Original release date: October 18, 2013 US-CERT is aware of reports that the firmware for various D-Link routers contains a backdoor that allows unauthenticated remote users to bypass the routers' password authentication mechanism. An unauthenticated remote attacker can take any action as an…
Original release date: October 17, 2013 Google has released Google Chrome 30.0.1599.101 for Windows, Mac, Linux and Chrome Frame operating systems to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial-of-service condition or trigger multiple…
Original release date: October 16, 2013 Apple has released a security update for Java on Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, and OS X Mountain Lion 10.8 or later to address multiple vulnerabilities. These vulnerabilities may allow an…
Original release date: October 15, 2013 Oracle has released its Critical Patch Update for October 2013 to address 127 vulnerabilities across multiple products. This update contains the following security fixes: 2 for Oracle Database Server 17 for Oracle Fusion Middleware 4 for Oracle Enterprise…
The FBI is aware of a new type of malware known as Beta Bot. Cyber criminals use Beta Bot to target financial institutions, e-commerce sites, online payment platforms, and social networking sites to steal sensitive data such as log-in credentials and financial information. Beta Bot blocks computer…
Original release date: October 10, 2013 Cisco has released two security advisories to address multiple vulnerabilities. These vulnerabilities could allow an attacker to obtain elevation of privilege, bypass security controls, or cause a denial of service condition. US-CERT encourages users and…
Original release date: October 09, 2013 BlackBerry has released a security advisory to address a vulnerability that affects the BlackBerry Universal Device Service installed by default with BlackBerry® Enterprise Service (BES) versions 10.0 to 10.1.2. This vulnerability could potentially allow an…
Original release date: October 08, 2013 Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Office, Server Software, and Silverlight as part of the Microsoft Security Bulletin Summary for October 2013 . These vulnerabilities could allow…
Original release date: October 08, 2013 Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.04) for Windows. These updates address a regression that occurred in version 11.0.04 affecting Javascript security controls. US-CERT recommends that users and administrators review…
Original release date: October 04, 2013 Apple has released an OS X Mountain Lion v10.8.5 Supplemental Update to address a vulnerability. This vulnerability could potentially allow a local attacker to bypass authentication controls. US-CERT encourages users and administrator to review Apple…
Original release date: October 03, 2013 US-CERT is aware of the public acknowledgement of a compromise of up to 3 million Adobe customers' information, including names and detailed account information. The source code for multiple Adobe products may also have been compromised. US-CERT advises…
According to documents leaked by Edward Snowden, the Guardian newpaper has reported that the NSA is reading encrypted communications. The US spent over $250,000,000 per year on just one of the programs to crack the code. The Guardian reports: US and British intelligence agencies have successfully…
by the FBI Cyber Division The FBI has become aware of a spear phishing e-mail made to appear as if it were from the National Center for Missing and Exploited Children. The subject of the e-mail is “Search for Missing Children,” and a zip file containing 3 malicious files is attached. E-mail…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.