The BBC reports: Several car infotainment systems are vulnerable to a hack attack that could potentially put lives at risk, a leading security company has said. NCC Group said the exploit could be used to seize control of a vehicle’s brakes and other critical systems. The Manchester-based company…
Original release date: July 23, 2015 WordPress 4.2.2 and prior versions contain critical cross-site scripting vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the WordPress…
Original release date: July 23, 2015 Cisco has released security updates to address vulnerabilities in its Application Policy Infrastructure Controller, IOS software, and the Unified MeetingPlace Conferencing products. Exploitation of these vulnerabilities may allow a remote attacker to gain…
Original release date: July 21, 2015 Google has released Chrome version 44.0.2403.89 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system. Users and administrators are encouraged to…
Original release date: July 20, 2015 Microsoft has released a security update to address a critical vulnerability in Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security…
Original release date: July 14, 2015 Oracle has released security fixes to address 193 vulnerabilities as part of its quarterly Critical Patch Update. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are…
Original release date: July 14, 2015 Microsoft has released 14 updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow remote code execution or elevation of privileges. US-CERT encourages users and administrators to review Microsoft Security…
Original release date: July 14, 2015 Adobe has released a security update to address critical vulnerabilities in Shockwave Player for Windows and Macintosh. Exploitation of these vulnerabilities could allow an attacker to take control of an affected system. Users and administrators are encouraged to…
Original release date: July 11, 2015 | Last revised: July 14, 2015 Adobe has released security updates to address critical vulnerabilities within the ActionScript 3 opaqueBackground and BitmapData classes of Flash Player. Exploitation of these vulnerabilities could allow a remote attacker to execute…
Original release date: July 10, 2015 VMware has released security updates to address a host privilege escalation vulnerability in VMware Workstation, Player and Horizon View Client for Windows. Exploitation of this vulnerability may allow an attacker to escalate privileges on an affected VMware…
Original release date: July 09, 2015 OpenSSL has released updates to address a vulnerability that could impact proper certificate verification. A remote attacker could ‘issue’ invalid certificates that pass validation by affected versions. Updates available include: OpenSSL 1.0.2d for…
WASHINGTON, DC — The OPM (Office of Personnel Management) was hacked. In a statement, OPM said: The U.S. Office of Personnel Management (OPM) recently became aware of a cybersecurity incident affecting its systems and data that may have compromised the personal information of current and former…
The IRS announced that criminals used taxpayer-specific data acquired from non-IRS sources to gain unauthorized access to information on approximately 100,000 tax accounts through IRS’ “Get Transcript” application. This data included Social Security information, date of birth and street…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.