Original release date: January 30, 2015 Overview Throughout the year, scam artists pose as legitimate entities—such as the Internal Revenue Service (IRS), other government agencies, and financial institutions—in an attempt to defraud taxpayers. They employ…
Original release date: January 27, 2015 Apple has released security updates for OS X, Safari, iOS and Apple TV to address multiple vulnerabilities, one of which could allow a remote attacker to take control of an affected system. Updates available include: OS X v10.10.2 and Security Update 2015-001…
Original release date: January 27, 2015 | Last revised: January 28, 2015 The Linux GNU C Library (glibc) versions prior to 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of…
Original release date: January 26, 2015 Adobe has released Flash Player desktop version 16.0.0.296 to address a critical vulnerability ( CVE-2015-0311 ) in 16.0.0.287 and earlier versions for Windows and Macintosh. This vulnerability could allow an attacker to take control of the affected system.…
Original release date: January 24, 2015 The Internet Crime Complaint Center (IC3) has released an alert warning companies of a sophisticated wire payment scam dubbed the Business E-mail Compromise. Scammers use fraudulent information to trick companies into directing financial transactions into…
Original release date: January 23, 2015 The FBI has released an article addressing ransomware campaigns that use intimidating messages claiming to be from the FBI or other government agencies. Scam operators use ransomware – a type of malicious software – to infect a computer and restrict access…
Original release date: January 23, 2015 Google has released Chrome 40.0.2214.91 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial of service condition or obtain personal information. US-CERT encourages…
Original release date: January 22, 2015 Adobe has released security updates to address a vulnerability in Flash Player, which could potentially allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-02 and apply…
Original release date: January 20, 2015 Oracle has released its Critical Patch Update for January 2015 to address 169 vulnerabilities across multiple products. This update contains the following security fixes: 8 for Oracle Database Server 36 for Oracle Fusion Middleware 10 for Oracle Enterprise…
Original release date: January 20, 2015 Ubuntu has released security updates to address multiple vulnerabilities affecting Ubuntu 10.04 LTS, 12.04 LTS, 14.04 LTS, and 14.10. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service or execute arbitrary code. Users and…
Original release date: January 15, 2015 US-CERT is aware of a phishing campaign purporting to come from a U.S. Federal Government Agency. The phishing emails reference the Affordable Care Act in the subject and claim to direct users to health coverage information, but instead direct them to sites…
Who is held accountable for the Sony network hack? According to Homeland Security, the FTC and other government agencies — Sony. Sony is responsible for the personal data stored on their servers. A former employee currently involved in a class-action suit against Sony said, “The real problem…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.