Security

Original release date: December 13, 2018 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Agency (CISA), is aware of a worldwide email campaign targeting businesses and organizations with bomb threats. The emails claim that a device will detonate unless a ransom in Bitcoin is paid. If you receive a bomb threat email, NCCIC recommends the following actions: Do not respond or try to contact the sender. Do not pay the ransom. Report the email to the Federal Bureau of Investigation (FBI) Internet Crime Complaint Center or to a local FBI Field Office. This product […]

Original release date: December 13, 2018 WordPress 5.0 and prior versions are affected by multiple vulnerabilities. An attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Agency (CISA), encourages users and administrators to review the WordPress Security Release and upgrade to WordPress 5.0.1. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2UF22ak via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent […]

Original release date: December 12, 2018 Google has released Chrome Version 71.0.3578.98 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Chrome Releases page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2EsxGTA via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only […]

Original release date: December 11, 2018 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to obtain access to sensitive information. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Microsoft’s December 2018 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2Lc7Hk3 via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational […]

Original release date: December 11, 2018 Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Mozilla Security Advisories for Firefox 64 and Firefox ESR 60.4 and apply the necessary updates.   This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2PvyWGD via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by […]

Original release date: December 11, 2018 Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-41 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2EpZ1G7 via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the US-CERT (DHS)

Original release date: December 06, 2018 Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe Flash Player installer. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Adobe Security Bulletin APSB18-42 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2PmONHj via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the US-CERT […]

Original release date: December 05, 2018 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates: iCloud for Windows 7.9 Safari 12.0.2 iTunes 12.9.2 for Windows macOS Mojave 10.14.2, Security Update  2018-003 High Sierra, Security Update 2018-006 Sierra tvOS 12.1.1 iOS 12.1.1 This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2EfFUOL via US-CERT Current […]

Original release date: December 04, 2018 Google has released Chrome version 71.0.3578.80 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2Ug7nF1 via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the US-CERT (DHS)

Original release date: December 04, 2018 The Federal Trade Commission (FTC) has released an alert to provide affected users with recommended precautions against identity theft after the recent breach of the Marriott International Starwood guest reservation database. NCCIC encourages users and administrators to review the FTC Alert and the NCCIC Tip on Preventing and Responding to Identity Theft. If you believe you are a victim of identity theft, visit the FTC’s identity theft website to make a report. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2KSEvhC via US-CERT Current […]