It appears one of the largest data breaches has effected customers of the Home Depot. In a statement the company says: We’re looking into some unusual activity that might indicate a possible payment data breach and we’re working with our banking partners and law enforcement to investigate. We…
Original release date: September 04, 2014 WordPress 3.9.2 has been released to address multiple vulnerabilities, one of which could allow a possible denial of service issue in PHP’s XML processing. WordPress 3.7.3 or 3.8.3 users will be updated to 3.7.4 or 3.8.4. Users operating older,…
Original release date: September 03, 2014 The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox and Thunderbird. Exploitation of these vulnerabilities may allow an attacker to cause an exploitable crash or execute arbitrary code. The following updates…
The Federal Bureau of Investigation, Secret Service and National Security Agency are investigating data breaches at J P Morgan. The Wall Street Journal reports: The potential infiltration of bank computer systems represents one of the biggest concerns expressed by top bank executives in recent…
Original release date: August 27, 2014 Google has released Chrome 37.0.2062.94 for Windows, Mac and Linux. This update includes 50 security fixes some of which could allow a remote attacker to obtain unauthorized access or cause a denial of service. US-CERT encourages users and administrators to…
Original release date: August 22, 2014 US-CERT is aware of Backoff malware compromising a significant number of major enterprise networks as well as small and medium businesses. US-CERT encourages administrators and operators of Point-of-Sale systems to review the Backoff malware alert to help…
Twenty PA hospitals lost millions of patient’s personal information including social security numbers. The healthcare provider released the following notification: In July 2014, Community Health Systems Professional Services Corporation (“CHSPSC”) confirmed its computer network was the…
Original release date: August 18, 2014 US-CERT is aware of a breach of sensitive patient identification information affecting approximately 4.5 million patients and customers of Community Health Systems, Inc. As part of DHS, US-CERT is working together with the FBI and the Department of Health and…
Original release date: August 14, 2014 New Zealand’s National Cyber Security Centre (NCSC) has released Security Advisory NCSC-C-2014-17 which highlights a spearphishing campaign targeting government employees. The NCSC provides enhanced cybersecurity services to the New Zealand Government and…
Original release date: August 14, 2014 Apple has released security updates for Safari to address vulnerabilities which could allow an attacker to execute arbitrary code or cause an unexpected application termination. Updates include Safari 6.1.6 and Safari 7.0.6 for OS X Lion v10.7.5, OS X Lion…
Original release date: August 13, 2014 Google has released security updates to address multiple vulnerabilities in Chrome, Chrome OS and Chrome for Android. Some of these vulnerabilities could potentially allow an attacker to obtain sensitive information or cause a denial of service. Updates…
Original release date: August 12, 2014 Adobe has released security updates to address multiple vulnerabilities in Flash Player, Adobe Reader and Acrobat. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system. Users and administrators are…
Original release date: August 12, 2014 Microsoft has released updates to address vulnerabilities in Windows, Office, SQL Server, Server Software, .NET Framework, and Internet Explorer as part of the Microsoft Security Bulletin Summary for August 2014. Some of these vulnerabilities could allow remote…
“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” said Alex Holden, the founder and chief information security officer of Hold Security. “And most of these sites are still vulnerable.”…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.