4188 matches found
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessa...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in multiple Cisco products. An attacker could exploit this vulnerability to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages users and...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address a vulnerability in Thunderbird. An attacker could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 78.6.1 and apply the necessary...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the following...
Microsoft Releases December 2020 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Microsoft’s...
Drupal Releases Security Updates
Drupal has released security updates to address vulnerabilities in Drupal 7, 8.8 and earlier, 8.9, and 9.0. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
NSA Releases Advisory on Chinese State-Sponsored Actors Exploiting Publicly Known Vulnerabilities
The National Security Agency NSA has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures CVEs known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable...
QNAP Releases Security Updates for QNAP Helpdesk
QNAP Systems has released security updates to address vulnerabilities in QNAP Helpdesk. An attacker could exploit these vulnerabilities to take control of an affected QNAP network-attached storage NAS device. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
FTC Releases Article on Protecting Small Businesses from Cyber Threats
The Federal Trade Commission FTC has released an article on their Protecting Small Business playlist, which is a collection of videos with tips for small businesses to protect their networks from common cyber scams and cyberattacks. The Cybersecurity and Infrastructure Security Agency CISA...
Juniper Networks Releases Security Updates for Multiple Products
Juniper Networks has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...
Ripple20 Vulnerabilities Affecting Treck IP Stacks
The Cybersecurity and Infrastructure Security Agency CISA is aware of multiple vulnerabilities, known as Ripple20, affecting Treck IP stack implementations for embedded systems. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages user...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cis...
Google Releases Security Updates for Chrome
Google has released Chrome version 81.0.4044.138 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Google Releases Security Updates for Chrome
Google has released Chrome version 81.0.4044.122 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Microsoft RCE Vulnerabilities Affecting Windows, Windows Server
Microsoft has released a security advisory to address remote code execution vulnerabilities in Adobe Type Manager Library affecting all currently supported versions of Windows and Windows Server operating systems. A remote attacker can exploit these vulnerabilities to take control of an affected...
Adobe Releases Security Updates for Multiple Products
Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the following...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities affecting FXOS, NX-OS, and Unified Computing System UCS software. A remote attacker could exploit some of these vulnerabilities to cause a denial-of-service condition. For updates addressing lower severity vulnerabilities, see the Cis...
Google Releases Security Updates for Chrome
Google has released Chrome version 80.0.3987.122 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Mozilla Releases Security Updates for Multiple Products
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...
Microsoft Releases February 2020 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Safer Internet Day
February 11, 2020, is Safer Internet Day, a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year's theme—Together for a better internet—encourages everyone to play their part in creating a safer, more secure...
ACSC Releases Advisory on Mailto Ransomware Incidents
The Australian Cyber Security Centre ACSC has released an advisory on Mailto ransomware incidents. The ACSC has limited information regarding the initial intrusion vector for Mailto, also known as Kazakavkovkiz, but evidence suggests that Mailto actors may have used phishing and password spray...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories webpage. The Cybersecurity and...
OpenSMTPD Vulnerability
The CERT Coordination Center CERT/CC has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol SMTP that is part o...
Google Releases Security Updates for Chrome for Windows, Mac, and Linux
Google has released Chrome version 79.0.3945.88 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Google Releases Security Updates for Chrome
Google has released Chrome version 79.0.3945.79 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Intel Releases Security Updates
Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of privileges. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators t...
Reminder: Malware Can Exploit Improper Configurations
Protect yourself from unwanted—and potentially harmful—files or programs by adhering to vendor-recommended configurations for hardware and software. Doing so in addition to maintaining regular patch maintenance, will help give your systems and networks the best security possible. The Cybersecurit...
CSET Version 9.2 Now Available
The Cybersecurity and Infrastructure Security Agency CISA has released version 9.2 of its Cyber Security Evaluation Tool CSET. CSET is a desktop software tool that guides asset owners and operators through a consistent process for evaluating control system networks as part of a comprehensive...
IRS Releases Recommendations to Keep Children and Teens Safe Online
The Internal Revenue Service IRS has issued a news release urging parents and families to be wary of the risks posed when sharing home devices, shopping online, and using social media. As part of National Cybersecurity Awareness Month NCSAM, the Cybersecurity and Infrastructure Security Agency CI...
FBI Releases Article on Defending Against E-Skimming
The Federal Bureau of Investigation FBI has released an article to raise awareness on e-skimming threats. E-skimming occurs when an attacker injects malicious code onto a website to capture credit or debit card data or personally identifiable information PII. The Cybersecurity and Infrastructure...
FTC Promotes International Charity Fraud Awareness Week
The Federal Trade Commission FTC has released an article promoting International Charity Fraud Awareness Week ICFAW, which runs October 21–25. FTC, the National Association of State Charities Officials, and state and international partners coordinated this campaign to help both charities and dono...
VMware Releases Security Update for Harbor Container Registry for PCF
VMware has released a security update to address a vulnerability affecting Harbor Container Registry for Pivotal Cloud Foundry PCF. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
Google Releases Security Updates for Chrome
Google has released Chrome version 77.0.3865.120 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
ACSC Releases Small Business Cybersecurity Guide
The Australian Cyber Security Centre ACSC has released a cybersecurity guide for small businesses. The guide provides checklists to help small businesses protect themselves against common cybersecurity incidents. The Cybersecurity and Infrastructure Security Agency CISA encourages small business...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit one of these vulnerabilities to obtain access to sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Apple’s...
Adobe Releases Security Updates for ColdFusion
Adobe has released security updates to address vulnerabilities in ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Adobe Security...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
NCSA Webinar on Cybersecurity for Small Businesses
The National Cyber Security Alliance NCSA and INFOSEC are hosting a webinar to educate small businesses on how to protect against phishing, vishing, and smishing threats. The webinar will be held on Tuesday, August 13, 2019 from 2-3 p.m. ET. The Cybersecurity and Infrastructure Agency CISA...
Google Releases Security Updates for Chrome
Google has released Chrome version 76.0.3809.100 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...
Drupal Releases Security Update
Drupal has released a security update to address a vulnerability in Drupal Core. An attacker could exploit this vulnerability to take control of an affected website. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Drupal’s security advisory...
Google Releases Security Updates for Chrome
Google has released Chrome 75.0.3770.142 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Chrome Relea...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...
Google Releases Security Updates for Chrome
Google has released Chrome 75.0.3770.90 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Chrome Releas...
CIS Releases 2018 Year in Review
The Center for Internet Security CIS has released its 2018 Year in Review. CIS is home to the Multi-State Information Sharing & Analysis Center MS-ISAC, a Cybersecurity and Infrastructure Security Agency CISA partner focused on cyber threat prevention, protection, response, and recovery for U.S...
Drupal Releases Security Update
Drupal has released a security update to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected website. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Drupal’s security...
Multiple Vulnerabilities in Broadcom WiFi Chipset Drivers
The CERT Coordination Center CERT/CC has released information on multiple vulnerabilities in Broadcom Wi-Fi chipset drivers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages...
Juniper Networks Releases Multiple Security Updates
Juniper Networks has released multiple security updates to address vulnerabilities in various Juniper products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...