A statement from Michaels: Dear Valued Customers: In January, we notified you that we might have experienced a data security incident. We wanted you to know quickly so you could take steps to monitor activity on your payment card account. Since that time, we have continued our extensive…
Original release date: April 17, 2014 Adobe has released a security update to address a vulnerability in Adobe Reader Mobile 11.1.3 and earlier versions for Android. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code via a crafted PDF document. US-CERT…
Original release date: April 17, 2014 Google has released Chrome 34.0.1847.120 for all Chrome OS devices, except HP Chromebook Pavillion, to address multiple bug fixes, security updates, and feature enhancements. Users and administrators are encouraged to review the Google Chrome release blog entry…
Original release date: April 16, 2014 Oracle has released its Critical Patch Update for April 2014 to address 104 vulnerabilities across multiple products. This update contains the following security fixes:  2 for Oracle Database Server 20 for Oracle Fusion Middleware  3 for Oracle Hyperion 10…
Original release date: April 09, 2014 As the Easter holiday approaches, US-CERT reminds users to stay aware of holiday scams and cyber campaigns, which may include: shipping notifications that may be phishing scams or may contain malware electronic greeting cards that may contain malware requests…
Original release date: April 09, 2014 Adobe has released security updates to address multiple vulnerabilities in Adobe Flash Player and AIR. Exploitation of these vulnerabilities may allow an attacker to take control of an affected system. The following updates are available: Flash Player 13.0.0.182…
Original release date: April 08, 2014 Microsoft has released updates to address vulnerabilities in Microsoft Office, Office Services, Web Apps, Windows and Internet Explorer as part of the Microsoft Security Bulletin Summary for April, 2014. These vulnerabilities could allow remote code…
Original release date: April 08, 2014 A vulnerability in OpenSSL could allow a remote attacker to expose sensitive data, possibly including user authentication credentials and secret keys, through incorrect memory handling in the TLS heartbeat extension. This may allow an attacker to decrypt traffic…
Original release date: April 02, 2014 Apple released Safari 6.1.3 and Safari 7.0.3 for OS X to address multiple vulnerabilities in WebKit. Software memory corruption issues may lead to information disclosure, unexpected application termination, or arbitrary code execution. Users and administrators…
Original release date: March 25, 2014 | Last revised: March 26, 2014 Microsoft has released a security advisory for Microsoft Word. A vulnerability exists for remote code execution which could allow an attacker to gain user rights by opening a specifically crafted Rich Text Format file. Applying…
Original release date: March 18, 2014 The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Thunderbird, and Seamonkey. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, cause a denial-of-service condition,…
Edward Snowden was interviewed via video conferencing at South by Southwest. Addressing the crowd of techno-geeks, he encouraged them to pick up where he left off. )
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.