4188 matches found
Google Releases Security Updates for Chrome
Google has released Chrome version 72.0.3626.121 for Windows, Mac, and Linux. This version addresses a vulnerability that a remote attacker could exploit to take control of an affected system. This vulnerability was detected in exploits in the wild. The Cybersecurity and Infrastructure Security...
Cisco Releases Security Updates
Cisco has released multiple security updates to address vulnerabilities in various Cisco products. An attacker could exploit some of those vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review...
IRS Launches ‘Dirty Dozen’ Campaign on Tax Scams
The Internal Revenue Service IRS has launched its annual awareness campaign on the 12 most prevalent tax scams, known as the “Dirty Dozen.” As part of the campaign, IRS will highlight one scam each weekday. The first topic in the campaign focuses on internet phishing scams that lead to tax fraud...
Adobe Releases Security Updates for ColdFusion
Adobe has released security updates to address a vulnerability in ColdFusion. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review th...
National Consumer Protection Week
National Consumer Protection Week NCPW is March 3–9. This annual event encourages individuals and businesses to learn about their consumer rights and how to keep themselves secure. The Federal Trade Commission FTC and its NCPW partners provide free resources to protect consumers from fraud, scams...
OpenSSL Releases Security Update
OpenSSL version 1.0.2r has been released to address a vulnerability for users of versions 1.0.2–1.0.2q. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the OpenSSL...
ISC Releases Security Updates for BIND
The Internet Systems Consortium ISC has released security updates that address vulnerabilities affecting multiple versions of ISC Berkeley Internet Name Domain BIND. A remote attacker could exploit one of these vulnerabilities to cause a denial-of-service condition. The Cybersecurity and...
Drupal Releases Security Updates
Drupal has released security updates to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Drupal’s security...
Adobe Releases Security Updates
Adobe has released security updates to address a vulnerability in Adobe Acrobat and Reader. An attacker could exploit this vulnerability to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review Adobe Security Bulletin...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Cis...
VMware Releases Security Updates
VMware has released security updates to address a vulnerability affecting multiple VMware products. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review VMware...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the Mozilla...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
Internet Romance Scams
The Federal Trade Commission FTC has released an article addressing a rise in reports of internet romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. Use caution when online dating, and never send money or gifts to someone...
Microsoft Releases February 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities affecting Adobe Flash Player, Acrobat and Reader, ColdFusion, and Creative Cloud Desktop Application. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and...
New Session Added: CISA Awareness Briefing on Chinese Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA has added an additional session to the virtual awareness briefing on Chinese malicious cyber activity targeting managed service providers. The briefing will be held on Thursday, February 14, 2019, from 1-2 p.m. ET. The briefing will provid...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in Network Assurance Engine. An attacker could exploit this vulnerability to obtain sensitive information. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Security...
runc Open-Source Container Vulnerability
The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Security Agency CISA, is aware of a vulnerability affecting several open-source container management systems that leverage runc. NCCIC encourages users and administrators to review...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products, including the recently discovered FaceTime vulnerability. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration...
Marvell Avastar Wi-Fi Vulnerability
The CERT Coordination Center CERT/CC has released information on a vulnerability affecting Marvell Avastar wireless system on chip SoC models. An attacker could exploit this vulnerability to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC...
Microsoft Releases Security Advisory for Exchange Server
Microsoft has released an advisory to address an elevation of privilege vulnerability in Microsoft Exchange Server. An attacker could exploit this vulnerability to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity...
NSA Releases Updated Guidance on Side-Channel Vulnerabilities
The National Security Agency NSA has released updated information on a set of side-channel vulnerabilities affecting modern computer processors. An attacker can exploit these vulnerabilities to obtain sensitive information. The National Cybersecurity and Communications Integration Center NCCIC,...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit one of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure...
MS-ISAC Releases Advisory on DNS Flag Day
The Multi-State Information Sharing & Analysis Center MS-ISAC has released an alert on Domain Name System DNS Flag Day, which is Friday, February 1, 2019. On DNS Flag Day, DNS software and service providers will roll out updates to remove workarounds that allow users to bypass the Extension...
CISA Awareness Briefing on Chinese Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency CISA will conduct a series of virtual awareness briefings on Chinese malicious cyber activity targeting managed service providers MSPs. Briefings will be held from 1–2 p.m. ET on the dates listed below: Wednesday, February 6 Friday, February 22...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
Google Releases Security Updates for Chrome
Google has released Chrome version 72.0.3626.81 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
CERT/CC Reports Microsoft Exchange 2013 and Newer are Vulnerable to NTLM Relay Attacks
The CERT Coordination Center CERT/CC has released information to address NTLM relay attacks affecting Microsoft Exchange 2013 and newer versions. A remote attacker could exploit this vulnerability to take control of an affected system. The National Cybersecurity and Communications Integration...
Tax Identity Theft Awareness Week
Tax Identity Theft Awareness Week is January 28 to February 1. This annual campaign aims to help consumers be more informed about protecting themselves from tax-related identity theft and scams. Tax-related identity theft occurs when someone steals a Social Security number and uses it to claim a...
CISA Releases Blog on Emergency Directive
The U.S. Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA Director Christopher Krebs, has released a blog, titled “Why CISA Issued Our First Emergency Directive,” to explain considerations in issuing Emergency Directive 19-01 on January 22, 2019. The...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure...
Data Privacy Day
January 28 is Data Privacy Day DPD, an annual effort to promote data privacy awareness and education. This year’s DPD events, sponsored by the National Cyber Security Alliance NCSA, focus around the theme, A New Era in Privacy. The NCSA Stay Safe Online website will feature a live stream of the...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Experience Manager. An attacker could exploit these vulnerabilities to obtain sensitive information. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Securit...
CISA Emergency Directive on DNS Infrastructure Tampering
The U.S. Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA issued an emergency directive to address ongoing incidents associated with global Domain Name System DNS infrastructure tampering. CISA is aware of multiple executive branch agency domains that were...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
Drupal Releases Security Updates
Drupal has released security updates addressing vulnerabilities in Drupal 7.x, 8.5.x, and 8.6.x. A remote attacker could exploit these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
Oracle Releases January 2019 Security Bulletin
Oracle has released its Critical Patch Update for January 2019 to address 284 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part...
DNS Infrastructure Hijacking Campaign
The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure Security Agency CISA, is aware of a global Domain Name System DNS infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in Cisco AsyncOS Software for Cisco Email Security Appliance. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. The National Cybersecurity and Communications Integration Center NCCIC, part o...
Juniper Networks Releases Multiple Security Updates
Juniper Networks has released multiple security updates to address vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Connect and Adobe Digital Editions. An attacker could exploit one of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecuri...
Microsoft Releases January 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
CERT/CC Reports Critical Vulnerabilities in Microsoft Windows, Server
The CERT Coordination Center CERT/CC has released information on vulnerabilities affecting versions of Microsoft Windows and Windows Server. A remote attacker could exploit these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Cente...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and Infrastructure...
Securing New Devices
During the holidays, internet-connected devices also known as Internet of Things IoT are often popular gifts—such as smart TVs, watches, toys, phones, and tablets. This technology provides a level of convenience to our lives, but it requires that we share more information than ever. The security ...
Chinese Malicious Cyber Activity
The Department of Homeland Security DHS Cybersecurity and Infrastructure Security Agency CISA released information on Chinese government malicious cyber activity targeting global information technology IT service providers—such as managed service providers and cloud service providers—and their...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in Adaptive Security Appliance. A remote attacker could exploit this vulnerability to take control of an affected system. The National Cybersecurity and Communications Integration Center NCCIC, part of the Cybersecurity and...
Microsoft Releases Out-of-Band Security Updates
Microsoft has released out-of-band security updates to address a vulnerability in Internet Explorer 9, 10, and 11. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. The National Cybersecurity and...