Original release date: April 30, 2015 US-CERT warns users of potential email scams citing the earthquake in Nepal. The scam emails may contain links or attachments that may direct users to phishing or malware infected websites. Phishing emails and websites requesting donations for fraudulent…
Original release date: April 29, 2015 Google has released Chrome version 42.0.2311.135 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and…
Original release date: April 27, 2015 WordPress 4.2 and prior versions contain critical cross-site scripting vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the WordPress…
The FBI issued a warning about passengers using in-flight wifi to hack into the plane’s systems. “Although the media claims remain theoretical and unproven, the media publicity associated with these statements may encourage actors to use the described intrusion methods,” the alert notes.…
Original release date: April 23, 2015 WordPress 4.1.2 has been released to address multiple vulnerabilities, one of which could allow a site to be compromised by a remote attacker. WordPress 4.1.1 and earlier are affected by this vulnerability. US-CERT recommends users and administrators review the…
Original release date: April 21, 2015 The Internet Crime Complaint Center (IC3) has issued an alert warning that law enforcement personnel and public officials may be at an increased risk of cyber attacks. Doxing—the act of gathering and publishing individuals’ personal information without…
Original release date: April 21, 2015 The Mozilla Foundation has released Firefox 37.0.2 to address a vulnerability that may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Firefox Security Advisory and apply the necessary…
Original release date: April 15, 2015 | Last revised: April 16, 2015 Oracle has released security fixes to address 98 vulnerabilities as part of its quarterly Critical Patch Update. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users…
Original release date: April 15, 2015 Google has released Chrome 42.0.2311.90 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators…
Original release date: April 15, 2015 Adobe has released three security updates to address multiple vulnerabilities in Flash Player, ColdFusion, and Flex. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system, or lead to a reflected…
Original release date: April 14, 2015 Microsoft has released eleven updates to address vulnerabilities in Microsoft Windows. Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, information disclosure, or security feature bypass. US-CERT…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.