criminals
As part of National Tax Security Awareness Week—November 27 to December 1—the Internal Revenue Service IRS is releasing daily security tips to help taxpayers protect their data and identities against tax-related identity theft. US-CERT encourages taxpayers to visit the IRS National Tax Security...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox 57 and ESR 52.5. An attacker could exploit these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox 57 and ESR...
Joomla! Releases Security Update
Joomla! has released version 3.8.2 of its Content Management System CMS software to address multiple vulnerabilities. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information. US-CERT encourages users and administrators to review the Joomla! Security Release an...
Google Releases Security Update for Chrome
Google has released Chrome version 62.0.3202.89 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update...
Multiple Ransomware Infections Reported
US-CERT has received multiple reports of ransomware infections, known as Bad Rabbit, in many countries around the world. A suspected variant of Petya, Bad Rabbit is ransomware—malicious software that infects a computer and restricts user access to the infected machine until a ransom is paid to...
The Internet Wants You: Consider a Career in Cybersecurity
October is National Cybersecurity Awareness Month, an annual campaign to raise awareness about cybersecurity. The month’s themes educate students and professionals about cybersecurity attack methods, best practices, and preventive measures and are geared toward informing the next generation of...
Adobe Releases Security Updates
Adobe has released security updates to address a vulnerability in Adobe Flash Player. A remote attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin APSB17-32 and apply the necessary updates...
Apple Releases Security Update for iOS
Apple has released iOS 11.0.2 to address vulnerabilities in previous versions of iOS. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security page for iOS 11.0.2 and...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox ESR 52.4 and Firefox 56. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisories...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker may exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Apple security pages and apply the necessary...