Original release date: October 08, 2014 Cisco has released an advisory to address multiple vulnerabilities in the Cisco Adaptive Security Appliance (ASA) Software that could result in a denial of service condition. Cisco has released free software updates that address these vulnerabilities. Users…
Original release date: October 07, 2014 | Last revised: October 10, 2014 Oracle has released security updates to address bash vulnerabilities found across multiple products. US-CERT recommends users and administrators review the Oracle Security Article for additional details, and apply updates as…
Original release date: October 07, 2014 Google has released security updates to address multiple vulnerabilities in Chrome and Chrome OS, some of which could potentially allow an attacker to take control of the affected system or cause a denial of service condition. Updates available include: Chrome…
It sound like a scene right out of a cartoon — Chase and Acme hacked. Wile E. Coyote would be so excited. Both Chase Bank and Acme supermarkets announced major data breaches and loss of customer data. Scores of millions of customer have been affected. JP Morgan announced their Chase division lost…
Original release date: September 30, 2014 Apple has released OS X bash Update 1.0 to address vulnerabilities found in the Bourne-again Shell (bash) which could allow a remote attacker to execute arbitrary shell commands. US-CERT recommends users and administrators review Apple Security Update HT6495…
The “Bash Bug” poses a serious threat to computers and networks. The bug is also known as “shellshock”. The hack allows a remote attack to webservers.
Original release date: September 24, 2014 | Last revised: September 30, 2014 US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.…
Original release date: September 24, 2014 A vulnerability in the Mozilla NSS library could allow an attacker to forge an RSA signature, such as an SSL certificate. The package is often included in 3rd party software, including Linux distributions, Google Chrome, and others. It is possible that other…
Original release date: September 18, 2014 Apple released security updates for iOS devices, Apple TV, and Xcode to address multiple vulnerabilities, some of which could allow attackers to execute code with system privileges or cause an unexpected application termination. Updates available include:…
Original release date: September 16, 2014 Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system. US-CERT encourages users and administrators to…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.