Thursday, July 19, 2018

Oracle Releases July 2018 Security Bulletin

Original release date: July 17, 2018Oracle has released its Critical Patch Update for July 2018 to address 334 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages...

FTC Issues Alert on Tech Support Scams

Original release date: July 16, 2018The Federal Trade Commission has released an alert on tech support scams. Scammers use pop-up messages, websites, emails, and phone calls to entice users to pay for fraudulent tech support services to repair problems...

SB18-197: Vulnerability Summary for the Week of July 9, 2018

Original release date: July 16, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD...

IC3 Warns of Business Email Compromise Scams

Original release date: July 13, 2018The Internet Crime Complaint Center (IC3) has released an alert on business email compromise scams. This type of scam targets businesses and individuals by using social engineering or computer intrusion to compromise legitimate email...

Juniper Networks Releases Security Updates

Original release date: July 12, 2018Juniper Networks has released security updates to address vulnerabilities affecting multiple Junos OS versions. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to...

ISC Releases Security Advisory for Kea DHCP

Original release date: July 12, 2018The Internet Systems Consortium (ISC) has released a security advisory that addresses a memory leak vulnerability in Kea DHCP 1.4.0. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.  NCCIC encourages...

Cisco Releases Security Updates

Original release date: July 11, 2018Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the following...

Microsoft Releases July 2018 Security Updates

Original release date: July 10, 2018Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review Microsoft’s July...

Adobe Releases Security Updates

Original release date: July 10, 2018Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader, Adobe Flash Player, Adobe Connect, and Adobe Experience Manager. A remote attacker could exploit some of these vulnerabilities to take control...

Apple Releases Multiple Security Updates

Original release date: July 09, 2018Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review Apple security...

SB18-190: Vulnerability Summary for the Week of July 2, 2018

Original release date: July 09, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD...

CIS Releases 2017 Year in Review

Original release date: July 06, 2018The Center for Internet Security (CIS) has released its 2017 Year in Review. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC), an NCCIC partner focused on cyber threat prevention, protection,...

Apple Releases Security Update for Boot Camp

Original release date: July 06, 2018Apple has released a security update to address vulnerabilities in Wi-Fi for Boot Camp 6.4.0. An attacker could exploit these vulnerabilities to obtain access to sensitive information.NCCIC encourages users and administrators to review Apple’s...

Mozilla Releases Security Update for Thunderbird

Original release date: July 03, 2018Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review the...

SB18-183: Vulnerability Summary for the Week of June 25, 2018

Original release date: July 02, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD...

VMware Releases Security Updates

Original release date: June 30, 2018VMware has released security updates to address vulnerabilities in VMware ESXi, Workstation, and Fusion. An attacker could exploit these vulnerabilities to obtain sensitive information.NCCIC encourages users and administrators to review the VMware Security Advisory...

Mozilla Releases Security Updates for Firefox

Original release date: June 26, 2018Mozilla has released security updates to address multiple vulnerabilities in Firefox ESR and Firefox. A remote attacker could exploit some of these vulnerabilities to cause a denial-of-service condition.NCCIC encourages users and administrators to review...

ST18-002: Defending Against Illicit Cryptocurrency Mining Activity

Original release date: June 26, 2018 The popularity of cryptocurrency, a form of digital currency, is rising; Bitcoin, Litecoin, Monero, Ethereum, and Ripple are just a few types of the cryptocurrencies available. Though cryptocurrency is a common topic of conversation,...

SB18-176: Vulnerability Summary for the Week of June 18, 2018

Original release date: June 25, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD...

Global Threats to Information Systems

Original release date: June 21, 2018The advanced capabilities of organized hacker groups and cyber threat actors are an increasing global threat to information systems. Rising threat levels place more demands on cybersecurity personnel and network administrators to protect information...

Privacy Advocates Say Kelsey Smith Act Gives Police Too Much Power

This bill making its way through Congress would allow law enforcement to more easily uncover location data for cell phones from mobile carriers in an emergency.

Financial Industry Insiders Put the Keys to the Kingdom at Risk

Monitoring for Illicit Insider Activity Shouldn’t Focus Exclusively on Dark Web and Criminal Forums read more

Trends in malware – ransomware, cryptojacking, what next? [PODCAST]

Catch up with Day 3 of our Security SOS Week - here's the third episode of our week-long online security summit.

Microsoft offers up to $100,000 to identity bug finders

Want to earn $100,000? You could win as much as that if you manage to uncover a serious vulnerability in Microsoft’s various identity services. Read more in my article on the Hot for Security blog.

Automated money-laundering scheme found in free-to-play games

The scammers automatically created iOS accounts with valid email accounts, then automatically used stolen cards to buy and resell stuff.