According to investigators, the malware used to steal millions of people’s personal information from Target has been identified: “The malicious program used to compromise Target and other companies was part of a widespread operation using a Trojan tool known as Trojan.POSRAM, according to a new…
Original release date: January 16, 2014 Google has released Google Chrome 32.0.1700.95 for all Chrome OS devices (except Chromebook Pixel), Google Chrome 32.0.1700.76 for Windows and Chrome Frame, and Google Chrome 32.0.1700.77 for Mac and Linux to address multiple vulnerabilities. These…
The New York Times reports that the NSA has implemented a surveillance program on computers that can communicate without the Internet: The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those…
Original release date: January 15, 2014 Cisco has released a security advisory to address multiple vulnerabilities in Cisco Secure Access Control System (ACS). These vulnerabilities affect the following: Cisco Secure ACS RMI Privilege Escalation Vulnerability Cisco Secure ACS RMI Unauthenticated…
Original release date: January 14, 2014 | Last revised: January 15, 2014 BlackBerry has released a security advisory that addresses Adobe® Flash® remote code execution vulnerabilities that affect BlackBerry® Z10, BlackBerry® Q10 smartphone and BlackBerry® PlayBookâ„¢ tablet customers. These…
Original release date: January 14, 2014 Oracle has released its Critical Patch Update for January 2014 to address 144 vulnerabilities across multiple products. This update contains the following security fixes: 5 for Oracle Database Server 22 for Oracle Fusion Middleware 2 for Oracle Hyperion 4 for…
Original release date: January 14, 2014 Adobe has released security updates for Adobe Flash Player (11.9.900.170) and earlier versions for Windows, Macintosh, Adobe Flash Player (11.2.202.332), and Linux to address multiple vulnerabilities that may allow an attacker to take control of the affected…
Original release date: January 14, 2014 Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.05) and earlier versions for Windows and Macintosh to address multiple vulnerabilities affecting the following software versions: Adobe Reader XI (11.0.05) and earlier 11.x versions for…
Original release date: January 14, 2014 Microsoft has released updates to address vulnerabilities in Microsoft Office, Server Software, Windows, and Microsoft Dynamics AX, as part of the Microsoft Security Bulletin Summary for January 2014. These vulnerabilities could allow remote code execution,…
Original release date: January 10, 2014 A vulnerability in the "monlist" feature of ntpd can allow remote attackers to cause distributed denial of service attack (DDoS) via forged requests. US-CERT and the Canadian Cyber Incident Response Center (CCIRC) have both observed active use of…
Original release date: January 10, 2014 Microsoft has issued a Security Bulletin Advance Notification indicating its January release will contain four bulletins. These bulletins will have the severity rating of important and will be for Microsoft Office, Server Software, Windows, and Microsoft…
Original release date: December 30, 2013 The United Kingdom's Centre for the Protection of National Infrastructure (CPNI) has recently released a paper titled "Spear Phishing - Understanding the Threat;" this document provides guidance on how spear phishing attacks work, whether you…
A letter from the CEO of target: As you have likely heard by now, Target experienced unauthorized access to payment card data from U.S. Target stores. We take this crime seriously. It was a crime against Target, our team members and most importantly you – our valued guest. We understand that a…
U.S. District Judge Richard Leon said the National Security Agency’s bulk collection of phone records violates privacy rights. Based on information provided by Edward Snowden the NSA appears to be committing crimes in its pursuit of criminals. “I cannot imagine a more ‘indiscriminate’ and…
Apple, Facebook, Microdosft, LinkedIn, Twitter and Google are calling for government surveillance reform. Ironically, their website, ReformGovernmentSurveillance.com, is currently not working; nevertheless, the tech giants feel the US government has become to intrusive and costly spying on its own…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.