Original release date: January 24, 2014 Apple has released a security update for Apple iTunes 11.1.4 to address multiple vulnerabilities. These vulnerabilities could allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to…
Original release date: January 22, 2014 Cisco has released three security advisories to address multiple vulnerabilities. These vulnerabilities may allow a local unauthenticated user to execute arbitrary commands with escalated privileges or cause a denial-of-service (DoS) condition. These…
According to investigators, the malware used to steal millions of people’s personal information from Target has been identified: “The malicious program used to compromise Target and other companies was part of a widespread operation using a Trojan tool known as Trojan.POSRAM, according to a new…
Original release date: January 16, 2014 Google has released Google Chrome 32.0.1700.95 for all Chrome OS devices (except Chromebook Pixel), Google Chrome 32.0.1700.76 for Windows and Chrome Frame, and Google Chrome 32.0.1700.77 for Mac and Linux to address multiple vulnerabilities. These…
The New York Times reports that the NSA has implemented a surveillance program on computers that can communicate without the Internet: The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those…
Original release date: January 15, 2014 Cisco has released a security advisory to address multiple vulnerabilities in Cisco Secure Access Control System (ACS). These vulnerabilities affect the following: Cisco Secure ACS RMI Privilege Escalation Vulnerability Cisco Secure ACS RMI Unauthenticated…
Original release date: January 14, 2014 | Last revised: January 15, 2014 BlackBerry has released a security advisory that addresses Adobe® Flash® remote code execution vulnerabilities that affect BlackBerry® Z10, BlackBerry® Q10 smartphone and BlackBerry® PlayBookâ„¢ tablet customers. These…
Original release date: January 14, 2014 Oracle has released its Critical Patch Update for January 2014 to address 144 vulnerabilities across multiple products. This update contains the following security fixes: 5 for Oracle Database Server 22 for Oracle Fusion Middleware 2 for Oracle Hyperion 4 for…
Original release date: January 14, 2014 Adobe has released security updates for Adobe Flash Player (11.9.900.170) and earlier versions for Windows, Macintosh, Adobe Flash Player (11.2.202.332), and Linux to address multiple vulnerabilities that may allow an attacker to take control of the affected…
Original release date: January 14, 2014 Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.05) and earlier versions for Windows and Macintosh to address multiple vulnerabilities affecting the following software versions: Adobe Reader XI (11.0.05) and earlier 11.x versions for…
Original release date: January 14, 2014 Microsoft has released updates to address vulnerabilities in Microsoft Office, Server Software, Windows, and Microsoft Dynamics AX, as part of the Microsoft Security Bulletin Summary for January 2014. These vulnerabilities could allow remote code execution,…
Original release date: January 10, 2014 A vulnerability in the "monlist" feature of ntpd can allow remote attackers to cause distributed denial of service attack (DDoS) via forged requests. US-CERT and the Canadian Cyber Incident Response Center (CCIRC) have both observed active use of…
A letter from the CEO of target: As you have likely heard by now, Target experienced unauthorized access to payment card data from U.S. Target stores. We take this crime seriously. It was a crime against Target, our team members and most importantly you – our valued guest. We understand that a…
U.S. District Judge Richard Leon said the National Security Agency’s bulk collection of phone records violates privacy rights. Based on information provided by Edward Snowden the NSA appears to be committing crimes in its pursuit of criminals. “I cannot imagine a more ‘indiscriminate’ and…
Apple, Facebook, Microdosft, LinkedIn, Twitter and Google are calling for government surveillance reform. Ironically, their website, ReformGovernmentSurveillance.com, is currently not working; nevertheless, the tech giants feel the US government has become to intrusive and costly spying on its own…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.