4188 matches found
FCC Promotes Best Practices for SS7 Communications
The Federal Communications Commission FCC has released a public notice encouraging communications service providers to voluntarily use security best practices recommended by the Communications Security, Reliability, and Interoperability Council CSRIC, a federal advisory committee to the FCC. Thes...
DNSSEC Key Signing Key Rollover
On October 11, 2017, the Internet Corporation for Assigned Names and Numbers ICANN will be changing the Root Zone Key Signing Key KSK used in the domain name system DNS Security Extensions DNSSEC protocol. DNSSEC is a set of DNS protocol extensions used to digitally sign DNS information, which is...
Mozilla Releases Security Update
Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.3...
Drupal Releases Security Updates
Drupal has released an advisory to address several vulnerabilities in Drupal 8.x. A remote attacker could exploit one of these vulnerabilities to obtain or modify sensitive information. US-CERT encourages users and administrators to review Drupal's Security Advisory and upgrade to version 8.3.7...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
Symantec Releases Security Update
Symantec has released an update to address vulnerabilities in the Symantec Messaging Gateway. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Symantec Security Advisory and...
Juniper Networks Releases Junos OS Security Advisory
Juniper Networks has released a security advisory that addresses a vulnerability in Junos OS. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. US-CERT encourages users and administrators to review the Juniper Security Advisory and apply necessary updates...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Acrobat, Reader, Experience Manager, and Digital Editions. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and...
Microsoft Releases August 2017 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review Microsoft's August 2017 Security Update Summary and Deployment...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisories for...
FTC Releases Alert on Government Grant Scams
The Federal Trade Commission FTC has released an alert on government grant scams. In these schemes, scammers pose as government officials to get consumers to send them money. Anytime someone asks you to pay money to get money, stop and think twice. US-CERT encourages consumers to refer to the FTC...
IRS Warns Tax Professionals of New Scam to Steal Passwords
The Internal Revenue Service IRS, acting in concert with state tax agencies and the tax industry, has issued an IRS Security Summit Alert for tax professionals to beware of a new phishing email scam. Scam operators often use fraudulent e-mails to entice their targets to reveal login credentials...
Google Releases Security Updates for Chrome OS
Google has released Chrome OS version 60.0.3112.80 for Chrome devices to address multiple vulnerabilities. Exploitation of one these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Google Chrome blog entry...
IC3 Releases Alert on Gift Card Scams
The Internet Crime Complaint Center IC3 has released an alert warning consumers of music gift card scams. This type of scam targets victims, gains their confidence, and tricks them into providing gift card information. To stay safer online, review the IC3 alert on Online Scammers Require Payment...
Cisco Releases Security Updates
Cisco has released updates to address several vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the...
DOJ Provides Organizations a Framework for Development of a Vulnerability Disclosure Program
The Department of Justice DOJ Criminal Division Cybersecurity Unit has developed a framework to assist organizations interested in creating a formal vulnerability disclosure program. US-CERT encourages users, administrators, and organizations to review the DOJ publication, A Framework for a...
Microsoft Releases Security Updates
Microsoft has released updates to address vulnerabilities affecting Microsoft Office. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Microsoft security advisories and appl...
McAfee Releases Security Bulletin for Web Gateway
McAfee has released a security bulletin to address multiple vulnerabilities in Web Gateway. Some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review McAfee Security Bulletin SB10205 and apply the necessary...
Cisco Releases Security Updates
Cisco has released updates to address several vulnerabilities affecting multiple products. Exploitation of one of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review the following Cisco Security Advisories...
Google Releases Security Updates for Chrome
Google has released Chrome version 60.0.3112.78 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the...
Joomla! Releases Security Update
Joomla! has released version 3.7.4 of its Content Management System CMS software to address several vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. US-CERT encourages users and administrators to review the Joomla! Security...
IBM Cisco Security Update
IBM has released a security update to address some vulnerabilities in its IBM Cisco MDS Series Switches Data Center Network Manager DCNM software. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators t...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its Web Security Appliance WSA. A remote attacker could exploit this vulnerability to take control of a system. US-CERT encourages users and administrators to review the Cisco Security Advisory for vulnerability and mitigation...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker may exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Apple security pages for the following products and apply t...
Oracle Releases Security Bulletin
Oracle has released its Critical Patch Update for July 2017 to address 308 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle July...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in its WebEx browser extension on Google Chrome and Mozilla Firefox. A remote attacker could exploit this vulnerability to take control of a system. US-CERT encourages users and administrators to review the Cisco Security Advisory for...
FBI Releases Article on Privacy Risks Associated with Internet-Connected Children's Toys
The Federal Bureau of Investigation FBI has released an article on the privacy risks associated with Internet-connected children's toys. FBI warns that Internet-connected toys may contain "sensors, microphones, cameras, data storage components, and other multimedia capabilities - including speech...
FTC Releases Alert on Digital Security While Traveling
The Federal Trade Commission FTC has released an alert on ensuring good digital security while traveling. Security recommendations include using caution while accessing free Wi-Fi hotspots, keeping all software updated, and using Virtual Private Networks VPNs. US-CERT encourages users to refer to...
Cisco Releases Security Updates
Cisco has released security updates to address several Simple Network Management Protocol SNMP vulnerabilities in its IOS and IOS XE software. A remote attacker could exploit these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Cis...
Juniper Networks Releases Multiple Security Updates
Juniper Networks has released security updates to address multiple vulnerabilities in Junos OS and ScreenOS. A remote attacker could exploit several of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Juniper Security Advisorie...
Samba Releases Security Updates
The Samba Team has released security updates that address a vulnerability in all versions of Samba from 4.0.0 onward using embedded Heimdal Kerberos. A remote attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review...
Microsoft Releases July 2017 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review Microsoft's July 2017 Security Update Summary and Deployment Informatio...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe Connect. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB17-21 and...
FTC Releases Alert on Charity Scams
The Federal Trade Commission FTC has released an alert on charity scams. Recent acts of fraud include solicitations from scammers requesting payment to claim a sweepstakes prize. Anytime someone asks you to pay to obtain a prize, it is a scam. US-CERT encourages consumers to refer to the FTC Aler...
IRS Launches 'Don't Take the Bait' Series
As part of its Security Summit effort, the Internal Revenue Service IRS will be launching a new educational series called "Don't Take the Bait" on July 11, 2017. As part of the "Protect Your Clients, Protect Yourself" campaign, this series will provide information about phishing scams targeting t...
Joomla! Releases Security Update
Joomla! has released version 3.7.3 of its Content Management System CMS software to address several vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. US-CERT encourages users and administrators to review the Joomla! Security...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates:...
Cisco Releases Security Updates
Cisco has released a security advisory to address Simple Network Management Protocol SNMP vulnerabilities in its IOS and IOS XE software. A remote attacker could exploit these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Cisco...
Multiple Petya Ransomware Infections Reported
US-CERT has received multiple reports of Petya ransomware infections in many countries around the world. Ransomware is a type of malicious software that infects a computer and restricts users' access to the infected machine until a ransom is paid to unlock it. Individuals and organizations are...
IRS Warns of Summertime Scams
The Internal Revenue Service IRS has released an alert warning of various types of scams targeting taxpayers this summer. The alert describes common features of these cyber crimes, including robocalls, demands for immediate payment, and threats to have taxpayers arrested immediately. Taxpayers an...
NIST Releases New Digital Identity Guidelines
The National Institute of Standards and Technology NIST has released the Digital Identity Guidelines document suite. The four-volume suite offers technical guidelines for organizations that use digital identity services. US-CERT encourages information security practitioners in industry, governmen...
FTC Releases Alert on Tech-Support Scams
The Federal Trade Commission FTC has released an alert on technical-support scams. In these schemes, deceptive tech-support operations offer to fix problems that don't exist, placing calls or sending pop-ups to make people think their computers are infected with viruses. Users should not give...
Drupal Releases Security Updates
Drupal has released an advisory to address several vulnerabilities in Drupal versions 7.x and 8.x. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Drupal's Security Advisory and upgrade to...
IC3 Issues Internet Crime Report for 2016
The Internet Crime Complaint Center IC3 has released its 2016 Internet Crime Report, describing the numbers and types of cyber crimes reported to IC3. Business Email Compromise BEC, ransomware attacks, tech support fraud, and extortion are all common schemes affecting people in the U.S. and aroun...
Cisco Releases Security Updates
Cisco has released updates to address several vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessar...
Mozilla Releases Security Update
Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.2...
Google Releases Security Updates for Chrome
Google has released Chrome version 59.0.3071.104 for Windows, Mac, and Linux. This version addresses several vulnerabilities, including one that an attacker could exploit to cause a denial-of-service condition. US-CERT encourages users and administrators to review the Chrome Releases page and app...
ISC Releases Security Updates for BIND
The Internet Systems Consortium ISC has released updates that address several vulnerabilities in BIND. An attacker could exploit one of these vulnerabilities to take control of an affected system. Available updates include: BIND version 9.11.1-P1 BIND version 9.10.5-P1 BIND version 9.9.10-P1 ISC...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefo...
Microsoft Releases June 2017 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review Microsoft's June 2017 Security Update Summary and Deployment Informatio...