4188 matches found
PrinterLogic Print Management Software Vulnerabilities
The CERT Coordination Center CERT/CC has released information on vulnerabilities affecting PrinterLogic Print Management Software. A remote attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages user...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...
CISA Releases Binding Operational Directive on Vulnerability Remediation
The U.S. Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA issued Binding Operational Directive BOD 19-02, Vulnerability Remediation Requirements for Internet-Accessible Systems. BOD 19-02 requires federal agencies to ensure effective and timely remediation...
Google Releases Security Updates for Chrome
Google has released Chrome version 74.0.3729.131 for Windows, Mac, and Linux. This version addresses two vulnerabilities, one of which an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...
FTC Releases Article on Keeping Children Safe Online
The Federal Trade Commission FTC has released an article with tips for parents to keep their children safe online. The Cybersecurity and Infrastructure Security Agency CISA encourages consumers to review the FTC article and the following additional resources for more information: Keeping Children...
Oracle Releases Security Alert
Oracle has released a security alert to address a vulnerability in WebLogic. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Oracle Security Alert...
ISC Releases BIND Security Updates
The Internet Systems Consortium ISC has released updates that address vulnerabilities in versions of ISC Berkeley Internet Name Domain BIND. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CISA...
Google Releases Security Update for Chrome
Google has released Chrome version 74.0.3729.108 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to revi...
Dutch NCSC Releases Updated TLS Guidelines
The Dutch National Cyber Security Centre NCSC has published an update to their Transport Layer Security TLS protocol guidelines, which aim to improve TLS configuration security. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Dutch NCSC ...
Drupal Releases Security Updates
Drupal has released security updates to address multiple vulnerabilities in Drupal Core. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Multiple Vulnerabilities in Broadcom WiFi Chipset Drivers
The CERT Coordination Center CERT/CC has released information on multiple vulnerabilities in Broadcom Wi-Fi chipset drivers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages...
ICSJWG Spring Meeting April 23–25
The Industrial Control Systems Joint Working Group ICSJWG—a collaborative and coordinating body operating under the Critical Infrastructure Partnership Advisory Council framework—will hold the 2019 ICSJWG Spring Meeting in Kansas City, MO, April 23–25, 2019. ICSJWG facilitates information sharing...
Cisco Releases Security Updates
Cisco has released a security update to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Oracle Releases April 2019 Security Bulletin
Oracle has released its Critical Patch Update for April 2019 to address 297 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
Apache Releases Security Updates for Apache Tomcat
The Apache Software Foundation has released Apache Tomcat versions 7.0.94, 8.5.40, and 9.0.19 to address a vulnerability. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
Vulnerability in Multiple VPN Applications
The CERT Coordination Center CERT/CC has released information on a vulnerability affecting multiple Virtual Private Network VPN applications. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review VMware...
Multiple Vulnerabilities in WPA3 Protocol
The CERT Coordination Center CERT/CC has released information on vulnerabilities—referred to as Dragonblood—in WPA3 protocol. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages...
North Korean Malicious Cyber Activity
The Department of Homeland Security DHS and the Federal Bureau of Investigation FBI have identified a Trojan malware variant—referred to as HOPLIGHT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. The...
Juniper Networks Releases Multiple Security Updates
Juniper Networks has released multiple security updates to address vulnerabilities in various Juniper products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
Intel Releases Security Updates, Mitigations for Multiple Products
Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...
Microsoft Releases April 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Ado...
Samba Releases Security Updates
The Samba Team has released security updates to address vulnerabilities in Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Samba Securi...
Apache Releases Security Update for Apache HTTP Server
The Apache Software Foundation has released Apache HTTP Server version 2.4.39 to address multiple vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
MS-ISAC Releases Security Primer on LockerGoga Ransomware
The Multi-State Information Sharing & Analysis Center MS-ISAC has released a Security Primer on LockerGoga Ransomware—a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware can be devastating to an individual or an...
Supply Chain Integrity Month
April is Supply Chain Integrity Month. The Cybersecurity and Infrastructure Security Agency CISA, the Office of the Director of National Intelligence ODNI, and the Department of Defense DOD are partnering to promote the importance of supply chain security and risk management. Breaches in the supp...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the VMware...
Cisco Releases Security Update for Cisco IOS XE
Cisco has released a security update to address a vulnerability in Cisco IOS XE. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cisco Security Advisory and...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...
ASUS Releases Security Update for Live Update Software
ASUS has released Live Update version 3.6.8. This version addresses vulnerabilities that a remote attacker could exploit to take control of an affected system. These vulnerabilities were detected in exploits in the wild. The Cybersecurity and Infrastructure Security Agency CISA encourages users a...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the App...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Mozilla Security...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address vulnerabilities in Firefox. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Mozilla Security...
Drupal Releases Security Updates
Drupal has released security updates to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Drupal Security...
Cisco Releases Security Advisories for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review t...
Now Available: Recording of Chinese Malicious Cyber Activity Briefing
The Cybersecurity and Infrastructure Security Agency CISA has posted the February 14, 2019, Awareness Briefing on Chinese Malicious Cyber Activity. This webinar provides background and mitigation techniques on Chinese malicious cyber activity targeting managed service providers MSPs. CISA...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Microsoft Ending Support for Windows 7
All software products have a life-cycle. After January 14, 2020, Microsoft will no longer provide security updates or support for PCs running the Windows 7 operating system. After this date, this product will no longer receive free: Technical support for any issues Software updates Security updat...
VMware Releases Security Updates for Workstation and Horizon
VMware has released security updates to address vulnerabilities affecting Workstation 14 and 15, and Horizon 6 and 7. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
Intel Releases Security Advisories on Multiple Products
Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...
New Zealand Tragedy-Related Scams and Malware Campaigns
In the wake of the recent New Zealand mosque shootings, the Cybersecurity and Infrastructure Security Agency CISA advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shootings,...
WordPress Releases Security Update
WordPress 5.1 and prior versions are affected by a vulnerability. An attacker could exploit this vulnerability to take control of an affected website. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the WordPress Security and Maintenance...
MS-ISAC Releases Security Primer on TrickBot Malware
The Multi-State Information Sharing and Analysis Center MS-ISAC has released a security primer on TrickBot malware. TrickBot is a modular banking Trojan that targets users’ financial information and acts as a dropper for other malware. An attacker can leverage TrickBot’s modules to steal banking...
Microsoft Releases Security Update for Azure Linux Guest Agent
Microsoft has released an update to address a vulnerability in Azure Linux Guest Agent. An attacker could exploit this vulnerability to obtain access to sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Microsoft...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit one of these vulnerabilities to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the...
Google Releases Security Updates for Chrome
Google has released Chrome version 73.0.3683.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to revie...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Photoshop CC and Adobe Digital Editions. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to...
Microsoft Releases March 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
ICSJWG Spring Meeting and Call for Abstracts (Deadline Extended)
The Industrial Control Systems Joint Working Group ICSJWG—a collaborative and coordinating body operating under the Critical Infrastructure Partnership Advisory Council CIPAC framework—will hold the 2019 ICSJWG Spring Meeting in Kansas City, MO, April 23–25, 2019. The Spring Meeting kicks off the...