Info collector

Recent Vulnerabilities

Internet Information Services (IIS) 6.0 Vulnerability

By on April 3, 2017 in Recent Vulnerabilities

Original release date: March 30, 2017 US-CERT is aware of active exploitation of a vulnerability in Windows Server 2003 Operating System Internet Information Services (IIS) 6.0.¬†Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.¬† On June 15, 2015, Microsoft ended support for Windows Server 2003 Operating System, which […]

Continue Reading »

Google Releases Security Updates for Chrome

By on April 3, 2017 in Recent Vulnerabilities

Original release date: March 30, 2017 Google has released Chrome version 57.0.2987.133 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases¬†page and apply the necessary updates. This product is provided […]

Continue Reading »

Apple Releases Security Update for iTunes

By on March 26, 2017 in Recent Vulnerabilities

Original release date: March 24, 2017 Apple has released a security update for Apple iTunes to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review information on iTunes 12.6 and apply the necessary update. This product is provided […]

Continue Reading »

Aviation Phishing Scams

By on March 26, 2017 in Recent Vulnerabilities

Original release date: March 23, 2017 US-CERT has received reports of email-based phishing campaigns targeting airline consumers. Systems infected through phishing campaigns act as an entry point for attackers to gain access to sensitive business or personal information. US-CERT encourages users and administrators to review an airline Security Advisory and US-CERT’s Security Tip ST04-014 for […]

Continue Reading »

OpenSSL Releases Security Update

By on February 20, 2017 in Recent Vulnerabilities

Original release date: February 16, 2017 OpenSSL version 1.1.0e has been released to address a vulnerability for users of version 1.1.0. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary update. This product is provided […]

Continue Reading »

Cisco Releases Security Updates for Multiple Products

By on October 28, 2016 in Recent Vulnerabilities

Original release date: October 26, 2016 Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates: Identity Services Engine SQL Injection […]

Continue Reading »

Adobe Releases Security Update

By on October 28, 2016 in Recent Vulnerabilities

Original release date: October 26, 2016 Adobe has released a security update to address a vulnerability in Flash Player. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Adobe Security Bulletin APSB16-36 and apply the necessary update. This product is provided […]

Continue Reading »

Joomla! Releases Security Update for CMS

By on October 28, 2016 in Recent Vulnerabilities

Original release date: October 25, 2016 Joomla! has released version 3.6.4 of its Content Management System (CMS) software to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the Joomla! Release News and US-CERT’s Alert on […]

Continue Reading »

Week Four of National Cyber Security Awareness Month

By on October 28, 2016 in Recent Vulnerabilities

Original release date: October 25, 2016 In partnership with DHS, the National Cyber Security Alliance has released information on Navigating Your Continuously Connected Life which examines our future using Internet of Things (IoT) devices. The #CyberAware Tip of the Week details the infographic on the growing IoT and provides safe computing practices to help you stay […]

Continue Reading »

FTC Releases Data Breach Recovery and Prevention Video

By on September 22, 2016 in Recent Vulnerabilities

Original release date: September 22, 2016 The Federal Trade Commission (FTC) has released a step-by-step video to users whose personal information may have been exposed in a data breach. This video provides instruction on how to report an incident and develop a personal recovery plan after a data breach has occurred. US-CERT encourages users to […]

Continue Reading »

Top