Original release date: April 25, 2013 Cisco has released three security advisories to address vulnerabilities affecting Cisco NX-OS-based products, Cisco Device Manager, and Cisco Unified Computing System. These vulnerabilities may allow an attacker to bypass authentication controls, execute…
The Associated Press Twitter account was hacked, and a tweet was sent saying, “Breaking: Two Explosions in the White House and Barack Obama is injured.” The stock market went into a nose dive, but quickly recovered after the tweet was discovered to be fake. The situation highlighted the problem…
HARRISBURG, PA – Pennsylvania Attorney General Kathleen G. Kane has joined 18 other state attorneys general in a new online safety campaign with the popular social networking site, Facebook. The initiative, which was formally unveiled at the National Association of Attorneys General’s…
Original release date: April 18, 2013 Apple has released security updates for Safari 6.0.4 WebKit to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Safari 6.0.4 WebKit updates are available for…
Original release date: April 17, 2013 | Last revised: April 18, 2013 Malicious actors are exploiting the April 15 explosions at the Boston Marathon in attempts to collect money intended for charities and to spread malicious code. Fake websites and social networking accounts have been set up to take…
Last Wednesday, we began noticing unusually high incoming traffic across our servers. We determined that this traffic was caused by an automated program that was attempting to break in to our customers’ WordPress sites. This also had the effect of slowing down our Linux servers due to all of the…
Original release date: April 17, 2013 Oracle has released its Critical Patch Update for April 2013 to address 128 vulnerabilities across multiple products. This update contains the following security fixes: 4 for Oracle Database Server 29 for Oracle Fusion Middleware 6 for Oracle E-Business Suite 3…
Original release date: April 15, 2013 US-CERT is aware of an ongoing campaign targeting the content management software WordPress, a free and open source blogging tool and web publishing platform based on PHP and MySQL. All hosting providers offering WordPress for web content management are…
A Pennsylvania Judge has ruled that corporations are not entitled to the same right of privacy as people. The case involved the fracking industry. Washington County Court of Common Pleas Judge Debbie O’Dell Seneca said, “Whether a right of privacy for businesses exists within the prenumbral…
Original release date: April 11, 2013 Google has released Google Chrome 26.0.1410.57 for all Chrome OS devices to address a vulnerability. This vulnerability could allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Release blog entry…
Original release date: April 10, 2013 Adobe has released security updates for Adobe Flash Player. These vulnerabilities could potentially allow an attacker to take control of an affected system or cause a denial-of-service condition. Adobe has released updates to the following products: Adobe Flash…
Original release date: April 10, 2013 Adobe has released a security update for Adobe Shockwave Player 12.0.0.112 and earlier versions for Windows and Macintosh to address multiple vulnerabilities. These vulnerabilities could allow an attacker to execute arbitrary code on the affected system. …
Original release date: April 10, 2013 | Last revised: April 15, 2013 Adobe has released a security hotfix for Adobe ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX to address multiple vulnerabilities. These vulnerabilities could allow an unauthorized user to bypass authentication…
Original release date: April 04, 2013 | Last revised: April 09, 2013 Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Internet Explorer, Server Software, and Security Software as part of the Microsoft Security Bulletin summary for April 2013 . These…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.