Original release date: September 13, 2013 Apple has released OS X v10.8.5 and Security Update 2013-004 to address multiple vulnerabilities. These vulnerabilities could lead to a denial of service, cross-site scripting, elevation of privilege, or the execution of arbitrary code. US-CERT encourages…
Original release date: September 10, 2013 Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, and Microsoft Server Software as part of the Microsoft Security Bulletin Summary for September 2013 . These vulnerabilities could allow…
Original release date: September 10, 2013 Adobe has released a security update for Adobe Shockwave Player 12.0.3.133 and earlier versions for Windows and Macintosh to address multiple vulnerabilities. These vulnerabilities, if exploited, could allow an attacker to run malicious code on an affected…
Original release date: September 10, 2013 Adobe has released security updates for Adobe Flash Player to address multiple vulnerabilities. Adobe has also released security updates for Adobe Reader and Acrobat XI (11.0.03) and earlier versions for Windows and Macintosh to address multiple…
According to documents leaked by Edward Snowden, the Guardian newpaper has reported that the NSA is reading encrypted communications. The US spent over $250,000,000 per year on just one of the programs to crack the code. The Guardian reports: US and British intelligence agencies have successfully…
Original release date: September 06, 2013 Cisco has released a security advisory to address multiple vulnerabilities in Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. These vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial of…
Original release date: August 29, 2013 Cisco has released a security advisory to address a vulnerability in Cisco Secure Access Control Server (ACS) versions 4.0 through 4.2.1.15. This vulnerability could allow an unauthenticated, remote attacker to execute arbitrary commands. The vulnerability is…
by the FBI Cyber Division The FBI has become aware of a spear phishing e-mail made to appear as if it were from the National Center for Missing and Exploited Children. The subject of the e-mail is “Search for Missing Children,” and a zip file containing 3 malicious files is attached. E-mail…
Original release date: August 24, 2013 | Last revised: August 26, 2013 Cisco has released three security advisories to address multiple vulnerabilities. These vulnerabilities may allow an unauthenticated, remote attacker the ability to modify data, execute arbitrary commands, or cause a denial of…
Original release date: August 22, 2013 | Last revised: August 23, 2013 The FBI is aware of a spear-phishing e-mail appearing as if it were sent from the National Center for Missing and Exploited Children. The subject of the e-mail is "Search for Missing Children," and a zip file…
Original release date: August 21, 2013 Google has released Google Chrome 29.0.1547.57 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial of service condition, conduct a directory traversal attack, or…
Original release date: August 15, 2013 Microsoft has released Security Advisory 2862973 impacting applications and services using certificates with the MD5 hashing algorithm. Usage of the MD5 hash algorithm in certificates could allow an attacker to spoof content, perform phishing attacks, or…
Lavabit was a Texas-based encrypted email service provider. It is the service believed to be used by NSA whistle-blower Edward Snowden to invite human rights activists and lawyers to a press conference. The service suddenly shut down Thursday night. The letter posted by the founder of Lavabit did…
by Internet Crime Complaint Center (IC3) Cyber criminals have long used spam (unsolicited e-mails, usually containing links to websites selling counterfeit goods) as a method to make money and infect computers with malicious software (malware.) Spammers can send billions of these e-mails daily and…
Preet Bharara, the United States Attorney for the Southern District of New York, and George Venizelos, the Assistant Director in Charge of the New York Office of the Federal Bureau of Investigation (FBI), announced today the unsealing of an indictment against a Russian hacker, ALEKSANDR KALININ, aka…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.