4188 matches found
IRS Announces Safeguards to Protect Taxpayer Information
The Internal Revenue Service IRS has issued two news releases addressing new safeguards to protect taxpayers and strengthen authentication requirements. The electronic filing e-File PIN, an alternative signature verification tool used to assist with electronic tax filing, will no longer be...
WordPress Releases Security Update
WordPress 4.5.2 and prior versions are affected by several security issues. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPre...
Apple Releases Security Update
Apple has released a security update to address a vulnerability in AirPort Base Station Wi-Fi enabled devices. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security page for AirPor...
Google Releases Security Update for Chrome
Google has released Chrome version 51.0.2704.103 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow a remote attacker to obtain sensitive information from an affected system. US-CERT encourages users and administrators to review...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe AIR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. The critical vulnerability in Flash Player is being used in limited, targeted attack...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in the web-based management interface of three wireless routers models RV110W, RV130W, and RV215W. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages...
VMware Releases Security Updates
VMware has released security updates to address a vulnerability in vCenter Server. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review VMware Security Advisory VMSA-2016-0009 and apply the...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in DNG Software Development Kit SDK, Brackets, Creative Cloud Desktop Application, and Cold Fusion. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and...
Microsoft Releases June 2016 Security Bulletin
Microsoft has released 16 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Microsoft Security Bulletins...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in NSX, vCNS and vRealize Log Insight. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Security Advisories...
Increased Risks from Macro-Based Malware
Microsoft Office applications use macros to automate routine tasks. However, macros can contain malicious code that can be used to exploit vulnerable systems. Recently, there has been a resurgence of malware that is spread via macros. Individuals and organizations should proactively secure system...
Mozilla Releases Security Updates
The Mozilla Foundation has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Network Security Services NSS. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 47 Firefox...
Symantec Releases Security Updates
Symantec has released security updates to address vulnerabilities in multiple products. Exploitation of some of these vulnerabilities may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review Symantec Security Advisory SYM16-009 and apply t...
Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)
The Network Time Foundation's NTP Project has released version ntp-4.2.8p8 to address multiple vulnerabilities in ntpd. Exploitation of one of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review Vulnerability...
WP Mobile Detector Vulnerability
WP Mobile Detector, a WordPress plugin, contains a vulnerability in versions prior to 3.6. Exploitation of this vulnerability could allow an attacker to take control of an affected website. US-CERT encourages users and administrators to disable the configuration option allowurlfopen if it is not...
Google Releases Security Update for Chrome
Google has released Chrome version 51.0.2704.79 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...
Lenovo Accelerator Application Vulnerability
Lenovo has issued a security advisory to address a vulnerability in the Accelerator Application software. Products affected by this vulnerability include the Lenovo notebook and desktop systems preloaded with the Windows 10 operating system. Exploitation of this vulnerability may allow a remote...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in its Prime Network Analysis Module software. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the following Cisco...
IC3 Warns of Extortion Email Schemes
The Internet Crime Complaint Center IC3 has issued an alert on extortion schemes that relate to recent high-profile data thefts. Fraudsters often use the news release of high-profile data breaches to scare victims into clicking on a link or paying a ransom. US-CERT encourages users and...
Google Releases Security Update for Chrome
Google has released Chrome version 51.0.2704.63 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...
Adobe Releases Security Update for Adobe Connect
Adobe has released a security update to address a vulnerability in Adobe Connect for Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Adobe Security Bulletin APSB16-17 and apply the...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in multiple products. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2016-0005 and...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in its Web Security Appliance software. Exploitation of these vulnerabilities could cause a denial-of-service-condition on an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories a...
Apple Releases Multiple Security Updates
Apple has released security updates for tvOS, iOS, watchOS, OS X El Capitan, Safari, and iTunes. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: tvOS 9.2.1 for Apple TV 4th generation iOS 9.3.2 for iPhone ...
Symantec Releases Security Update
Symantec has released Anti-Virus Engine 20151.1.1.4 to address a vulnerability in Symantec Antivirus products. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Symantec Security Advisory...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin APSB16-15 and apply the...
Google Releases Security Update for Chrome
Google has released Chrome version 50.0.2661.102 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in ColdFusion, Acrobat, and Reader. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletins...
Microsoft Releases May 2016 Security Bulletin
Microsoft has released 16 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the following Microsoft Security Bulletins...
WordPress Releases Security Update
WordPress 4.5.1 and prior versions are affected by two vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the following Cisco Security Advisories and...
ImageMagick Vulnerability
ImageMagick, an open-source image processing software suite, has released versions 7.0.1-1 and 6.9.3-10 to address a vulnerability in previous software versions. Exploitation of this vulnerability may allow an attacker to take control of an affected system. Users and administrators are encouraged...
OpenSSL Releases Security Updates
OpenSSL has released security updates to address vulnerabilities in previous versions. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: OpenSSL 1.0.2h for 1.0.2 users OpenSSL 1.0.1t for 1.0.1 users US-CERT...
Apple Releases Security Update
Apple has released a security update for Xcode to address two vulnerabilities. Exploitation of either of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Apple security update for Xcode and update to...
FBI Releases Article on Ransomware
The Federal Bureau of Investigation FBI has released an article addressing the proliferation of ransomware campaigns. Ransomware is a type of malicious software that infects a computer and restricts users' access to it until a ransom is paid to unlock it. Individuals and organizations are...
Google Releases Security Update for Chrome
Google has released Chrome version 50.0.2661.94 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 46 Firefox ESR 38.8 Firefox ESR 45.1 Users and...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition on an affected system. US-CERT encourages users and administrators to review the following Cisco Security...
FTC Releases Alert on Earthquake Disaster Email Scams
The Federal Trade Commission FTC has released an alert on email scams that cite the recent earthquakes in Ecuador and Japan. The scam emails may contain links or attachments that direct users to phishing or malware-infected websites. Donation requests from fraudulent charitable organizations...
Symantec Releases Security Updates
Symantec has released security updates to address vulnerabilities in its Messaging Gateway SMG Appliance software. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Symantec...
Oracle Releases Security Bulletin
Oracle has released its Critical Patch Update for April 2016 to address 136 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle April...
VMWare Releases Security Updates
VMware has released security updates to address a vulnerability in vCenter Server, vCloud Director, vRealize Automation Identity Appliance, and the Client Integration Plugin. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information. Users and administrators a...
Google Releases Security Update for Chrome
Google has released Chrome version 50.0.2661.75 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases...
IRS Warns Taxpayers About Scams as Tax Deadline Approaches
The Internal Revenue Service IRS has issued a press release to warn of a potential increase in scams targeting taxpayers around the April 18 tax deadline. Before and after the deadline, scammers may tempt or pressure taxpayers into revealing personal information. US-CERT and IRS recommend taxpaye...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its Cisco Unified Computing System UCS Central Software. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Cisco...
Samba Security Updates Address Badlock Vulnerabilities
The Samba Team has released security updates that address vulnerabilities, collectively known as Badlock, affecting both Windows operating systems and Samba in UNIX-like platforms. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system or create a...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Flash Player, Creative Cloud Desktop Application, and RoboHelp Server. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to...
Microsoft Releases April 2016 Security Bulletin
Microsoft has released 13 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the following Microsoft Security Bulletins...
Adobe Releases Updates for Flash Player
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB16-10 and apply t...
Juniper Releases Update for ScreenOS
Juniper has released ScreenOS version 6.3.0r22 to address issues with encryption methods used in prior versions. US-CERT recommends that users and administrators review articles Juniper Networks Completes ScreenOS Update and Advancing the Security of Juniper Products for more information and upda...