4188 matches found
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cis...
Google Releases Security Updates for Chrome
Google has released Chrome version 80.0.3987.149 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
VMware Releases Security Updates for Multiple Products
VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review VMware Security...
New SchoolSafety.gov Provides Cyber Guidance for K-12 Schools
The Federal School Safety Clearinghouse just launched its website: SchoolSafety.gov. This website—a collaboration between the Department of Homeland Security and the U.S. Departments of Education, Justice, and Health and Human Services—features a fact sheet on Cyber Safety Considerations for K-12...
North Korean Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the...
NCSC Releases 2019 Annual Review
The United Kingdom's UK National Cyber Security Centre NCSC has released its Annual Review for 2019, which reports their work and key accomplishments from September 1, 2018, to August 31, 2019. NCSC provides enhanced services to protect the UK against cybersecurity threats. The Cybersecurity and...
Intel Releases Security Updates
Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
DHS Webinar: Cybersecurity Threats to the Healthcare Sector
The Department of Homeland Security DHS and the American Hospital Association AHA are conducting a webinar focused on current cybersecurity threats to the healthcare sector. The webinar will be held on Wednesday, July 17, 2019, at 1 p.m. ET. The Cybersecurity and Infrastructure Security Agency CI...
Juniper Networks Releases Multiple Security Updates
Juniper Networks has released security updates to address multiple vulnerabilities in various products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrator...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities affecting Bridge CC, Experience Manager, and Dreamweaver. An attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
NCSC Releases Advisory on Ryuk Ransomware
The United Kingdom UK National Cyber Security Centre NCSC has released an advisory, Ryuk Ransomware Targeting Organisations Globally, on their ongoing investigation into global Ryuk ransomware campaigns and associated Emotet and TrickBot malware. The Cybersecurity and Infrastructure Security Agen...
CISA Statement on Iranian Cybersecurity Threats
Cybersecurity and Infrastructure Security Agency CISA Director Christopher C. Krebs has released a statement in response to the recent rise in malicious cyber activity—including spear phishing and brute force attacks—by Iranian regime actors and proxies. CISA encourages users and administrators t...
Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. The Cybersecurity and Infrastructure Security Agency CISA...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Mozilla Security...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities affecting ColdFusion, Adobe Campaign, and Adobe Flash Player. An attacker could exploit some these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
Microsoft Releases May 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review th...
FTC Releases Article on Keeping Children Safe Online
The Federal Trade Commission FTC has released an article with tips for parents to keep their children safe online. The Cybersecurity and Infrastructure Security Agency CISA encourages consumers to review the FTC article and the following additional resources for more information: Keeping Children...
Cisco Releases Security Updates
Cisco has released a security update to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Microsoft Releases April 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Cisco Releases Security Advisories for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...
Microsoft Releases March 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Oracle Releases January 2019 Security Bulletin
Oracle has released its Critical Patch Update for January 2019 to address 284 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part...
IC3 Issues Alert on RDP Exploitation
The Internet Crime Complaint Center IC3, in collaboration with DHS and the Federal Bureau of Investigation, has released an alert on cyber threat actors maliciously using legitimate remote administration tools, such as Remote Desktop Protocol RDP. Threat actors identify and exploit vulnerable RDP...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletin APSB-18-34 and apply the...
Juniper Networks Releases Security Updates
Juniper Networks has released security updates to address vulnerabilities affecting multiple Junos OS versions. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Juniper Security Advisories websit...
Apple Releases Security Updates
Apple has released a security update for macOS High Sierra and supplemental updates for Sierra and El Capitan to address multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the...
Google Releases Security Update for Chrome
Google has released Chrome version 66.0.3359.117 for Windows, Mac, and Linux. This version addresses vulnerabilities that a remote attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the following Cisco Security Advisories and...
Drupal Releases Security Updates
Drupal has released an advisory to address a vulnerability in Drupal core 8.x versions prior to 8.2.8 and 8.3.1. A remote attacker could exploit this vulnerability to obtain sensitive information. US-CERT encourages users and administrators to review Drupal's Security Advisory and upgrade to...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Shockwave Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin...
Google Releases Security Updates for Chrome
Google has released Chrome version 55.0.2883.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the...
Adobe Releases Security Updates for ColdFusion
Adobe has released security updates to address a vulnerability in ColdFusion. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB16-30 and apply the...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in ColdFusion, Acrobat, and Reader. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins...
VMWare Releases Security Updates
VMware has released security updates to address a vulnerability in vCenter Server, vCloud Director, vRealize Automation Identity Appliance, and the Client Integration Plugin. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information. Users and administrators a...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its Cisco Unified Computing System UCS Central Software. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Cisco...
WordPress Releases Security Update
WordPress 4.2.3 and prior versions contain critical cross-site scripting and potential SQL injection vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the WordPress Securit...
Cisco UCS Central Software Vulnerability
Cisco has released a security advisory to address a vulnerability in the web framework of Cisco Unified Computing System UCS Central Software. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to revie...
Apple Addresses FREAK and Releases Security Updates for OS X, iOS, and Apple TV
Apple has released security updates for OS X, iOS, and Apple TV to address multiple vulnerabilities, one of which may allow an attacker to decrypt secure communications between vulnerable clients and servers FREAK. Updates available include: Xcode 6.2 for OS X Mavericks v10.9.4 or later Security...
Apple Releases Security Updates for OS X, Safari, iOS devices, and Apple TV
Apple has released security updates for Mac OS X, Safari, iOS devices, and Apple TV to address multiple vulnerabilities, some of which could allow attackers to execute arbitrary code with system privileges or cause an unexpected application termination. Updates available include: Security Update...
WordPress Releases Update for WordPress 3.7
WordPress has released WordPress 3.7 “Basie” for all previous versions. This version has been devised to automatically update with the latest maintenance and security releases, making the process more reliable and secure, with dozens of new checks and safeguards. WordPress 3.7 also updates the...
Microsoft Releases December Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for December 2011. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges...
Microsoft Releases March Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for March 2011. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the bulletin an...
Adobe Releases Security Updates for Reader and Acrobat
Adobe has released security updates for Reader and Acrobat for Windows and Macintosh. These updates address multiple vulnerabilities including those described in security advisory APSA10-05, a recent Adobe PSIRT blog entry, and security bulletin APSB10-26. Exploitation of these vulnerabilities ma...
Mozilla Releases Firefox 3.5.13 and 3.6.10
The Mozilla Foundation has released Firefox 3.5.13 and 3.6.10 to address a stability issue affecting some users. US-CERT encourages users and administrators to review the release notes for Firefox 3.5.13 and Firefox 3.6.10 and apply any necessary updates to mitigate the issue. This product is...
Microsoft Releases March Security Bulletin
Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for March 2010. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the bulletins...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-66376link is external Synacor Zimbra Collaboration Suite ZCS Cross-Site Scripting Vulnerability This type of vulnerability is a frequent attack vector for...
CISA Releases Six Industrial Control Systems Advisories
CISA released six Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-324-01 Automated Logic WebCTRL Premium Server ICSA-25-324-02 ICAM365 CCTV Camera Multiple Models...
CISA Releases Two Industrial Control Systems Advisories
CISA released two Industrial Control Systems ICS advisories on October 7, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-280-01 Delta Electronics DIAScreen ICSA-25-226-31 Rockwell Automation 1756-EN4TR,...
CISA Releases Ten Industrial Control Systems Advisories
CISA released ten Industrial Control Systems ICS advisories on September 30, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-273-01 MegaSys Enterprises Telenium Online Web Application ICSA-25-273-02 Festo...