4188 matches found
National Cybersecurity Awareness Month: Workplace Cybersecurity
October is National Cybersecurity Awareness Month, an annual campaign to raise awareness about cybersecurity. Creating a culture of cybersecurity is critical for all organizations—large and small businesses, academic institutions, non-profits, and government agencies—and is a responsibility share...
MS-ISAC Releases Advisory on PHP Vulnerabilities
The Multi-State Information Sharing & Analysis Center MS-ISAC has released an advisory on multiple Hypertext Preprocessor PHP vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review MS-ISAC...
NCCIC Releases Joint Alert on Worldwide Malicious Activity Using Publicly Available Tools
NCCIC, in collaboration with the Australian Cyber Security Centre, the Canadian Centre for Cyber Security, the New Zealand National Cyber Security Centre, and the United Kingdom National Cyber Security Centre, has released a joint Activity Alert that highlights five publicly available tools...
Juniper Networks Releases Security Updates
Juniper Networks has released security updates to address vulnerabilities affecting multiple Junos OS versions. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Juniper Security Advisories websit...
National Cybersecurity Awareness Month: Careers in Cybersecurity
October is National Cybersecurity Awareness Month, an annual campaign to raise awareness about cybersecurity. The month’s themes educate students and professionals about cybersecurity attack methods, best practices, and preventive measures and are geared toward informing the next generation of...
VMware Releases Security Advisory
VMware has released a security advisory to address a vulnerability in ESXi, Workstation, and Fusion. An attacker could exploit this vulnerability to cause a denial-of-service condition. NCCIC encourages users and administrators to review VMware Security Advisory VMSA-2018-0025 and apply the...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Digital Editions, Framemaker, and Technical Communications Suite. An attacker could exploit these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security...
Microsoft Releases October 2018 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Microsoft’s October 2018 Security Update Summary and...
Apple Releases Security Updates for iCloud, iOS
Apple has released security updates to address vulnerabilities in iCloud for Windows and iOS. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Apple security pages for iCloud for Windows 7.7 and...
National Cybersecurity Awareness Month Webinar on Securing the Internet
The Multi-State Information Sharing and Analysis Center, National Cyber Security Alliance, and the Department of Homeland Security are conducting a National Cybersecurity Awareness Month NCSAM webinar focused on securing the internet. The webinar will be held on Tuesday, October 9, 2018, at 2 p.m...
VMware Releases Security Update
VMware has released a security update to address a vulnerability in AirWatch Console. An attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0024 and apply the necessary update...
NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices
NCCIC is conducting a series of webinars on protecting enterprise network infrastructure devices. The webinar on Thursday, October 4, 2018, is the last in the series, and will be held from 1-2:30 p.m. ET. NCCIC encourages decision makers, network defenders, and procurement analysts to register fo...
Mozilla Releases Security Update for Thunderbird
Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.2.1 and apply the...
Apache Releases Security Updates for Apache Tomcat
The Apache Software Foundation has released security updates to address a vulnerability in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90. A remote attacker could exploit this vulnerability to obtain sensitive information. NCCIC encourages users and administrator...
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security Advisories and Alerts webpa...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security Advisories and Alerts webpage and apply...
APTs Targeting IT Service Provider Customers
The National Cybersecurity and Communications Integration Center NCCIC has received multiple reports of advanced persistent threat APT actors actively exploiting trust relationships in information technology IT service provider networks around the world. NCCIC encourages users and administrators ...
Cybersecurity Threats to Precision Agriculture
DHS has released a report to address cybersecurity threats to new precision agriculture technologies used in crop and livestock production. Precision agriculture employs a variety of embedded and connected technologies to generate data used to enhance agricultural and livestock management. As...
FTC Issues Alert on Recent Facebook Breach
The Federal Trade Commission FTC has released an alert to provide Facebook users with recommended precautions against identity theft after the recent breach of the Facebook social media platform. NCCIC encourages users and administrators to review the FTC Alert and the NCCIC Tip on Preventing and...
National Cybersecurity Awareness Month: Cybersecurity at Home
October is National Cybersecurity Awareness Month NCSAM, an annual campaign to raise awareness about cybersecurity. The National Cyber Security Alliance NCSA has published general tips to help you increase your cybersecurity awareness—including whom to contact if you are the victim of cyber...
North Korean Malicious Cyber Activity
The Department of Homeland Security, the Department of the Treasury, and the Federal Bureau of Investigation have identified malware and other indicators of compromise used by the North Korean government in an ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Governme...
NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices
NCCIC is conducting a series of webinars on protecting enterprise network infrastructure devices. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below: Tuesday, October 2 Thursday, October 4 NCCIC encourages decision makers, network defenders, and procurement analysts to regist...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisory for Firefox 62.0.3 and Firefo...
October is National Cybersecurity Awareness Month
October is National Cybersecurity Awareness Month NCSAM. NCSAM is a collaborative effort between DHS and its public and private partners—including the National Cyber Security Alliance NCSA—to raise awareness about the vital role cybersecurity plays in the lives of U.S. citizens. NCCIC will be...
Adobe Releases Security Updates
Adobe has released security updates to address multiple vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-30 and apply the...
IC3 Issues Alert on RDP Exploitation
The Internet Crime Complaint Center IC3, in collaboration with DHS and the Federal Bureau of Investigation, has released an alert on cyber threat actors maliciously using legitimate remote administration tools, such as Remote Desktop Protocol RDP. Threat actors identify and exploit vulnerable RDP...
DNSSEC Key Signing Key Rollover
On October 11, 2018, the Internet Corporation for Assigned Names and Numbers ICANN will be changing the Root Zone Key Signing Key KSK used in the Domain Name System DNS Security Extensions DNSSEC protocol. DNSSEC is a set of protocol extensions used to digitally sign DNS information, an important...
NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices
NCCIC is conducting a series of webinars on protecting enterprise network infrastructure devices. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below: Thursday, September 27 Tuesday, October 2 Thursday, October 4 NCCIC encourages decision makers, network defenders, and...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security Advisories and Alerts webpage and apply...
Apple Releases Security Update for macOS Mojave
Apple has released a security update to address multiple vulnerabilities in macOS Mojave 10.14. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Apple's security page for macOS Mojave 10.14 and apply...
NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices
NCCIC is conducting a series of webinars on protecting enterprise network infrastructure devices over the next two weeks. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below: Monday, September 24 Thursday, September 27 Tuesday, October 2 Thursday, October 4 NCCIC encourages...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in Cisco Video Surveillance Manager. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security Advisory and apply the necessary...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletin APSB-18-34 and apply the...
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities in Cisco Webex Network Recording Player. A remote attacker could exploit these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security Advisory and apply t...
ISC Releases Security Advisory for BIND
The Internet Systems Consortium ISC has released a security advisory that addresses a vulnerability affecting multiple versions of ISC Berkeley Internet Name Domain BIND. Under certain conditions, a remote attacker could exploit this vulnerability to modify records on an affected server. NCCIC...
NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices
NCCIC will conduct a series of webinars on Protecting Enterprise Network Infrastructure Devices over the next two weeks. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below: Monday, September 24 Thursday, September 27 Tuesday, October 2 Thursday, October 4 NCCIC encourages...
Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Apple security pages for the following products and apply the...
Potential Hurricane Florence Phishing Scams
NCCIC warns users to remain vigilant for malicious cyber activity seeking to exploit interest in Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise caution in...
MS-ISAC Releases Advisory on PHP Vulnerabilities
The Multi-State Information Sharing & Analysis Center MS-ISAC has released an advisory on multiple Hypertext Preprocessor PHP vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review MS-ISAC...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player and ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-31 and APSB18-33...
Google Releases Security Update for Chrome
Google has released Chrome version 69.0.3497.92 for Windows, Mac, and Linux. This version addresses vulnerabilities, one of which an attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary...
Microsoft Releases September 2018 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Microsoft's September 2018 Security Update Summary and...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in VMware AirWatch Agent and Content Locker. An attacker could exploit these vulnerabilities to obtain access to sensitive information. NCCIC encourages users and administrators to review the VMware Security Advisory VMSA-2018-0023 a...
Cisco Releases Security Updates
Cisco has released updates to address multiple vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Cisco Security Advisories and Alerts website and...
Problems with Automatic DNS Registration and Autodiscovery
The CERT Coordination Center CERT/CC has released information on problems associated with small office/home office routers using automatic Domain Name System DNS registration and autodiscovery. An attacker could exploit these problems to obtain sensitive information. NCCIC encourages users and...
September is National Preparedness Month
National Preparedness Month is a good opportunity to assess your emergency preparedness. While general preparedness is essential to getting through an emergency related to a natural disaster, the same is true of preparing for a cyber-related event, such as identity theft or a ransomware infection...
Mozilla Releases Security Updates for Firefox
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisories for Firefo...
Google Releases Security Update for Chrome
Google has released Chrome version 69.0.3497.81 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update. Th...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in Cisco Data Center Network Manager. A remote attacker could exploit this vulnerability to obtain access to sensitive information. NCCIC encourages users and administrators to review the Cisco Security Advisory and apply the necessa...
FTC Promotes Resources to Prevent Cyberbullying
The Federal Trade Commission FTC has released an announcement on the importance of addressing cyberbullying. As children return to school, FTC encourages parents and educators to monitor kids' online activity and engage in conversations about preventing cyberbullying. NCCIC encourages users to...