4188 matches found
IRS Releases Ninth Security Tip
The Internal Revenue Service IRS has released the ninth in a series of tips intended to help the public protect personal and financial data online and at home. This tip describes new procedures taken by the IRS, state governments, and the tax industry to provide a safer, more secure filing...
Oracle Releases Security Bulletin
Oracle has released its Critical Patch Update for January 2016 to address 248 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Oracle...
Apple Releases Security Updates for iOS, OS X El Capitan, and Safari
Apple has released security updates for iOS, OS X El Capitan, and Safari to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: iOS 9.2.1 for iPhone 4s and later, iPod touch 5...
IRS Releases Seventh Security Tip
The Internal Revenue Service IRS has released the seventh in a series of tips intended to help the public protect personal and financial data online and at home. A new tip will be available each Monday through the start of the tax season in January. This tip describes methods users can follow to...
IRS Releases Sixth Tax Security Tip
The Internal Revenue Service IRS has released the sixth in a series of tips intended to help the public protect personal and financial data online and at home. A new tip will be available each Monday through the start of the tax season in January. This tip describes the types of fraud alerts...
IRS Releases Fifth Tax Security Tip
The Internal Revenue Service IRS has released the fifth in a series of tips intended to help the public protect personal and financial data online and at home. This tip focuses on guarding personal information for family members who are susceptible to cyber threats. Recommendations include keepin...
IRS Releases Fourth Tax Security Tip
The Internal Revenue Service IRS has released the fourth in a series of tips intended to help the public protect personal and financial data online and at home. This tip focuses on protecting your passwords. Recommendations include creating longer and more complex passwords, not using the same...
Symantec Releases Security Update
Symantec has released Symantec Endpoint Encryption 11.1.0 to address a vulnerability that may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Security Advisory from Symantec and apply the necessary update. This product is provided...
Google Releases Security Update for Chrome
Google has released Chrome version 47.0.2526.106 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases...
Google Releases Security Update for Chrome
Google has released Chrome version 47.0.2526.80 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases pa...
Seven Steps for Making Identity Protection Part of Your Routine
The Internal Revenue Service IRS has released the third in a series of tips intended to increase public awareness of how to protect personal and financial data online and at home. A new tip will be released each Monday through the start of the tax season in January. US-CERT and IRS recommend...
IRS Releases First in a Series of Tax Security Tips
The Internal Revenue Service IRS has released the first in a series of tips intended to increase public awareness of how to protect personal and financial data online and at home. A new tip will be available each Monday through the start of the tax season in January. The first tip focuses on seve...
VMware Releases Security Updates
VMware has released security updates to address a vulnerability in vCenter, vCloud Director, and Horizon View. Exploitation of this vulnerability may allow an attacker to obtain sensitive information. Users and administrators are encouraged to review VMware Security Advisory VMSA-2015-0008 and...
Mozilla Releases Security Updates for Firefox and Firefox ESR
The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 42 Firefox ESR 38.4 US-CERT encourages...
Cisco Releases Security Updates for Web Security Appliances
Cisco has released security updates to address multiple vulnerabilities in Web Security Appliances. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of the affected network device. Users and administrators are encouraged to review the Cisco Security...
Joomla! Releases Security Update for CMS
Joomla! has released version 3.4.5 of its Content Management System CMS software to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. US-CERT encourages users and administrators to review the Joomla!...
Cisco Releases Security Updates
Cisco has released updates to address multiple vulnerabilities in its Adaptive Security Appliance ASA software. Exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review the Cisco security...
Internet Systems Consortium (ISC) Releases Security Updates for BIND
ISC has released security updates to address vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.7-P3 BIND 9 version 9.10.2-P4 Users and administrators are encouraged to...
Cisco Releases Security Updates
Cisco has released software updates to address a vulnerability in Cisco IOS XE Software for ASR 1000 Series Aggregation Services Routers. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review...
Fiat Chrysler Automobiles (FCA) Uconnect Vulnerability
A vulnerability affecting the Uconnect software from FCA has been reported. Exploitation of this vulnerability may allow an unauthorized user to take remote control of an affected vehicle, but the attack requires access to Sprint's cellular network, which connects FCA vehicles to the Internet...
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system. Available updates include: Firefox 39 Firefox ESR 38.1 Thunderbird 38.1 US-CERT...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in versions of the Unified Communications Domain Manager Platform Software prior to 10.x. Exploitation of this vulnerability may allow a remote attacker to take control of the affected system. US-CERT recommends that users review the...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address a critical vulnerability in Flash Player for Windows, Macintosh, and Linux. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulleti...
Cisco Releases Security Advisories for TelePresence Products
Cisco has released two security advisories to address multiple vulnerabilities in TelePresence products. Successful exploitation could allow an attacker to bypass system authentication, execute arbitrary code with elevated privileges, or cause a denial-of-service condition. Users and administrato...
Apple Releases Security Updates for Safari
Apple has released security updates for Safari to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of the affected system. Available updates include: Safari 8.0.6 for OS X Yosemite v10.10.3 Safari 7.1.6 for OS X Mavericks...
WordPress Security and Maintenance Release
WordPress 4.2 and prior versions contain critical cross-site scripting vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the WordPress Security and Maintenance Release and...
WordPress Releases Security Update
WordPress 4.1.2 has been released to address multiple vulnerabilities, one of which could allow a site to be compromised by a remote attacker. WordPress 4.1.1 and earlier are affected by this vulnerability. US-CERT recommends users and administrators review the WordPress Security Release and appl...
Oracle Releases April 2015 Security Advisory
Oracle has released security fixes to address 98 vulnerabilities as part of its quarterly Critical Patch Update. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle April 2015...
Adobe Releases Security Updates for Flash Player, ColdFusion, and Flex
Adobe has released three security updates to address multiple vulnerabilities in Flash Player, ColdFusion, and Flex. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system, or lead to a reflected cross-site scripting attack. Users and...
Microsoft Releases February 2015 Security Bulletin
Microsoft has released updates to address vulnerabilities in Windows as part of the Microsoft Security Bulletin Summary for February 2015. Some of these vulnerabilities could allow remote code execution, security feature bypass, elevation of privilege, or disclosure of information. US-CERT...
Google Releases Security Updates for Chrome
Google has released Chrome 40.0.2214.111 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Google Chrome blog entry a...
Oracle Releases January 2015 Security Advisory
Oracle has released its Critical Patch Update for January 2015 to address 169 vulnerabilities across multiple products. This update contains the following security fixes: 8 for Oracle Database Server 36 for Oracle Fusion Middleware 10 for Oracle Enterprise Manager Grid Control 10 for Oracle...
Microsoft Releases January 2015 Security Bulletin
Microsoft has released eight updates to address vulnerabilities in Microsoft Windows. Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, or security feature bypass. US-CERT encourages users and administrators to review Microsoft Security...
Vulnerabilities Identified in Network Time Protocol Daemon
NTP has released an update that addresses multiple vulnerabilities in the Network Time Protocol daemon. Exploitation of these vulnerabilities may allow a remote attacker to execute malicious code. US-CERT encourages users and administrators to review Vulnerability Note VU852879 and update to NTP...
Apple Releases Security Updates for Safari
Apple has released security updates for Safari to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial of service or execute arbitrary code on an affected system. Updates include: Safari 8.0.1 for OS X Yosemite v10.10.1 Safari 7.1.1...
OpenSSL Patches Four Vulnerabilities
OpenSSL has released updates patching four vulnerabilities, some of which may allow an attacker to cause a Denial of Service DoS condition or execute man-in-the-middle attacks. The following updates are available: OpenSSL 1.0.1 users should upgrade to 1.0.1j OpenSSL 1.0.0 users should upgrade to...
Cisco Releases Security Advisory for ASA Software
Cisco has released an advisory to address multiple vulnerabilities in the Cisco Adaptive Security Appliance ASA Software that could result in a denial of service condition. Cisco has released free software updates that address these vulnerabilities. Users and administrators are encouraged to revi...
Cisco Integrated Management Controller Vulnerability
Cisco has released an advisory to address a vulnerability in the Cisco Integrated Management Controller Cisco IMC SSH module of the Cisco Unified Computing System E-Series Blade servers that could allow an unauthenticated, remote attacker to cause a denial of service condition. Migration to relea...
Breach of Patient Identification Information
US-CERT is aware of a breach of sensitive patient identification information affecting approximately 4.5 million patients and customers of Community Health Systems, Inc. As part of DHS, US-CERT is working together with the FBI and the Department of Health and Human Services to assist in sharing...
Google Releases Security Updates for Chrome
Google has released security updates to address multiple vulnerabilities in Chrome, Chrome OS and Chrome for Android. Some of these vulnerabilities could potentially allow an attacker to obtain sensitive information or cause a denial of service. Updates available include: Chrome 36.0.1985.143 for...
Cisco Addresses Wireless Residential Gateway Vulnerability
Cisco has released an advisory to address a vulnerability in the web server used in multiple Wireless Residential Gateway products that could allow an unauthenticated, remote attacker to crash the web server and execute arbitrary code with elevated privileges. Cisco products affected by this...
Google Releases Security Update for Chrome
Google has released Chrome 34.0.1847.137 for Windows, Mac, and Linux to address multiple vulnerabilities. Some of these vulnerabilities could potentially allow an attacker to take control of the affected system. US-CERT encourages users and administrators to review the Google Chrome Blog post and...
Adobe Releases Security Update for Reader Mobile
Adobe has released a security update to address a vulnerability in Adobe Reader Mobile 11.1.3 and earlier versions for Android. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code via a crafted PDF document. US-CERT recommends that users and administrators...
Oracle Releases April 2014 Security Advisory
Oracle has released its Critical Patch Update for April 2014 to address 104 vulnerabilities across multiple products. This update contains the following security fixes: 2 for Oracle Database Server 20 for Oracle Fusion Middleware 3 for Oracle Hyperion 10 for Oracle Supply Chain Products Suite 8 f...
Adobe Releases Security Updates for Flash Player and AIR
Adobe has released security updates to address multiple vulnerabilities in Adobe Flash Player and AIR. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. The following updates are available: Flash Player 13.0.0.182 for Windows and Macintosh Flash...
Google Releases Chrome Update
Google has released Google Chrome 33.0.1750.149 for Windows, Mac, and Linux to address multiple vulnerabilities, some of which could allow a remote, unauthenticated attacker to compromise a vulnerable system. US-CERT encourages users and administrators to review the Google Chrome release blog ent...
Apple Releases OS X Mavericks v10.9.2 and Security Update 2014-001
Apple has released OS X Mavericks v10.9.2 and Security Update 2014-001 to address multiple vulnerabilities for the following versions of OS X: OS X Lion v10.7.5 OS X Lion Server v10.7.5 OS X Mountain Lion v10.8.5 OS X Mavericks v10.9 and v10.9.1 US-CERT encourages users and administrators to revi...
Cisco Releases Multiple Security Advisories
Cisco has released three security advisories to address multiple vulnerabilities. These vulnerabilities may allow a local unauthenticated user to execute arbitrary commands with escalated privileges or cause a denial-of-service DoS condition. These vulnerabilities affect the following: Cisco...
Adobe Releases Security Updates for Adobe Reader and Acrobat
Adobe has released security updates for Adobe Reader and Acrobat XI 11.0.05 and earlier versions for Windows and Macintosh to address multiple vulnerabilities affecting the following software versions: Adobe Reader XI 11.0.05 and earlier 11.x versions for Windows and Macintosh Adobe Reader X 10.1...
Microsoft Releases Advance Notification for January Security Bulletin
Microsoft has issued a Security Bulletin Advance Notification indicating its January release will contain four bulletins. These bulletins will have the severity rating of important and will be for Microsoft Office, Server Software, Windows, and Microsoft Dynamics AX, a multi-language,...