4188 matches found
Reminder: Malware Can Exploit Improper Configurations
Protect yourself from unwanted—and potentially harmful—files or programs by adhering to vendor-recommended configurations for hardware and software. Doing so in addition to maintaining regular patch maintenance, will help give your systems and networks the best security possible. The Cybersecurit...
CSET Version 9.2 Now Available
The Cybersecurity and Infrastructure Security Agency CISA has released version 9.2 of its Cyber Security Evaluation Tool CSET. CSET is a desktop software tool that guides asset owners and operators through a consistent process for evaluating control system networks as part of a comprehensive...
FBI Releases Article on Defending Against E-Skimming
The Federal Bureau of Investigation FBI has released an article to raise awareness on e-skimming threats. E-skimming occurs when an attacker injects malicious code onto a website to capture credit or debit card data or personally identifiable information PII. The Cybersecurity and Infrastructure...
VMware Releases Security Update for Harbor Container Registry for PCF
VMware has released a security update to address a vulnerability affecting Harbor Container Registry for Pivotal Cloud Foundry PCF. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
Google Releases Security Updates for Chrome
Google has released Chrome version 77.0.3865.120 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
ACSC Releases Small Business Cybersecurity Guide
The Australian Cyber Security Centre ACSC has released a cybersecurity guide for small businesses. The guide provides checklists to help small businesses protect themselves against common cybersecurity incidents. The Cybersecurity and Infrastructure Security Agency CISA encourages small business...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit one of these vulnerabilities to obtain access to sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Apple’s...
Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
NCSA Webinar on Cybersecurity for Small Businesses
The National Cyber Security Alliance NCSA and INFOSEC are hosting a webinar to educate small businesses on how to protect against phishing, vishing, and smishing threats. The webinar will be held on Tuesday, August 13, 2019 from 2-3 p.m. ET. The Cybersecurity and Infrastructure Agency CISA...
Google Releases Security Updates for Chrome
Google has released Chrome version 76.0.3809.100 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
VMware Releases Security Updates for Multiple Products
VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Drupal Releases Security Update
Drupal has released a security update to address a vulnerability in Drupal Core. An attacker could exploit this vulnerability to take control of an affected website. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Drupal’s security advisory...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...
Google Releases Security Updates for Chrome
Google has released Chrome 75.0.3770.142 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Chrome Relea...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...
Google Releases Security Updates for Chrome
Google has released Chrome 75.0.3770.90 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Chrome Releas...
CIS Releases 2018 Year in Review
The Center for Internet Security CIS has released its 2018 Year in Review. CIS is home to the Multi-State Information Sharing & Analysis Center MS-ISAC, a Cybersecurity and Infrastructure Security Agency CISA partner focused on cyber threat prevention, protection, response, and recovery for U.S...
Drupal Releases Security Update
Drupal has released a security update to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected website. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Drupal’s security...
Multiple Vulnerabilities in Broadcom WiFi Chipset Drivers
The CERT Coordination Center CERT/CC has released information on multiple vulnerabilities in Broadcom Wi-Fi chipset drivers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages...
Juniper Networks Releases Multiple Security Updates
Juniper Networks has released multiple security updates to address vulnerabilities in various Juniper products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the VMware...
Cisco Releases Security Update for Cisco IOS XE
Cisco has released a security update to address a vulnerability in Cisco IOS XE. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cisco Security Advisory and...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...
Drupal Releases Security Updates
Drupal has released security updates to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Drupal Security...
VMware Releases Security Updates for Workstation and Horizon
VMware has released security updates to address vulnerabilities affecting Workstation 14 and 15, and Horizon 6 and 7. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
WordPress Releases Security Update
WordPress 5.1 and prior versions are affected by a vulnerability. An attacker could exploit this vulnerability to take control of an affected website. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the WordPress Security and Maintenance...
Adobe Releases Security Updates
Adobe has released security updates to address a vulnerability in Adobe Acrobat and Reader. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Adobe Security Bulletin...
MS-ISAC Releases Advisory on DNS Flag Day
The Multi-State Information Sharing & Analysis Center MS-ISAC has released an alert on Domain Name System DNS Flag Day, which is Friday, February 1, 2019. On DNS Flag Day, DNS software and service providers will roll out updates to remove workarounds that allow users to bypass the Extension...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in Cisco AsyncOS Software for Cisco Email Security Appliance. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. The National Cybersecurity and Communications Integration Center NCCIC, part o...
WordPress Releases Security Update
WordPress 5.0 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Security...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Apple security pages for the following products and apply the...
FTC Issues Alert on Recent Marriott Breach
The Federal Trade Commission FTC has released an alert to provide affected users with recommended precautions against identity theft after the recent breach of the Marriott International Starwood guest reservation database. NCCIC encourages users and administrators to review the FTC Alert and the...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities affecting Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessa...
National Cybersecurity Awareness Month: Critical Infrastructure Cybersecurity
October is National Cybersecurity Awareness Month, an annual campaign to raise awareness about cybersecurity. Building resilience in critical infrastructure is crucial to national security. The essential infrastructure systems that support our daily lives—such as electricity, financial...
FTC Promotes International Charity Fraud Awareness Week
The Federal Trade Commission FTC has released an announcement promoting the first International Charity Fraud Awareness Week ICFAW. FTC, the National Association of State Charities Officials, and state and international partners coordinated this effort to raise awareness about donating wisely to...
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities affecting Cisco products. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security Advisories and Alerts webpage and...
Google Releases Security Update for Chrome
Google has released Chrome version 70.0.3538.67 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update. Th...
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security Advisories and Alerts webpa...
NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices
NCCIC is conducting a series of webinars on protecting enterprise network infrastructure devices. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below: Thursday, September 27 Tuesday, October 2 Thursday, October 4 NCCIC encourages decision makers, network defenders, and...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player and ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-31 and APSB18-33...
Google Releases Security Update for Chrome
Google has released Chrome version 69.0.3497.81 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update. Th...
Adobe Releases Security Update for Creative Cloud
Adobe has released a security update to address a vulnerability in Adobe Creative Cloud Desktop Application. An attacker could exploit this vulnerability to obtain access to sensitive information. NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-32 and apply the...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates...
Intel Side-Channel L1TF Vulnerability
Intel has released recommendations to address a side-channel vulnerability called L1 Terminal Fault L1TF that affects multiple Intel microprocessors. An attacker could exploit this vulnerability to obtain sensitive information. NCCIC encourages users and administrators to review Intel's Security...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60 and apply the...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security Advisories and Alerts website and apply the...
FTC Issues Alert on Tech Support Scams
The Federal Trade Commission has released an alert on tech support scams. Scammers use pop-up messages, websites, emails, and phone calls to entice users to pay for fraudulent tech support services to repair problems that don’t exist. Users should not pay or give control of their devices to any...
Microsoft Releases June 2018 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Microsoft's June 2018 Security Update Summary and Deployment...
Google Releases Security Update for Chrome
Google has released Chrome version 67.0.3396.79 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update. Th...