Various cyber actors have engaged in malicious activity against U.S. Government and private sector entities. The apparent objective of this activity has been the theft of intellectual property, trade secrets, and other sensitive business information. The malicious actors have employed a variety of…
Apple has released a security update for Java on OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later, Mac OS X v10.6.8, and Mac OS X Server v10.6.8 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary…
NBC.com was hacked and malicious code was placed on the homepage that looks for exploits on your browser (through plug-ins such as Adobe Acrobat and Java, as well as, iframe script.) When browsing the web, users should take care in viewing pages with exploitable code. The hack known as Citadel is…
Google has released Google Chrome 25.0.1364.87 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to cause a denial-of-service condition or bypass security features.US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update to…
The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities.Firefox 19.0Firefox ESR 17.0.3Thunderbird 17.0.3Thunderbird ESR 17.0.3SeaMonkey 2.16These vulnerabilities could allow an attacker to execute arbitrary code, bypass security features, or cause a…
Oracle has released an updated February 2013 Critical Patch Update for Oracle Java SE to address a vulnerability. This vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on vulnerable systems or to provide unauthorized disclosure of information.The following…
A Chinese building used by the military is at the root of computer attacks made on United States companies. The security company Mandiant was hired to trace the attacks being made on several U.S. firms. The tracking led to the Chinese military unit within the 2nd Bureau of the People’s Liberation…
Facebook was hacked last month; however, they did not notify users for a month. Why? Here is what Facebook says: Facebook, like every significant internet service, is frequently targeted by those who want to disrupt or access our data and infrastructure. As such, we invest heavily in preventing,…
Adobe has released a security advisory for Adobe Reader and Acrobat to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected system. Adobe is aware of reports that two vulnerabilities…
Research In Motion (RIM) has released a security advisory for BlackBerry Enterprise Server to address multiple vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or allow elevation of privileges.RIM has released updates for the following…
Adobe has released a security update for Adobe Flash Player to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected systems.Adobe has released updates for the following versions:Adobe…
Adobe has released a security update for Adobe Shockwave Player to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.Adobe has released updates for the following versions:Adobe Shockwave Player 11.6.8.638 and earlier versions for…
Adobe has released a security advisory for Adobe Flash Player to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected system.Adobe has released updates for the following versions:Adobe…
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Server Software, Office, and .NET Framework as part of the Microsoft Security Bulletin summary for February 2013. These vulnerabilities could allow remote code execution, allow elevation of privilege,…
Apple has released a security update for OS X Server v2.2.1 for OS X Mountain Lion v10.8 or later to address multiple vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code.US-CERT encourages users and administrators to review Apple Support Article HT5644 and…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.