Original release date: September 18, 2014 Apple released security updates for iOS devices, Apple TV, and Xcode to address multiple vulnerabilities, some of which could allow attackers to execute code with system privileges or cause an unexpected application termination. Updates available include:…
Original release date: September 16, 2014 Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system. US-CERT encourages users and administrators to…
Original release date: September 11, 2014 Cisco has released an advisory to address a vulnerability in the Cisco Integrated Management Controller (Cisco IMC) SSH module of the Cisco Unified Computing System E-Series Blade servers that could allow an unauthenticated, remote attacker to cause a denial…
A Russian hacker reportedly posted 5 million gmail usernames and passwords. Google denies being hacked. In a press release, Google said: One of the unfortunate realities of the Internet today is a phenomenon known in security circles as “credential dumps”—the posting of lists of usernames and…
Original release date: September 10, 2014 Google has released Chrome 37.0.2062.120 for Windows, Mac and Linux. This update addresses multiple vulnerabilities one of which could potentially allow an attacker to cause a denial of service. US-CERT encourages users and administrators to review the…
Original release date: September 09, 2014 Adobe has released security updates to address multiple vulnerabilities in Adobe Flash Player and Air for Windows, Macintosh and Linux. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system. Users…
Original release date: September 09, 2014 Microsoft released updates to address vulnerabilities in Windows, .NET Framework, Internet Explorer and Lync Server as part of the Microsoft Security Bulletin Summary for September 2014. Some of these vulnerabilities could allow remote code execution,…
It appears one of the largest data breaches has effected customers of the Home Depot. In a statement the company says: We’re looking into some unusual activity that might indicate a possible payment data breach and we’re working with our banking partners and law enforcement to investigate. We…
Original release date: September 04, 2014 WordPress 3.9.2 has been released to address multiple vulnerabilities, one of which could allow a possible denial of service issue in PHP’s XML processing. WordPress 3.7.3 or 3.8.3 users will be updated to 3.7.4 or 3.8.4. Users operating older,…
Original release date: September 03, 2014 The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox and Thunderbird. Exploitation of these vulnerabilities may allow an attacker to cause an exploitable crash or execute arbitrary code. The following updates…
The Federal Bureau of Investigation, Secret Service and National Security Agency are investigating data breaches at J P Morgan. The Wall Street Journal reports: The potential infiltration of bank computer systems represents one of the biggest concerns expressed by top bank executives in recent…
Original release date: August 27, 2014 Google has released Chrome 37.0.2062.94 for Windows, Mac and Linux. This update includes 50 security fixes some of which could allow a remote attacker to obtain unauthorized access or cause a denial of service. US-CERT encourages users and administrators to…
Original release date: August 22, 2014 US-CERT is aware of Backoff malware compromising a significant number of major enterprise networks as well as small and medium businesses. US-CERT encourages administrators and operators of Point-of-Sale systems to review the Backoff malware alert to help…
Twenty PA hospitals lost millions of patient’s personal information including social security numbers. The healthcare provider released the following notification: In July 2014, Community Health Systems Professional Services Corporation (“CHSPSC”) confirmed its computer network was the…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.