Original release date: February 27, 2014 Apple has released QuickTime 7.7.5 for Windows operating systems to address multiple vulnerabilities, which may lead to an unexpected application termination or arbitrary code execution. US-CERT encourages users and administrators to review Apple Support…
Original release date: February 27, 2014 Apple has released OS X Mavericks v10.9.2 and Security Update 2014-001 to address multiple vulnerabilities for the following versions of OS X: OS X Lion v10.7.5 OS X Lion Server v10.7.5 OS X Mountain Lion v10.8.5 OS X Mavericks v10.9 and v10.9.1 US-CERT…
Original release date: February 27, 2014 Apple has released security updates for Safari 6.1.2Â and 7.0.2 for OS X to address multiple vulnerabilities in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. US-CERT encourages…
Original release date: February 26, 2014 In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that seek to take advantage of the United States tax season. The Internal Revenue Service has issued an advisory on its website warning consumers about…
Original release date: February 26, 2014 Cisco has released a security advisory to address a vulnerability in Cisco Prime Infrastructure software versions 1.2, 1.3, 1.4, and 2.0 which could allow an unauthenticated, remote attacker to execute arbitrary commands with root -level privileges. US-CERT…
Original release date: February 24, 2014 Google has released Google Chrome 33.0.1750.124 for several Chrome OS devices to address multiple vulnerabilities, one of which could allow a server certificate to change in a renegotiation. Users and administrators are encouraged to review the Google…
Original release date: February 21, 2014 Apple has released updates for iOS and Apple TV devices to address a vulnerability that allows an attacker with a privileged network position to capture or modify data in protected SSL/TLS sessions. Updates are available: iOS 6.1.6 for iPhone 3GS and iPod…
Original release date: February 21, 2014 Google has released Google Chrome 33.0.1750.117 for Windows, Mac, and Linux to address multiple vulnerabilities, some of which could allow a remote, unauthenticated attacker to completely compromise a vulnerable system. Users and administrators are encouraged…
Original release date: February 21, 2014 Cisco has released a security advisory to address a vulnerability in Cisco Unified Computing System (UCS) Director. This vulnerability could allow an unauthenticated, remote attacker to take complete control of the affected device due to a default root user…
Original release date: February 20, 2014 Microsoft has released Security Advisory 2934088  to address a use-after-free vulnerability in Internet Explorer 9 and 10, which can be used by a remote attacker to take control of a vulnerable system. US-CERT and Microsoft are aware of targeted attacks…
On Wednesday night, law enforcement officials contacted Kickstarter and alerted us that hackers had sought and gained unauthorized access to some of our customers’ data. Upon learning this, we immediately closed the security breach and began strengthening security measures throughout the…
Original release date: February 04, 2014 | Last revised: February 05, 2014 Overview Whether traveling to Sochi, Russia for the XXII Olympic Winter Games, or viewing the games from locations abroad, there are several cyber-related risks to consider. As with many…
Usernames and passwords were stolen from Yahoo! accounts. Yahoo says: Security attacks are unfortunately becoming a more regular occurrence. Recently, we identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts. Upon discovery, we took immediate action to protect our users,…
According to investigators, the malware used to steal millions of people’s personal information from Target has been identified: “The malicious program used to compromise Target and other companies was part of a widespread operation using a Trojan tool known as Trojan.POSRAM, according to a new…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.