Canadian Centre for Cyber Security Releases Advisory on Fileless Malware
Original release date: July 18, 2019The Canadian Centre for Cyber Security (CCCS) has released an advisory on an Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless...
WaterISAC Releases Cybersecurity Fundamentals
Original release date: July 17, 2019The Water Information Sharing and Analysis Center (WaterISAC) recently released an updated cybersecurity fundamentals guide for water and wastewater utilities. The guide includes cybersecurity best practices, grouped into 15 categories, to help sector utilities...
Drupal Releases Security Update
Original release date: July 17, 2019Drupal has released a security update to address a vulnerability in Drupal Core. An attacker could exploit this vulnerability to take control of an affected website.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users...
NCSC Releases 2019 Active Cyber Defence Report
Original release date: July 16, 2019The United Kingdom’s National Cyber Security Centre (NCSC) has released their 2019 Active Cyber Defence (ACD) report, which provides an analysis of program outcomes throughout 2018. NCSC’s ACD program—stood up in 2016—seeks to reduce...
Microsoft Releases Security Updates for PowerShell Core
Original release date: July 16, 2019Microsoft has released updates to address a vulnerability in PowerShell Core versions 6.1 and 6.2. An attacker could exploit this vulnerability to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA)...
Oracle Releases July 2019 Security Bulletin
Original release date: July 16, 2019Oracle has released its Critical Patch Update for July 2019 to address 319 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity...
DHS Webinar: Cybersecurity Threats to the Healthcare Sector
Original release date: July 16, 2019The Department of Homeland Security (DHS) and the American Hospital Association (AHA) are conducting a webinar focused on current cybersecurity threats to the healthcare sector. The webinar will be held on Wednesday, July 17,...
IRS Releases Six Cybersecurity Safeguards
Original release date: July 16, 2019The Internal Revenue Service (IRS) has issued a news release outlining six cybersecurity safeguards to protect computers, email, and sensitive data. The recommendations are part of the Taxes. Security. Together. Checklist, which the IRS...
Google Releases Security Updates for Chrome
Original release date: July 15, 2019Google has released Chrome 75.0.3770.142 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages...
Vulnerability Summary for the Week of July 8, 2019
Original release date: July 15, 2019
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit the NIST NVD...
NCSC Releases Advisory on Ongoing DNS Hijacking Campaign
Original release date: July 12, 2019The United Kingdom’s National Cyber Security Centre (NCSC) has released an advisory about an ongoing Domain Name System (DNS) hijacking campaign. The advisory details risks and mitigations for organizations to defend against this campaign,...
Atlassian Releases Security Updates for Jira
Original release date: July 11, 2019Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system.
The Cybersecurity and Infrastructure Security...
Juniper Networks Releases Multiple Security Updates
Original release date: July 10, 2019Juniper Networks has released security updates to address multiple vulnerabilities in various products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency...
Microsoft Releases July 2019 Security Updates
Original release date: July 9, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages...
Intel Releases Security Updates
Original release date: July 9, 2019<br/><p>Intel has released security updates to address vulnerabilities in Intel Solid State Drives for Data Centers and Intel Processor Diagnostic Tool. An attacker could exploit these vulnerabilities to gain an escalation of privileges on...
Adobe Releases Security Updates
Original release date: July 9, 2019Adobe has released security updates to address vulnerabilities affecting Bridge CC, Experience Manager, and Dreamweaver. An attacker could exploit one of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security...
Privacy and Mobile Device Apps
Original release date: July 9, 2019What are the risks associated with mobile device apps?
Applications (apps) on your smartphone or other mobile devices can be convenient tools to access the news, get directions, pick up a ride share, or play...
U.S. Coast Guard Releases Cybersecurity Measures for Commercial Vessels
Original release date: July 8, 2019The U.S. Coast Guard has released a Safety Alert with recommended cybersecurity best practices for commercial vessels. With a dynamic cybersecurity threat landscape and growing reliance on technology to support vessels, the maritime community...
Vulnerability Summary for the Week of July 1, 2019
Original release date: July 8, 2019The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet...
ACSC Releases Updated Essential Eight Maturity Model
Original release date: July 5, 2019The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight—ACSC’s list of the top...
Cisco Patches Critical Flaw in Vision Dynamic Signage Director
Cisco this week released a security patch for the Vision Dynamic Signage Director, to address a Critical vulnerability that could allow attackers to execute arbitrary actions on the local system.
Tracked as CVE-2019-1917, the vulnerability was found in the REST...
The Great Hack: the film that goes behind the scenes of the Facebook data scandal
This week, a Netflix documentary on Cambridge Analytica sheds light on one of the most complex scandals of our time. Carole Cadwalladr, who broke the story and appears in the film, looks at the fallout – and finds ‘surveillance...
Scotland Yard Twitter and Emails Hacked
London's Metropolitan Police apologised Saturday after its Twitter, emails and news pages were targeted by hackers and began pumping out a series of bizarre messages.
read more
Browser Extensions Scraped Data From Millions of People
Slack passwords, NSO spyware, and more of the week's top security news.
Hackers breach FSB contractor, expose Tor deanonymization project and more
SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.
