Original release date: July 02, 2014 Cisco has released a security advisory to address multiple vulnerabilities in Cisco Unified Communications Domain Manager, some of which may allow an attacker to execute arbitrary commands or obtain privileged access to the affected system. The following…
Original release date: July 01, 2014 Apple has released security updates for Mac OS X, Safari, iOS devices, and Apple TV to address multiple vulnerabilities, some of which could allow attackers to execute arbitrary code with system privileges or cause an unexpected application termination. Updates…
Original release date: June 23, 2014 Multiple weaknesses exist in several server platforms employing IPMI. Exploitation of these vulnerabilities could allow an attacker to take control of the affected system or expose sensitive server information. Server administrators are encouraged to review…
SANS Security Tip: Don’t get hooked by a Phishing expedition Don’t reply to email or pop-up messages that ask for personal or financial information, and don’t click on links in the message. Don’t cut and paste a link from the message into your Web browser — phishers can make links look…
Original release date: June 17, 2014 Microsoft has released a security advisory to address a vulnerability to the Microsoft Malware Protection Engine. Successful exploitation of the vulnerability could allow an attacker to cause a denial of service. An update is available for the following affected…
From “ask the lawyer on FaceBook”: Irena Dimitrieva June 7 at 9:35am · Edited IMPORTANT NOTE: We only answer questions that involve Pennsylvania law. We are NOT permitted by our rules of ethics to respond to questions that involve other states’ laws. Please do NOT ask questions if you are in…
Original release date: June 13, 2014 The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Firefox ESR, Thunderbird, and Netscape Portable Runtime. Exploitation of these vulnerabilities may allow attackers to execute arbitrary code, cause a denial of…
Original release date: June 10, 2014 Google has released security updates to address multiple vulnerabilities in Chrome and Chrome OS. Some of these vulnerabilities could potentially allow an attacker to take control of the affected system or cause a denial of service. Updates available include:…
Original release date: June 10, 2014 Adobe has released security updates to address multiple vulnerabilities in Flash Player and Air. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system. The following updates are available: Adobe Flash…
Original release date: June 10, 2014 Microsoft has released updates to address vulnerabilities in Windows, Office, Internet Explorer, Lync, and Lync Server as part of the Microsoft Security Bulletin Summary for June 2014. Some of these vulnerabilities could allow remote code executions. US-CERT…
Original release date: June 05, 2014 OpenSSL has released updates patching 6 vulnerabilities, which may allow an attacker to decrypt or modify traffic between a vulnerable client and server, cause a denial of service condition, or remotely execute arbitrary code. The following updates are…
The BBC is reporting that “The US has charged a Russian man with being behind a major cybercrime operation that affected individuals and businesses worldwide.” Evgeniy Bogachev, said to be known as “lucky12345″ and “slavik”, is accused of being involved in attacks on more than a million…
Original release date: May 28, 2014 New Zealand’s National Cyber Security Centre (NCSC-NZ) has released its 2013 Incident Summary . The NCSC provides enhanced cybersecurity services to New Zealand Government and private sector organizations against cybersecurity threats. This product is…
Ebay was hacked and a database of user information was compromised. Though there is no information on the Ebay website, they said in a statement to a news organization that it is a victim of “a cyber attack on our corporate information network, which compromised a database containing eBay user…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.