4188 matches found
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin...
Microsoft Releases January 2017 Security Bulletin
Microsoft has released four updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS17-001 through...
GRIZZLY STEPPE - Russian Malicious Cyber Activity
The Department of Homeland Security DHS has released a Joint Analysis Report JAR that details Russian malicious cyber activity, designated as GRIZZLY STEPPE. This activity by Russian civilian and military intelligence services RIS is part of an ongoing campaign of cyber-enabled operations directe...
Mozilla Releases Security Update
Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Mozilla Security Advisory for Thunderbi...
Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in its Cisco CloudCenter Orchestrator. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Cisco Security Advisory and apply the...
FTC Releases Alert on Fake Apps for Mobile Devices
The Federal Trade Commission FTC has released an alert on fraudulent mobile apps designed to exploit consumers. Some fake apps may steal personal information such as credit card numbers. By taking precautions, users can protect themselves and their private data. US-CERT encourages users and...
VMware Releases Security Update
VMware has released a security update to address a vulnerability in vSphere Hypervisor ESXi. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2016-0023 and...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 50.1 Firefox ESR 45.6 Users and administrators...
Joomla! Releases Security Update for CMS
Joomla! has released version 3.6.5 of its Content Management System CMS software to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected website. US-CERT encourages users and administrators to review the Joomla!...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in iCloud for Windows, Safari, iTunes for Windows, and macOS Sierra. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review th...
Microsoft Releases December 2016 Security Bulletin
Microsoft has released 12 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Microsoft Security Bulletins...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-38, APSB16-39,...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in tvOS and iOS. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators review the Apple security pages for tvOS and iOS and apply t...
McAfee Releases Security Bulletin for Virus Scan Enterprise
McAfee has released a security bulletin to address multiple vulnerabilities in Virus Scan Enterprise software versions 2.0.3 and earlier. Some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review McAfee...
Google Releases Security Updates for Chrome
Google has released Chrome version 55.0.2883.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the...
Mozilla Releases Security Updates
Mozilla has released security updates to address a vulnerability in Firefox, Firefox ESR, and Thunderbird. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Available updates include: Firefox 50.0.2 Firefox ESR 45.5.1 Thunderbird 45.5.1 US-CERT...
US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns
US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed email messages and fraudulent posts on social networking...
Mozilla Releases Security Update
Mozilla has released a security update to address a vulnerability in Firefox versions 49 and 50. A remote attacker could exploit this vulnerability to take control of an affected system. Available updates include: Firefox 50.0.1 Users and administrators are encouraged to review the Mozilla Securi...
Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)
The Network Time Foundation's NTP Project has released version ntp-4.2.8p9 to address multiple vulnerabilities in ntpd. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review...
Symantec Releases Security Updates
Symantec has released security updates to address a vulnerability in Norton and Symantec enterprise products. Exploitation of this vulnerability may allow an attacker to take control of an affected system. Users and administrators are encouraged to review Symantec Security Advisory SYM16-021 and...
VMware Releases Security Update
VMware has released a security update to address a vulnerability in vRealize Operations. Exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2016-0020 and apply the...
Strategic Principles for Securing the IoT
DHS has released a set of Strategic Principles for Securing the Internet of Things IoT to help inform consumers, operators and manufacturers in their decision-making regarding networked and networkable devices. While the IoT can provide efficiency, convenience, and interactivity features that are...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Available updates include: Firefox 50 Firefox ESR 45.5 Users and administrators are encouraged...
Symantec Releases Security Updates
Symantec has released security updates to address a vulnerability in multiple products. Exploitation of this vulnerability may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review Symantec Security Advisory SYM16-020 and apply the necessar...
VMWare Releases Security Updates
VMWare has released security updates to address a vulnerability in VMware Workstation and Fusion. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review VMware Security Advisory VMSA-2016-0019 and...
Google Releases Security Updates for Chrome
Google has released Chrome version 54.0.2840.99 for Windows and version 54.0.2840.98 for Linux. These new versions address multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome...
OpenSSL Releases Security Update
OpenSSL version 1.1.0c has been released to address vulnerabilities in prior versions. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the...
Microsoft Releases Security Updates
Microsoft has released 14 updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS16-129 through MS16-14...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Flash Player and Connect. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins APSB16-37 and...
Google Releases Security Updates for Chrome
Google has released Chrome version 54.0.2840.87 for Windows and Mac, and version 54.0.2840.90 for Linux. These new versions address a vulnerability that, if exploited, may allow an attacker to create a denial-of-service condition. US-CERT encourages users and administrators to review the Chrome...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the...
ISC Releases Security Updates for BIND
The Internet Systems Consortium ISC has released updates that address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.9-P4 BIND 9 version 9.10.4-P4 BIND 9 version 9.11.0-P...
Apple Release Security Update for iOS
Apple has released a security update to address vulnerabilities in iOS. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security page for iOS and apply the necessary...
Adobe Releases Security Update
Adobe has released a security update to address a vulnerability in Flash Player. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin APSB16-36 and apply the necessary...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the...
Week Four of National Cyber Security Awareness Month
In partnership with DHS, the National Cyber Security Alliance has released information on Navigating Your Continuously Connected Life which examines our future using Internet of Things IoT devices. The CyberAware Tip of the Week details the infographic on the growing IoT and provides safe computi...
Joomla! Releases Security Update for CMS
Joomla! has released version 3.6.4 of its Content Management System CMS software to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the Joomla!...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its Cisco WebEx Meetings Player. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisory and apply t...
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in iOS, watchOS, tvOS, Safari, and macOS Sierra. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security pag...
Linux Kernel Vulnerability
US-CERT is aware of a Linux kernel vulnerability known as Dirty COW CVE-2016-5195. Exploitation of this vulnerability may allow an attacker to take control of an affected system. US-CERT recommends that users and administrators review the Red Hat CVE Database, the Canoical Ubuntu CVE Tracker, and...
Mozilla Releases Security Update for Firefox
Mozilla has released Firefox 49.0.2 to address a security vulnerability. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Mozilla Security Advisory for Firefox and apply the necessary update...
ISC Releases Security Advisory
The Internet Systems Consortium ISC has released a security advisory to highlight a vulnerability in versions of BIND software released before May 2013, and in third-party versions that do not include fix 3548. Exploitation of this vulnerability may allow a remote attacker to cause a...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
Oracle Releases Security Bulletin
Oracle has released its Critical Patch Update for October 2016 to address 247 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle...
Week Three of National Cyber Security Awareness Month
In partnership with DHS, the National Cyber Security Alliance has released information on recognizing cyber crime and how to protect yourself online. Recommendations include deleting suspicious communications, being wary of "too good to be true" offers, and using strong authentication. The...
Google Releases Security Update for Chrome
Google has released Chrome version 54.0.2840.59 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page an...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the...
Potential Hurricane Matthew Phishing Scams
US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Matthew. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Matthew, even if it appears to originate from ...
Microsoft Releases Security Updates
Microsoft has released 10 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS16-118 through...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Flash Player and the Creative Cloud Desktop Application. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe...