Tuesday, September 25, 2018

Apple Releases Security Update for macOS Mojave

Original release date: September 24, 2018Apple has released a security update to address multiple vulnerabilities in macOS Mojave 10.14. An attacker could exploit one of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to...

NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices

Original release date: September 24, 2018NCCIC will conduct a series of webinars on protecting enterprise network infrastructure devices over the next two weeks. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below:Monday, September 24Thursday,...

SB18-267: Vulnerability Summary for the Week of September 17, 2018

Original release date: September 24, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD...

Cisco Releases Security Update

Original release date: September 21, 2018Cisco has released a security update to address a vulnerability in Cisco Video Surveillance Manager. A remote attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and administrators to...

ISC Releases Security Advisory for BIND

Original release date: September 19, 2018The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability affecting multiple versions of ISC Berkeley Internet Name Domain (BIND). Under certain conditions, a remote attacker could exploit this vulnerability...

Adobe Releases Security Updates

Original release date: September 19, 2018Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to...

Cisco Releases Security Updates

Original release date: September 19, 2018Cisco has released security updates to address multiple vulnerabilities in Cisco Webex Network Recording Player. A remote attacker could exploit these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to...

NCCIC Webinar Series on Protecting Enterprise Network Infrastructure Devices

Original release date: September 18, 2018NCCIC will conduct a series of webinars on Protecting Enterprise Network Infrastructure Devices over the next two weeks. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below:Monday, September 24Thursday,...

Apple Releases Multiple Security Updates

Original release date: September 17, 2018Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review Apple security...

SB18-260: Vulnerability Summary for the Week of September 10, 2018

Original release date: September 17, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD...

MS-ISAC Releases Advisory on PHP Vulnerabilities

Original release date: September 14, 2018The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an advisory on multiple Hypertext Preprocessor (PHP) vulnerabilities. An attacker could exploit one of these vulnerabilities to take control of an affected system.NCCIC encourages...

Potential Hurricane Florence Phishing Scams

Original release date: September 14, 2018NCCIC warns users to remain vigilant for malicious cyber activity seeking to exploit interest in Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users...

Google Releases Security Update for Chrome

Original release date: September 11, 2018Google has released Chrome version 69.0.3497.92 for Windows, Mac, and Linux. This version addresses vulnerabilities, one of which an attacker could exploit to take control of an affected system.NCCIC encourages users and administrators to...

Microsoft Releases September 2018 Security Updates

Original release date: September 11, 2018Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to review Microsoft's...

Adobe Releases Security Updates

Original release date: September 11, 2018Adobe has released security updates to address vulnerabilities in Adobe Flash Player and ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators to...

SB18-253: Vulnerability Summary for the Week of September 3, 2018

Original release date: September 10, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD...

VMware Releases Security Updates

Original release date: September 06, 2018VMware has released security updates to address vulnerabilities in VMware AirWatch Agent and Content Locker. An attacker could exploit these vulnerabilities to obtain access to sensitive information.NCCIC encourages users and administrators to review the...

Mozilla Releases Security Updates for Firefox

Original release date: September 05, 2018Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages users and administrators...

Cisco Releases Security Updates

Original release date: September 05, 2018Cisco has released updates to address multiple vulnerabilities affecting Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.  NCCIC encourages users and administrators to review the...

Problems with Automatic DNS Registration and Autodiscovery

Original release date: September 05, 2018The CERT Coordination Center (CERT/CC) has released information on problems associated with small office/home office routers using automatic Domain Name System (DNS) registration and autodiscovery. An attacker could exploit these problems to obtain sensitive...

Breach at US Retailer SHEIN Hits Over Six Million Users

Breach at US Retailer SHEIN Hits Over Six Million UsersUS fashion retailer SHEIN has admitted suffering a major breach affecting the personal information of over six million customers. The women’s clothing company revealed at the end of last week that...
The Register

Bug? Feature? Power users baffled as BitLocker update switch-off continues

Microsoft claims issue confined to older kit Three months on, users continue to report that Microsoft's BitLocker disk encryption technology turns itself off during security updates.…
ZDNet

UK issues first-ever GDPR notice in connection to Facebook data scandal

Canadian firm AggregateIQ, linked to the Facebook & Cambridge Analytica data scandal, is the first to be put on notice.
SecurityWeek

Symantec Completes Internal Accounting Investigation

Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements. read more

Are Colleges Teaching Real-World Cyber Security Skills?

The cybersecurity skill shortage is a well-recognized industry challenge, but the problem isn’t that there are too few people rather that many of them lack suitable skills and experience. Cybersecurity is a fast-growing profession, and talented graduates are in...