4188 matches found
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities in Cisco Webex Network Recording Player. A remote attacker could exploit these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security Advisory and apply t...
Potential Hurricane Florence Phishing Scams
NCCIC warns users to remain vigilant for malicious cyber activity seeking to exploit interest in Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise caution in...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisories for Firefo...
North Korean Malicious Cyber Activity
The Department of Homeland Security DHS and the Federal Bureau of Investigation FBI have identified a Trojan malware variant—referred to as KEYMARBLE—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. NCCIC...
FBI Releases Article on Building a Digital Defense Against Facebook Scams
The Federal Bureau of Investigation FBI has released an article on building a digital defense against a fraud that uses Facebook’s texting app—Facebook Messenger. Scammers send messages that appear to be from trusted sources or trick users into clicking on malicious links or sharing personal...
Oracle Releases July 2018 Security Bulletin
Oracle has released its Critical Patch Update for July 2018 to address 334 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Oracle July 2018 Critic...
North Korean Malicious Cyber Activity
The Department of Homeland Security DHS and the Federal Bureau of Investigation FBI released a joint Technical Alert TA that identifies two families of malware—referred to as Joanap and Brambul—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the Nort...
Securing Mobile Devices During Summer Travel
As summer begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them. NCCIC encourages users to review the...
VPNFilter Destructive Malware
NCCIC is aware of a sophisticated modular malware system known as VPNFilter. Devices known to be affected by VPNFilter include Linksys, MikroTik, NETGEAR, and TP-Link networking equipment, as well as QNAP network-attached storage NAS devices. Devices compromised by VPNFilter may be vulnerable to...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessa...
FBI Releases Article on Digital Defense Against ID Theft
FBI has released an article on building a digital defense against identify theft. FBI explains that the growing number of data breaches put more people at risk of becoming a victim of identity theft. However, implementing basic security practices can help users minimize their risk. NCCIC encourag...
Google Releases Security Update for Chrome
Google has released Chrome version 66.0.3359.170 for Windows, Mac, and Linux. This version addresses vulnerabilities, one of which a remote attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Releases page and apply the...
Microsoft Releases May 2018 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Microsoft's May 2018 Security Update Summary and Deployment...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Apple security pages for the following products and apply the...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Connect, and Dreamweaver. A remote attacker could exploit these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review Adobe Security Bulletin APSB18-0...
National Consumer Protection Week
March 4–10 is National Consumer Protection Week NCPW, an event to encourage people and businesses to learn more about avoiding scams and understanding consumer rights. During NCPW, the Federal Trade Commission FTC and its partners highlight free resources to help protect consumers. NCCIC/US-CERT...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and...
Microsoft Releases February 2018 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review Microsoft's February 2018 Security Update Summary and...
Cisco Releases Security Updates
Cisco has released an updated advisory and security updates to address a vulnerability affecting its Adaptive Security Appliance software. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review Cisco's...
Pyeongchang 2018: Staying Cyber Safe during the Olympics
As the 2018 Olympic Games in Pyeongchang approach, NCCIC/US-CERT reminds travelers to be aware of cybersecurity risks. At high-profile events, cyber activists may take advantage of the large audience to spread their message. Cyber criminals may attempt to steal personally identifiable information...
Google Releases Security Update for Chrome
Google has released Chrome version 64.0.3282.119 for Windows, Mac, and Linux. This version addresses vulnerabilities that a remote attacker could exploit to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the Chrome Releases page and apply the...
Microsoft Releases January 2018 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Microsoft's January 2018 Security Update Summary and Deployme...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to obtain access to sensitive information. NCCIC/US-CERT encourages users and administrators to review Apple security pages for the following products and apply the...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in vSphere Data Protection. A remote attacker could exploit these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the VMware Security Advisory VMSA-2018-0001 and apply the...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.5....
Microsoft Releases December 2017 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Microsoft's December 2017 Security Update Summary and...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in AirPort Base Station. An attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Apple security pages for AirPort Base Station Firmware...
Mozilla Releases Security Update for Firefox
Mozilla has released a security update to address multiple vulnerabilities in Firefox 57. A remote attacker could exploit these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox 57.0.1 and apply t...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in its WebEx Network Recording Player for Advanced Recording Format ARF and WebEx Recording Format WRF files. A remote attacker could exploit these vulnerabilities to take control of an affected system. US-CERT encourages users and...
Google Releases Security Update for Chrome
Google has released Chrome version 62.0.3202.75 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to cause a denial-of-service condition. US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update...
Mozilla Releases Security Update
Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to cause a denial-of-service condition. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
Avast’s Piriform Releases Security Update for CCleaner
Piriform, a subsidiary of Avast, has released CCleaner 5.34 and has pushed v1.07.3214 to CCleaner Cloud users. These versions do not contain the Floxif malware found in the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191. Floxif malware collects information from the victim's...
Google Releases Security Updates for Chrome OS
Google has released Chrome OS version 60.0.3112.80 for Chrome devices to address multiple vulnerabilities. Exploitation of one these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Google Chrome blog entry...
FTC Releases Alert on Tech-Support Scams
The Federal Trade Commission FTC has released an alert on technical-support scams. In these schemes, deceptive tech-support operations offer to fix problems that don't exist, placing calls or sending pop-ups to make people think their computers are infected with viruses. Users should not give...
Cisco Releases Security Updates
Cisco has released updates to address several vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessar...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in vSphere Data Protection. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2017-0010 and...
Cisco Releases Security Updates
Cisco has released updates to address several vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary...
Google Releases Security Updates for Chrome
Google has released Chrome version 59.0.3071.86 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the...
Microsoft Releases Critical Security Update
Microsoft has released a critical out-of-band security update addressing a vulnerability in the Microsoft Malware Protection Engine. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review Microsoft Security...
Mozilla Releases Security Updates
Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisories for Firefox 53, Firefox ESR 45.9,...
Oracle Releases Security Bulletin
Oracle has released its Critical Patch Update for April 2017 to address 299 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle April...
Easter Holiday Phishing Scams and Malware Campaigns
As the Easter holiday approaches, US-CERT reminds users to stay aware of holiday scams and cyber campaigns, which may include: unsolicited shipping notifications that may actually be scams by attackers to solicit personal information phishing scams, electronic greeting cards that may contain...
Cisco Releases Security Updates
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply th...
Microsoft Ending Support for Windows Vista
All software products have a lifecycle. After April 11, 2017, Microsoft is ending support for the Windows Vista operating system. After this date, this product will no longer receive: Security updates, Non-security hotfixes, Free or paid assisted support options, or Online technical content updat...
IRS Warns of Last-Minute Tax Scams
The Internal Revenue Service IRS has released an alert warning of phishing email scams targeting last-minute tax filers. The alert describes common features of these cyber crimes and includes recommendations to protect against them: strengthen passwords, recognize phishing attempts, and forward...
Microsoft SMBv1 Vulnerability
Microsoft has released a security update to address a vulnerability in implementations of Server Message Block 1.0 SMBv1. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Securit...
Cisco Releases Security Updates
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary...
VMware Releases Security Updates
VMware has released security updates to address a vulnerability in Workstation and Fusion. A remote attacker could exploit this vulnerability and take control of an affected system. Users and administrators are encouraged to review VMware Security Advisory VMSA-2017-0005 and apply the necessary...
National Consumer Protection Week
March 5–11 is National Consumer Protection Week NCPW, an event to encourage people and businesses to learn more about avoiding scams and understanding consumer rights. During NCPW, the Federal Trade Commission FTC and its fellow agencies highlight free resources to help protect against consumer...