4188 matches found
Securing Mobile Devices During Summer Travel
As summer begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them. NCCIC encourages users to review the...
FBI Releases Article on Building a Digital Defense with Credit Reports
FBI has released an article on using credit reports to build a digital defense against identify theft. FBI explains how identity theft can deal a devastating blow to consumers' credit history. However, regularly checking the accuracy of credit reports can help consumers minimize risk. NCCIC...
OpenPGP, S/MIME Mail Client Vulnerabilities
The CERT Coordination Center CERT/CC has released information on email client vulnerabilities that can reveal plaintext versions of OpenPGP- and S/MIME-encrypted emails. A remote attacker could exploit these vulnerabilities to obtain sensitive information. NCCIC encourages users and administrator...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address vulnerabilities in Firefox ESR and Firefox. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisories for Firefox ESR 52.8 and...
Drupal Releases Critical Security Updates
Drupal has released critical updates addressing a vulnerability in Drupal 8.x and 7.x. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review Drupal's Security Advisory and apply the necessary updates. This...
Oracle Releases April 2018 Security Bulletin
Oracle has released its Critical Patch Update for April 2018 to address 254 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Oracle April 2018...
FTC Releases Alert on Tax Identity Theft
The Federal Trade Commission FTC and the Internal Revenue Service IRS are offering consumers a new way to report tax-related identity theft to the IRS online. Tax-related identity theft happens when someone steals your Social Security number to file a tax return and claims your refund. To report...
Drupal Releases Critical Security Updates
Drupal has released critical updates addressing a vulnerability in Drupal 8, 7, and 6. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review Drupal's Security Advisory and apply the necessary updates...
Citrix Releases Security Updates
Citrix has released security updates to address vulnerabilities in its XenServer. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the Citrix Security Bulletin CTX232655 and apply the...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and...
IC3 Issues Alert on Increase in W-2 Phishing Campaigns
The Internet Crime Complaint Center IC3 has issued an alert on the increase in W-2-related phishing campaigns. Fraudsters often use tax-related phishing emails to get victims to provide personally identifiable information, click on a malicious link, or pay a ransom. NCCIC/US-CERT encourages...
Safer Internet Day
February 6, 2018, is Safer Internet Day SID, a worldwide event aimed at promoting the safe and positive use of digital technology for all users, especially children and teens. This year's SID theme—Create, Connect and Share Respect: A better Internet starts with you—encourages everyone to play...
Mozilla Releases Security Update for Firefox
Mozilla has released a security update to address a vulnerability in Firefox. Exploitation of this vulnerability may allow an attacker to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox 58.0.1 and apply the...
ISC Releases Security Advisories for DHCP, BIND
The Internet Systems Consortium ISC has released updates or workarounds that address vulnerabilities in versions of ISC Dynamic Host Configuration Protocol DHCP and Berkeley Internet Name Domain BIND. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition...
Microsoft Releases December 2017 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Microsoft's December 2017 Security Update Summary and...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Flash Player, Photoshop CC, Adobe Connect, DNG Converter, InDesign, Digital Editions, Shockwave Player, and Experience Manager. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affecte...
Cisco Releases Security Update for IOS XE Software
Cisco has released a security update to address a vulnerability in its IOS XE software. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary update. This...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
Oracle Releases Security Bulletin
Oracle has released its Critical Patch Update for October 2017 to address 252 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the Oracle October 2017...
Apple Releases Security Update for macOS High Sierra
Apple has released a supplemental security update to address vulnerabilities in macOS High Sierra 10.13. An attacker could exploit these vulnerabilities to obtain sensitive information. US-CERT encourages users and administrators to review the Apple security page for macOS High Sierra 10.13 and...
IC3 Issues Alert on Disaster-Related Fraud
The Internet Crime Complaint Center IC3 has released an announcement on fraudulent cyber activity related to natural disasters. IC3 reports that scammers have recently used email and social-networking sites to solicit money from disaster victims with scams on false temporary housing and job...
Potential Phishing Scams Related to Equifax Data Breach
The Federal Trade Commission FTC has released an alert on phishing attacks related to the Equifax data breach. Phishing attacks try to trick message recipients into sharing sensitive information with cyber criminals. FTC warns consumers to be wary of calls or emails purporting to be from Equifax...
Google Releases Security Updates for Chrome
Google has released Chrome version 61.0.3163.79 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the necessary...
Mozilla Releases Security Update
Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.3...
Drupal Releases Security Updates
Drupal has released an advisory to address several vulnerabilities in Drupal 8.x. A remote attacker could exploit one of these vulnerabilities to obtain or modify sensitive information. US-CERT encourages users and administrators to review Drupal's Security Advisory and upgrade to version 8.3.7...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Acrobat, Reader, Experience Manager, and Digital Editions. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisories for...
FBI Releases Article on Privacy Risks Associated with Internet-Connected Children's Toys
The Federal Bureau of Investigation FBI has released an article on the privacy risks associated with Internet-connected children's toys. FBI warns that Internet-connected toys may contain "sensors, microphones, cameras, data storage components, and other multimedia capabilities - including speech...
FTC Releases Alert on Digital Security While Traveling
The Federal Trade Commission FTC has released an alert on ensuring good digital security while traveling. Security recommendations include using caution while accessing free Wi-Fi hotspots, keeping all software updated, and using Virtual Private Networks VPNs. US-CERT encourages users to refer to...
FTC Releases Alert on Charity Scams
The Federal Trade Commission FTC has released an alert on charity scams. Recent acts of fraud include solicitations from scammers requesting payment to claim a sweepstakes prize. Anytime someone asks you to pay to obtain a prize, it is a scam. US-CERT encourages consumers to refer to the FTC Aler...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates:...
IRS Warns of Summertime Scams
The Internal Revenue Service IRS has released an alert warning of various types of scams targeting taxpayers this summer. The alert describes common features of these cyber crimes, including robocalls, demands for immediate payment, and threats to have taxpayers arrested immediately. Taxpayers an...
WordPress Releases Security Update
WordPress versions prior to 4.7.5 are affected by multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. Users and administrators are encouraged to review the WordPress Security Release and upgrade to WordPress 4.7.5. This...
FTC Announces Resource for Small Business Owners
The Federal Trade Commission FTC has released an announcement about its new website devoted to protecting small businesses. This resource aims to help business owners avoid scams, protect their computers and networks, and keep their customers' and employees' data safe. Business owners and other...
Oracle Releases Security Bulletin
Oracle has released its Critical Patch Update for April 2017 to address 299 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle April...
Apple Releases Security Update for iOS
Apple has released a security update to address a vulnerability in iOS. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security page for iOS and apply the necessary update. This...
Google Releases Security Updates for Chrome
Google has released Chrome version 57.0.2987.133 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the...
Microsoft Ending Support for Windows Vista
All software products have a lifecycle. After April 11, 2017, Microsoft is ending support for the Windows Vista operating system. After this date, this product will no longer receive: Security updates, Non-security hotfixes, Free or paid assisted support options, or Online technical content updat...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its UCS Director software. Exploitation of this vulnerability could allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary...
ISC Releases Security Updates for BIND
The Internet Systems Consortium ISC has released updates that address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.9-P6 BIND 9 version 9.10.4-P6 BIND 9 version 9.11.0-P...
IC3 Warns of Employment Scams Targeting College Students
The Internet Crime Complaint Center IC3 has issued an alert on employment scams targeting college students. Phony job opportunities are advertised via college employment websites or students’ university emails. Unfortunately, students who take the bait suffer financial losses. US-CERT encourages...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in tvOS and iOS. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators review the Apple security pages for tvOS and iOS and apply t...
Symantec Releases Security Updates
Symantec has released security updates to address a vulnerability in Norton and Symantec enterprise products. Exploitation of this vulnerability may allow an attacker to take control of an affected system. Users and administrators are encouraged to review Symantec Security Advisory SYM16-021 and...
Symantec Releases Security Updates
Symantec has released security updates to address a vulnerability in multiple products. Exploitation of this vulnerability may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review Symantec Security Advisory SYM16-020 and apply the necessar...
OpenSSL Releases Security Update
OpenSSL version 1.1.0c has been released to address vulnerabilities in prior versions. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the...
Apple Release Security Update for iOS
Apple has released a security update to address vulnerabilities in iOS. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security page for iOS and apply the necessary...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the...
National Cyber Security Awareness Month
October is National Cyber Security Awareness Month, an annual campaign to raise awareness about cybersecurity. In partnership with DHS, the National Cyber Security Alliance has released the first in a series of tips focused on helping people protect their online activities and increase their...
FTC Releases Data Breach Recovery and Prevention Video
The Federal Trade Commission FTC has released a step-by-step video to users whose personal information may have been exposed in a data breach. This video provides instruction on how to report an incident and develop a personal recovery plan after a data breach has occurred. US-CERT encourages use...