Original release date: January 10, 2014 Cisco has released a security advisory concerning a vulnerability in the Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router, which could allow an unauthenticated,…
Original release date: January 10, 2014 A vulnerability in the "monlist" feature of ntpd can allow remote attackers to cause distributed denial of service attack (DDoS) via forged requests. US-CERT and the Canadian Cyber Incident Response Center (CCIRC) have both observed active use of…
Original release date: January 10, 2014 Microsoft has issued a Security Bulletin Advance Notification indicating its January release will contain four bulletins. These bulletins will have the severity rating of important and will be for Microsoft Office, Server Software, Windows, and Microsoft…
Original release date: December 30, 2013 The United Kingdom's Centre for the Protection of National Infrastructure (CPNI) has recently released a paper titled "Spear Phishing - Understanding the Threat;" this document provides guidance on how spear phishing attacks work, whether you…
A letter from the CEO of target: As you have likely heard by now, Target experienced unauthorized access to payment card data from U.S. Target stores. We take this crime seriously. It was a crime against Target, our team members and most importantly you – our valued guest. We understand that a…
Original release date: December 18, 2013 Apple has released security updates for Safari 6.1.1 and Safari 7.0.1 to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to obtain sensitive information, execute arbitrary code or cause a denial-of-service condition.…
U.S. District Judge Richard Leon said the National Security Agency’s bulk collection of phone records violates privacy rights. Based on information provided by Edward Snowden the NSA appears to be committing crimes in its pursuit of criminals. “I cannot imagine a more ‘indiscriminate’ and…
Original release date: December 11, 2013 The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities. Firefox 26 Firefox ESR 24.2 Thunderbird 24.2 SeaMonkey 2.23 These vulnerabilities could allow a remote attacker to bypass intended security…
Original release date: December 11, 2013 Adobe has released security updates for Adobe Flash Player to address multiple vulnerabilities. Adobe is aware of reports that an exploit designed to trick a user into opening a Microsoft Word document with malicious Flash (.swf) content exists. These…
Original release date: December 11, 2013 Adobe has released a security update for Adobe Shockwave Player 12.0.6.147 and earlier versions on the Windows and Macintosh operating systems to address multiple vulnerabilities. These vulnerabilities could allow an attacker to execute arbitrary code on the…
Original release date: December 10, 2013 Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, Microsoft Lync, Internet Explorer, Microsoft Exchange, Microsoft SharePoint, and Microsoft Developer Tools as part of the Microsoft Security Bulletin Summary for…
Apple, Facebook, Microdosft, LinkedIn, Twitter and Google are calling for government surveillance reform. Ironically, their website, ReformGovernmentSurveillance.com, is currently not working; nevertheless, the tech giants feel the US government has become to intrusive and costly spying on its own…
The FBI reminds holiday shoppers to beware of cyber criminals who are out to steal money and personal information. Scammers use many techniques to defraud consumers, from phishing e-mails offering too good to be true deals on brand-name merchandise to offering quick cash to victims who will re-ship…
Original release date: December 09, 2013 Google has released Google Chrome 31.0.1650.63 for Windows, Mac, Linux and Chrome Frame to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to hijack a web session, spoof the address bar or cause a denial of service…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.