4188 matches found
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and app...
FTC Releases Alert on Tech-Support Scams
The Federal Trade Commission FTC has released an alert on tech-support themed telephone scams. In these schemes, fraudulent callers claim to be from legitimate technical support organizations and offer to fix computer problems that don't exist. Users should not give control of their computers to...
IRS Issues Warning for Tax Phishing Scam
The Internal Revenue Service IRS has issued a press release to address a phishing scam targeting taxpayers. Email scammers have been observed citing tax fraud to trick victims into clicking on a malicious link. Taxpayers should be suspicious of unsolicited emails. Users and administrators are...
Apple Releases Security Update
Apple has released a security update to address a vulnerability in its iBooks Author software. Exploitation of this vulnerability may allow an attacker to obtain sensitive information from an affected system. US-CERT encourages users and administrators to review the Apple security website and app...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its Cisco Firepower System software. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Cisco Security Advisory and apply t...
Google Releases Security Update for Chrome
Google has released Chrome version 49.0.2623.108 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome...
Oracle Releases Security Update for Java SE
Oracle has released Java SE 8u77 to address a vulnerability in prior versions of the software. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle security alert and apply the necessary...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of these vulnerabilities could allow a remote attacker to create a denial-of-service condition. US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply...
Apple Releases Multiple Security Updates
Apple has released security updates for iOS, watchOS, tvOS, Xcode, OS X El Capitan, OS X Server 5.1, and Safari to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: iOS 9.3...
IC3 Warns That Vehicles Are Increasingly Vulnerable to Remote Exploits
The Internet Crime Complaint Center IC3 has issued an alert warning that modern motor vehicles are increasingly vulnerable to remote attacks. Vehicle owners should take precautions in order to minimize cybersecurity risks to their vehicles. Users are encouraged to review the IC3 Alert for details...
Symantec Releases Security Update
Symantec has released an update to address vulnerabilities in Symantec Endpoint Protection version 12.1. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Security Advisory from...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in VMware vRealize Automation and vRealize Business Advanced and Enterprise. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review...
OpenSSH Releases Security Update
OpenSSH version 7.2p2 has been released to address a vulnerability in all prior versions. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information. US-CERT encourages users and administrators to review the OpenSSH Security Advisory and apply the necessary...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin APSB16-08 and app...
Citrix Releases Security Update
Citrix has released updates to address a vulnerability in its Citrix Licensing Server. Exploitation of this vulnerability could allow a remote attacker to take control of an affected server. Users and administrators are encouraged to review Citrix Security Bulletin CTX207824 and Vulnerability Not...
Apple Releases Security Update
Apple has released a security update to address a vulnerability in Apple Software Update. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security website for Software Update 2.2...
ISC Releases Security Updates for BIND
The Internet Systems Consortium ISC has released updates that address three vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.8-P4 BIND 9 version 9.10.3-P4 BIND 9 version...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected device. Users and administrators are encouraged to review the following Cisco Security Advisories and appl...
Adobe Releases Security Updates for Acrobat, Reader, and Digital Editions
Adobe has released security updates to address multiple vulnerabilities in Acrobat, Reader, and Digital Editions. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security...
Google Releases Security Update for Chrome
Google has released Chrome version 49.0.2623.87 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releas...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 45 Firefox ESR 38.7 Users and administrators ar...
Microsoft Releases March 2016 Security Bulletin
Microsoft has released 13 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS16-023 throug...
ISC Releases Security Updates for DHCP Server
Internet Systems Consortium ISC has released security updates to address a vulnerability in versions of ISC Dynamic Host Configuration Protocol DHCP server. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Updated versions of ISC DHCP...
IRS Issues Alert for Tax Phishing Scheme
The Internal Revenue Service IRS has issued a news release addressing a new spear phishing scheme targeting payroll and human resource professionals. In this scheme, cybercriminals pose as company executives requesting personal information on employees. US-CERT encourages users and administrators...
Google Releases Security Update for Chrome
Google has released Chrome version 49.0.2623.75 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected device. Users and administrators are encouraged to review the following Cisco Security Advisories and appl...
OpenSSL Releases Security Advisory
OpenSSL has released updates to address vulnerabilities in prior versions. Exploitation of some of these vulnerabilities may allow a remote attacker to obtain sensitive information. Updates available include: OpenSSL 1.0.2g for 1.0.2 users OpenSSL 1.0.1s for 1.0.1 users Users and administrators a...
SSLv2 DROWN Attack
Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. Exploitation of this vulnerability—referred to as DROWN in public reporting—may allow a remote attacker to decrypt individual messages from a server supporting SSLv2...
Apple Releases Security Update for Apple TV
Apple has released a security update for Apple TV to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected device. US-CERT encourages users and administrators to review the Apple security update for Apple TV 7.2....
Drupal Releases Security Updates
Drupal has released updates to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. Available updates include: Drupal core 6.38 for 6.x users Drupal core 7.43 for 7.x users Drupal core 8.0.4 for 8.0.x...
FTC Shares Security Tips for ASUS Wireless Routers
The Federal Trade Commission FTC has provided network security tips for vulnerable ASUS-branded wireless routers. Major security flaws in these routers may have exposed customers' sensitive information to malicious actors. FTC urges consumers to download the latest security updates for their...
Microsoft Releases Update for EMET
US-CERT is aware of a vulnerability in Microsoft Enhanced Mitigation Experience Toolkit EMET versions prior to 5.5. Exploitation of this vulnerability may allow a remote attacker to bypass or disable EMET to take control of an affected system. US-CERT recommends users and administrators visit the...
Google Releases Security Update for Chrome
Google has released Chrome version 48.0.2564.116 to address a vulnerability for Windows, Mac, and Linux. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome Releases page and apply t...
GNU glibc Vulnerability
GNU glibc contains a buffer overflow vulnerability in the DNS resolver. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Vulnerability Note VU457759 and the glibc Project Notification for...
Mozilla Releases Security Updates
The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 44.0.2 Firefox ESR 38.6.1 US-CERT encourag...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in its Adaptive Security Appliance ASA software. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Cisco Security Advisory an...
Microsoft Releases February 2016 Security Bulletin
Microsoft has released 13 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS16-009 through...
Google Releases Security Update for Chrome
Google has released Chrome version 48.0.2564.109 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Chrome...
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities in Connect, Experience Manager, Flash Player, and Photoshop CC and Bridge CC. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to...
Oracle Releases Security Updates for Java
Oracle has released security updates to address a vulnerability in Java SE versions 6, 7, and 8 for Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle security alert and apply...
Comodo Chromodo Browsers Vulnerable to Cross-Domain Attacks
Some Comodo Chromodo browser versions 45.8.12.392, 45.8.12.391, and possibly earlier are vulnerable to cross-domain attacks. When a user of a vulnerable Chromodo browser visits a specially crafted web page, an attacker may obtain access to web content from another domain. US-CERT recommends users...
WordPress Releases Security Update
WordPress 4.4.1 and prior versions contain two security vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to obtain sensitive information. Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade to...
FTC Announces Enhancements to IdentityTheft.gov
The Federal Trade Commission FTC has upgraded its IdentityTheft.gov site to provide improved help to victims of identity theft. Enhancements include more personalized response plans for consumers, automatic generation of documents to aid in recovery, and better integration of the site with the...
OpenSSL Releases Security Advisory
OpenSSL versions 1.0.2f and 1.0.1r have been released to address vulnerabilities in prior versions. Exploitation of these vulnerabilities may allow a remote attacker to obtain sensitive information. US-CERT encourages users and administrators to review the OpenSSL Security Advisory and apply the...
Cisco Releases Security Update
Cisco has released a security update to address a vulnerability in the web-based management interface of Cisco RV220W Wireless Network Security Firewall devices. Exploitation of this vulnerability could allow a remote attacker to take control of an affected device. Users and administrators are...
Mozilla Releases Security Updates
Mozilla has released security updates to address multiple vulnerabilities in Firefox. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 44 Firefox ESR 38.6 US-CERT encourages users and administrators ...
Apple Releases Security Update for tvOS
Apple has released a security update for tvOS to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Apple security update for tvOS 9.1.1 Apple ...
IRS Releases Tenth Security Tip
The Internal Revenue Service IRS has released the tenth in a series of tips intended to help the public protect personal and financial data online and at home. This tip describes steps tax preparers can take to protect sensitive information. Recommendations include conducting a full scan of all...
Google Releases Security Update for Chrome
Google has released Chrome version 48.0.2564.82 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases...
Cisco Releases Security Updates
Cisco has released security updates to address vulnerabilities in Modular Encoding Platform D9036 software, Unified Computing System UCS Manager software, and Firepower 9000 Series devices. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected device...