Security

Original release date: February 15, 2019 VMware has released security updates to address a vulnerability affecting multiple VMware products. An attacker could exploit this vulnerability to take control of an affected system.   The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0001 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2tpJMFG via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the US-CERT […]

Original release date: February 14, 2019 Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.5.1 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2GI8lFv via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by or affiliation […]

Original release date: February 12, 2019 Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Mozilla Security Advisories for Firefox 65.0.1 and Firefox ESR 60.5.1 and apply the necessary updates.  This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2N7d5G8 via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This […]

Original release date: February 12, 2019 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Microsoft’s February 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2Stlr0p via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided […]

Original release date: February 12, 2019 The Federal Trade Commission (FTC) has released an article addressing a rise in reports of internet romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. Use caution when online dating, and never send money or gifts to someone you have not met in person. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users to review FTC’s article on Romance Scams and NCCIC’s tip on Staying Safe on Social Networking Sites. If you […]

Original release date: February 12, 2019 Cisco has released a security update to address a vulnerability in Network Assurance Engine. An attacker could exploit this vulnerability to obtain sensitive information. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Cisco Security Advisory and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2BtPZ7O via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an […]

Original release date: February 12, 2019 Adobe has released security updates to address vulnerabilities affecting Adobe Flash Player, Acrobat and Reader, ColdFusion, and Creative Cloud Desktop Application. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Adobe Security Bulletins, APSB19-06, APSB19-07, APSB19-10, and APSB19-11, and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2E8NUjp via US-CERT Current […]

Original release date: February 12, 2019 The Cybersecurity and Infrastructure Security Agency (CISA) has added an additional session to the virtual awareness briefing on Chinese malicious cyber activity targeting managed service providers. The briefing will be held on Thursday, February 14, 2019, from 1-2 p.m. ET. The briefing will provide a background on the identified cyber activity and mitigation techniques. Click here to register. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2Dxd9dS via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does […]

Original release date: February 11, 2019 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a vulnerability affecting several open-source container management systems that leverage runc. NCCIC encourages users and administrators to review the runc security advisory, and the RedHat and Amazon Web Services blogs; and refer to OS and application vendors for mitigations and updates as they become available. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2GmFkjd via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is […]

Original release date: February 07, 2019 Apple has released security updates to address vulnerabilities in multiple products, including the recently discovered FaceTime vulnerability. An attacker could exploit some of these vulnerabilities to take control of an affected system.   The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates: Shortcuts 2.1.3 for iOS macOS Mojave 10.14.3 Supplemental Update iOS 12.1.4 This product is provided subject to this Notification and this Privacy & Use policy. from […]