The Cisco Wireless LAN Controller (Cisco WLC) product family is affected by multiple vulnerabilities that could potentially cause a denial-of-service condition, allow unauthorized access, or allow an attacker to execute code remotely.Cisco has released software updates that address these…
Google has released Google Chrome 24.0.1312.56 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service.US-CERT encourages users and administrators to review the Google Chrome…
An outrage of the new Instagram privacy policy has seen usage go from 40 million to 17 million in one month. Users took offense to instagram using photos in advertising without the consent of the photographer. The adjustments to the privacy policy will still allow Instagram to share information with…
Adobe has released a security hotfix to address multiple vulnerabilities in Adobe ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh, and UNIX. These vulnerabilities could allow an attacker to bypass authentication controls.US-CERT recommends that users and administrators review…
Oracle has released its Critical Patch Update for January 2013 to address 86 vulnerabilities across multiple products. This update contains the following security fixes:6 for Oracle Database Server7 for Oracle Fusion Middleware13 for Oracle Enterprise Manager Grid Control9 for Oracle E-Business…
Oracle has released an out-of-band patch to address the recently announced vulnerability in Java Runtime Environment (JRE) 7. US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.This product is…
The CERT Program has released Vulnerability Note VU#625617 to address a vulnerability in Oracle Java Runtime Environment (JRE) 7 and earlier that is currently being exploited in the wild. This vulnerability may allow an attacker to execute arbitrary code on vulnerable systems.US-CERT encourages…
The IC3 continues to receive complaints reporting telephone calls from individuals claiming to be with Tech Support from a well-known software company. The callers have very strong accents and use common names such as “Adam” or “Bill.” Callers report the user’s computer is sending error…
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Developers Tools, Server Software, and .NET Framework as part of the Microsoft Security Bulletin summary for January 2013. These vulnerabilities could allow remote code execution, elevation of privilege, security…
A new extortion technique is being deployed by cyber-criminals using the Citadel malware platform to deliver Reveton ransomware. The latest version of the ransomware uses the name of the Internet Crime Complaint Center to frighten victims into sending money to the perpetrators. In addition to…
Microsoft has released Security Advisory 2798897 in response to active attacks using fraudulent digital certificates published by TURKTRUST Inc. These fraudulent certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This vulnerability affects…
Microsoft has released Security Advisory 2794220 to address a vulnerability in Microsoft Internet Explorer 6, 7, and 8. This vulnerability may allow an attacker to execute arbitrary code if a user accesses a specially crafted website. Microsoft is aware of targeted attacks that attempt to exploit…
David B. Fein, United States Attorney for the District of Connecticut, and Kimberly K. Mertz, Special Agent in Charge of the New Haven Division of the Federal Bureau of Investigation, announced that NOUEL ALBA, 37, of the Bronx, New York, was arrested today on a federal criminal complaint charging…
There is a Facebook phishing scam circulating via email. The email looks as show below; however, the link doesn’t really take you to Facebook. Example: From: “Facebook.Team” F28991E87@borgesglass.com To: myemail@domain.com Subject: Account activation Date: Wed, 19 Dec 2012 02:04:41 -1200…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.