4188 matches found
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Shockwave Player, Captivate, and Digital Editions. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Adobe...
FTC Recommends Steps to Protect Against Mobile Phone Theft
The Federal Trade Commission FTC has released an alert about the theft of mobile phones and the best way to prepare for and recover from this kind of theft. Precautionary steps include regularly backing up the data on the phone, using strong passwords, and using two-factor authentication on any...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in vSphere Data Protection. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2017-0010 and...
Cisco Releases Security Updates
Cisco has released updates to address several vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary...
Google Releases Security Updates for Chrome
Google has released Chrome version 59.0.3071.86 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the...
SEI Issues Advice on Ransomware
The Software Engineering Institute SEI of Carnegie Mellon University has released a blog post on best practices for preventing and responding to ransomware. This common malware captures, encrypts, and holds your data to extort a ransom. SEI’s top recommendation to thwart ransomware attacks is to...
FBI Releases Article on Protecting Business Email Systems
The Federal Bureau of Investigation FBI has released an article on Building a Digital Defense with an Email Fortress. FBI warns that scammers commonly target business email accounts with phishing and social engineering schemes. Strategies for preventing email compromises include avoiding the use ...
FTC Releases Alert on Identity Theft
The Federal Trade Commission FTC has released an alert about how quickly criminals begin using your personal information once it is posted to a hacker site by an identity thief. FTC researchers found that it can take as few as 9 minutes for crooks to access stolen personal information posted to...
Samba Releases Security Updates
The Samba Team has released security updates that address a vulnerability in all versions of Samba from 3.5.0 onward. A remote attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review Samba's Security Announcement and...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
ICS-CERT Releases WannaCry Fact Sheet
The Industrial Control Systems Cyber Emergency Response Team ICS-CERT has released a short overview of the WannaCry ransomware infections. This fact sheet provides information on how the WannaCry program spreads, what users should do if they have been infected, and how to protect against similar...
Joomla! Releases Security Update for CMS
Joomla! has released version 3.7.1 of its Content Management System CMS software to address a vulnerability. Exploitation of this vulnerability may allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the Joomla! Security Release and...
WordPress Releases Security Update
WordPress versions prior to 4.7.5 are affected by multiple vulnerabilities. A remote attacker could exploit some of these vulnerabilities to take control of an affected website. Users and administrators are encouraged to review the WordPress Security Release and upgrade to WordPress 4.7.5. This...
FTC Releases Alert on Fraudulent Emails
The Federal Trade Commission FTC has released an alert about scammers sending out fake emails that look authentic to trick you into sending money to them. Users should be suspicious of unsolicited phone calls or email messages from individuals asking about your information. If an unknown individu...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker may exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Apple security pages for the following products and apply t...
Multiple Ransomware Infections Reported
US-CERT has received multiple reports of WannaCry ransomware infections in many countries around the world. Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it. Individuals and organizations are discouraged from...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its WebEx Meetings Server which could allow a remote attacker to obtain sensitive information. US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary update. This product is...
Microsoft Releases May 2017 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review Microsoft's May 2017 Security Update Summary and Deployment Information...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in its IOS and IOS XE Software. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the Cisco Security Advisory and apply the necessary...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe Experience Manager Forms. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security...
FTC Announces Resource for Small Business Owners
The Federal Trade Commission FTC has released an announcement about its new website devoted to protecting small businesses. This resource aims to help business owners avoid scams, protect their computers and networks, and keep their customers' and employees' data safe. Business owners and other...
FTC Promotes Privacy Awareness Week
The Federal Trade Commission FTC has released an announcement on Privacy Awareness Week, celebrated this week in the U.S. The theme of this year’s initiative is “Share with Care,” and the FTC is offering privacy tips, including how to safeguard your information online, improve your computer...
Microsoft Releases Critical Security Update
Microsoft has released a critical out-of-band security update addressing a vulnerability in the Microsoft Malware Protection Engine. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review Microsoft Security...
Intel Firmware Vulnerability
Intel has released recommendations to address a vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect...
Mozilla Releases Security Updates
Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisories for Firefox 53.0.2 and Firefox ESR...
IC3 Warns of Increase in BEC/EAC Schemes
The Internet Crime Complaint Center IC3 has issued an alert describing a growing number of scams targeting businesses working with foreign suppliers or businesses that regularly perform wire transfer payments. These sophisticated scams are classified as business email compromise BEC or email...
Google Docs Phishing Campaign
US-CERT is aware of a phishing campaign that affected Google Docs users. The campaign used spoofed email addresses to target users with emails purporting to share a document for collaboration. Once the targeted users accepted invitations, they were encouraged to allow the phishing program access ...
Microsoft Ending Security Updates for Windows 10 version 1507
After May 9, 2017, devices running Windows 10 version 1507 will no longer receive security updates. US-CERT encourages users and administrators to review Microsoft's Windows 10 version 1507 post for more information and to apply necessary updates. This product is provided subject to this...
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary...
Google Releases Security Updates for Chrome
Google has released Chrome version 58.0.3029.96 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to cause a denial-of-service condition. US-CERT encourages users and administrators to review the Chrome page and apply the necessary updates. This...
Intel Firmware Vulnerability
Intel has released recommendations to address a vulnerability in the firmware of the following Intel products: Active Management Technology, Standard Manageability, and Small Business Technology, firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6. This vulnerability does not affect...
FTC Releases Announcement on Identity Theft
The Federal Trade Commission FTC recommends that consumers who are affected by identity theft file a report at IdentityTheft.gov—a one-stop resource to help you report and recover from identity theft. Information provided there includes checklists, sample letters, and links to other resources...
Adobe Releases Security Updates for ColdFusion
Adobe has released security updates to address a vulnerability in ColdFusion. Exploitation of this vulnerability may allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review Adobe Security Bulletin APSB17-14 and apply the necessary updates...
Pre-Installed Applications Developed with Portrait Displays SDK Contain Critical Vulnerability
Applications developed using the Portrait Displays software development kit SDK, versions 2.30 through 2.34, contain a critical vulnerability. A local attacker could exploit this vulnerability to take control of an affected system. The affected applications, pre-installed on some Fujitsu, HP, and...
IBM Releases Security Update
IBM has released a security update to address a vulnerability in IBM Domino server IMAP EXAMINE. An attacker could exploit this vulnerability to take control of an affected system. Available updates include: Domino 9.0.1 Feature Pack 8 Interim Fix 2 Domino 8.5.3 Fix Pack 6 Interim Fix 17 Users an...
Cisco Releases Security Updates
Cisco has released updates to address several high-impact vulnerabilities affecting multiple products. These and other lower-impact vulnerabilities are listed at Cisco Security Advisories and Alerts. A remote attacker could exploit one of the high-impact vulnerabilities to cause a denial-of-servi...
Drupal Releases Security Updates
Drupal has released an advisory to address a vulnerability in Drupal core 8.x versions prior to 8.2.8 and 8.3.1. A remote attacker could exploit this vulnerability to obtain sensitive information. US-CERT encourages users and administrators to review Drupal's Security Advisory and upgrade to...
Mozilla Releases Security Updates
Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisories for Firefox 53, Firefox ESR 45.9,...
Google Releases Security Updates for Chrome
Google has released Chrome version 58.0.3029.81 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker may exploit to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the necessary...
Oracle Releases Security Bulletin
Oracle has released its Critical Patch Update for April 2017 to address 299 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle April...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in Unified Access Gateway, Horizon View, and Workstation. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Securit...
Microsoft Addresses Shadow Brokers Exploits
The Microsoft Security Response Center MSRC has published information on several recently publicized exploit tools which affect various Microsoft products. Users and administrators are reminded that software no longer supported by Microsoft also known as end-of-life EOL software is particularly a...
VMware Releases Security Updates
VMware has released security updates to address a vulnerability in vCenter Server. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review VMware Security Advisory VMSA-2017-0007 and apply the...
Microsoft Releases April 2017 Security Updates
Microsoft has released 61 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of a system. This Security Update addresses a Microsoft Office vulnerability that is actively being exploited to spread...
ISC Releases Security Updates for BIND
The Internet Systems Consortium ISC has released updates that address multiple vulnerabilities in BIND. A remote attacker could exploit any of these vulnerabilities to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.9-P8 BIND 9 version 9.10.4-P8 BIND 9 version...
Apache Software Foundation Releases Security Updates
The Apache Foundation has released security updates to address vulnerabilities in Apache Tomcat. Exploitation of one of these vulnerabilities may cause a remote attacker to obtain sensitive information. Users and administrators are encouraged to review Apache.org CVE-2017-5648, CVE-2017-5650, and...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Campaign, Flash Player, Acrobat and Reader, Photoshop CC, and Creative Cloud. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are...
Easter Holiday Phishing Scams and Malware Campaigns
As the Easter holiday approaches, US-CERT reminds users to stay aware of holiday scams and cyber campaigns, which may include: unsolicited shipping notifications that may actually be scams by attackers to solicit personal information phishing scams, electronic greeting cards that may contain...
Cisco Releases Security Updates
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply th...
Apple Releases Security Update for iOS
Apple has released a security update to address a vulnerability in iOS. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security page for iOS and apply the necessary update. This...