Original release date: February 21, 2014 Apple has released updates for iOS and Apple TV devices to address a vulnerability that allows an attacker with a privileged network position to capture or modify data in protected SSL/TLS sessions. Updates are available: iOS 6.1.6 for iPhone 3GS and iPod…
Original release date: February 21, 2014 Google has released Google Chrome 33.0.1750.117 for Windows, Mac, and Linux to address multiple vulnerabilities, some of which could allow a remote, unauthenticated attacker to completely compromise a vulnerable system. Users and administrators are encouraged…
Original release date: February 21, 2014 Cisco has released a security advisory to address a vulnerability in Cisco Unified Computing System (UCS) Director. This vulnerability could allow an unauthenticated, remote attacker to take complete control of the affected device due to a default root user…
Original release date: February 20, 2014 Microsoft has released Security Advisory 2934088  to address a use-after-free vulnerability in Internet Explorer 9 and 10, which can be used by a remote attacker to take control of a vulnerable system. US-CERT and Microsoft are aware of targeted attacks…
Original release date: February 20, 2014 | Last revised: February 21, 2014 Adobe has released security updates to address a vulnerability in Adobe Flash Player 12.0.0.44 or earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.336 or earlier versions for Linux. Exploitation…
Original release date: February 20, 2014 Cisco has released updates to address three vulnerabilities in the Cisco Intrusion Prevention Software (IPS). These vulnerabilities affect multiple versions of Cisco IPS Software on multiple platforms and could allow remote, unauthenticated attackers to cause…
On Wednesday night, law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers’ data. Upon learning this, we immediately closed the security breach and began strengthening security measures throughout the…
Original release date: February 14, 2014 | Last revised: February 21, 2014 An unpatched Internet Explorer 10 use-after-free vulnerability is being exploited in the wild. CERT/CC Vulnerability Note VU#732479 has been published with further details about the vulnerability. US-CERT recommends users…
Original release date: February 11, 2014 Adobe has released a security update to address a vulnerability in Adobe Shockwave Player 12.0.7.148 and earlier versions for Windows and Macintosh operating systems. Exploitation of this vulnerability could allow an attacker to take control of the affected…
Original release date: February 07, 2014 | Last revised: February 11, 2014 Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft Security Software, and Microsoft .NET Framework as part of the Microsoft Security Bulletin Summary for February…
Original release date: February 04, 2014 The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities: Firefox 27 Firefox ESR 24.3 Thunderbird 24.3 Seamonkey 2.24 These vulnerabilities could allow a remote attacker to execute arbitrary code, bypass…
Original release date: February 04, 2014 | Last revised: February 05, 2014 Overview Whether traveling to Sochi, Russia for the XXII Olympic Winter Games, or viewing the games from locations abroad, there are several cyber-related risks to consider. As with many…
Usernames and passwords were stolen from Yahoo! accounts. Yahoo says: Security attacks are unfortunately becoming a more regular occurrence. Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. Upon discovery, we took immediate action to protect our users,…
According to investigators, the malware used to steal millions of people’s personal information from Target has been identified: “The malicious program used to compromise Target and other companies was part of a widespread operation using a Trojan tool known as Trojan.POSRAM, according to a new…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.