Original release date: November 13, 2014 The Internet Crime Complaint Center (IC3), a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) to combat Internet crime, has released a Scam Alert advising the public of an ongoing telephone scam…
Original release date: November 11, 2014 Google has released Chrome 38.0.2125.122 for Windows, Mac and Linux. This update addresses a vulnerability which could potentially allow an attacker to take over an affected system. US-CERT encourages users and administrators to review the Google Chrome…
Original release date: November 11, 2014 Adobe has released security updates to address multiple vulnerabilities in Flash Player, one of which could potentially allow an attacker to take control of the affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB…
Original release date: November 11, 2014 Microsoft has released updates to address vulnerabilities in Windows, Office, Exchange, .NET Framework, SharePoint, and Internet Explorer as part of the Microsoft Security Bulletin Summary for November 2014. Some of these vulnerabilities could allow remote…
Original release date: October 29, 2014 | Last revised: October 30, 2014 Drupal released a public service announcement to address active exploitations of a previously patched vulnerability found in Drupal core 7.x versions prior to 7.32. US-CERT advises users and administrators to review…
Original release date: October 23, 2014 Apple has released QuickTime 7.7.6 for Windows 7, Vista, XP SP2 or later to address multiple vulnerabilities, some of which may allow remote attackers to execute arbitrary code or cause a denial of service. Users and administrators are encouraged to review…
Yet another large retailer has reported a data breach. “Staples is in the process of investigating a potential issue involving credit card data and has contacted law enforcement,” said Mark Cautela, Staples’ public relations manager. Target, Home Depot and Dairy Queen have also been victims of…
Original release date: October 22, 2014 Microsoft has released a security advisory to provide recommended mitigations for an unpatched vulnerability, ( CVE-2014-6352 ) which affects all Microsoft Windows releases except Windows Server 2003. This vulnerability could allow an attacker to take control…
Original release date: October 20, 2014 Apple has released security updates for iOS devices and Apple TV to address multiple vulnerabilities, one of which could allow an attacker to decrypt data protected by SSL. Updates available include: iOS 8.1 for iPhone 4s and later, iPod touch 5th generation…
Original release date: October 17, 2014 US-CERT is aware of a design vulnerability found in the way SSL 3.0 handles block cipher mode padding. Exploitation of this vulnerability may allow a remote attacker to decrypt and extract information from inside an encrypted transaction. US-CERT recommends…
Original release date: October 17, 2014 Apple has released Security Update 2014-005 to address vulnerabilities in SSL 3.0. US-CERT recommends users and administrators review Apple Security Update HT6531 for additional details. This product is provided subject to this Notification and this…
Russian hackers known as the “sandworm” team hacked through NATO’s Microsoft computers. It is believed Russian hackers are backed by the government to obtain information on Ukraine and other areas of interest. “This is consistent with espionage activity,” said iSight Senior Director…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.