Tuesday, May 21, 2019

Staying Cyber Safe During Memorial Day

Original release date: May 20, 2019As Memorial Day approaches, the Cybersecurity and Infrastructure Security Agency (CISA) reminds users to stay cyber safe. Users should be cautious of potential scams, such as unsolicited emails that contain malicious links or attachments...

SB19-140: Vulnerability Summary for the Week of May 13, 2019

Original release date: May 20, 2019 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD...

Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability

Original release date: May 16, 2019Microsoft has released security updates to address a remote code execution vulnerability in the following in-support and out-of-support systems:In-support systems: Windows 7, Windows Server 2008 R2, and Windows Server 2008Out-of-support systems: Windows 2003 and...

Cisco Releases Security Updates for Multiple Products

Original release date: May 15, 2019Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA)...

VMware Releases Security Updates

Original release date: May 14, 2019VMware has released security updates to address vulnerabilities in vCenter Server, ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security...

Adobe Releases Security Updates

Original release date: May 14, 2019Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages users...

Microsoft Releases May 2019 Security Updates

Original release date: May 14, 2019Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages...

Intel Releases Security Updates, Mitigations for Multiple Products

Original release date: May 14, 2019Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA)...

Samba Releases Security Updates

Original release date: May 14, 2019The Samba Team has released security updates to address a vulnerability in Samba. An attacker could exploit this vulnerability take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and...

Facebook Releases Security Advisory for WhatsApp

Original release date: May 14, 2019Facebook has released a security advisory to address a vulnerability in WhatsApp. A remote attacker could exploit this vulnerability to take control of an affected device.The Cybersecurity and Infrastructure Security Agency (CISA) encourages users...

Apple Releases Multiple Security Updates

Original release date: May 14, 2019Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages...

Cisco Releases Security Updates

Original release date: May 13, 2019Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA)...

AR19-133A: Microsoft Office 365 Security Observations

Original release date: May 13, 2019Summary As the number of organizations migrating email services to Microsoft Office 365 (O365) and other cloud services increases, the use of third-party companies that move organizations to the cloud is...

SB19-133: Vulnerability Summary for the Week of May 6, 2019

Original release date: May 13, 2019 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD...

North Korean Malicious Cyber Activity

Original release date: May 09, 2019The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified a malware variant—referred to as ELECTRICFISH—used by the North Korean government. The U.S. Government refers to malicious cyber activity...

AR19-129A: MAR-10135536-21 – North Korean Tunneling Tool: ELECTRICFISH

Original release date: May 09, 2019Description NotificationThis report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse...

Drupal Releases Security Update

Original release date: May 09, 2019Drupal has released a security update to address a vulnerability in Drupal Core. A remote attacker could exploit this vulnerability to take control of an affected website.The Cybersecurity and Infrastructure Security Agency (CISA) encourages...

Cisco Releases Security Update for Elastic Services Controller

Original release date: May 07, 2019Cisco has released a security update to address a vulnerability in Cisco Elastic Services Controller. A remote attacker could exploit this vulnerability to take control of an affected system.The Cybersecurity and Infrastructure Security Agency...

SB19-126: Vulnerability Summary for the Week of April 29, 2019

Original release date: May 06, 2019 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD...

PrinterLogic Print Management Software Vulnerabilities

Original release date: May 05, 2019The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting PrinterLogic Print Management Software. A remote attacker could exploit these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency...

Rats leave the sinking ship as hackers’ forum gets hacked

The OGUsers forum, which trades in hijacked social accounts, has been hacked, its hard drives wiped, and its user database published online.
The Register

iPhone gyroscopes, of all things, can uniquely ID handsets on anything earlier than iOS 12.2

Cheapskate fandroids get a pass on this one, though Your iPhone can be uniquely fingerprinted by apps and websites in a way that you can never clear. Not by deleting cookies, not by clearing your cache, not even by...
Bruce Schneier

How Technology and Politics Are Changing Spycraft

Interesting article about how traditional nation-based spycraft is changing. Basically, the Internet makes it increasingly possible to generate a good cover story; cell phone and other electronic surveillance techniques make tracking people easier; and machine learning will make all...

DDoS Attacks on the Rise After Long Period of Decline

DDoS Attacks on the Rise After Long Period of DeclineThe number of DDoS attacks increased by 84% in the first quarter of 2019 compared to Q4 2018, according to new research from Kaspersky Lab. The global cybersecurity company’s findings, detailed...
SecurityWeek

Awareness Training Firm KnowBe4 Acquires Awareness Measurement Firm CLTRe

Tampa Bay, FL-based security awareness and simulated phishing firm KnowBe4 has acquired Oslo, Norway-based security culture measurement company CLTRe for an undisclosed sum. read more