Security

Original release date: June 24, 2019 Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher C. Krebs has released a statement in response to the recent rise in malicious cyber activity—including spear phishing and brute force attacks—by Iranian regime actors and proxies. CISA encourages users and administrators to review the CISA Statement on Iranian Cybersecurity Threats and tips and best practices for staying safe online, including the following: •    Avoiding Social Engineering and Phishing Attacks•    Password Spraying — Brute Force Attacks•    Choosing and Protecting Passwords•    Supplementing Passwords  This product is provided subject to this Notification and this Privacy & Use policy. […]

Original release date: June 21, 2019 Dell has released a security advisory to address a vulnerability in Dell SupportAssist software. An attacker could exploit this vulnerability to access sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Dell Security Advisory DSA-2019-084 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2xbug1K via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the US-CERT (DHS)

Original release date: June 20, 2019 Apache has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apache security advisory for CVE-2019-10072 and upgrade to the appropriate version. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2WWr6i2 via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the […]

Original release date: June 20, 2019 Apple releases security updates to address vulnerabilities in AirPort Express, AirPort Extreme, and AirPort Time Capsule wireless routers with 802.11n. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourage users and administrators to review the Apple security page for AirPort Base Station Firmware Update 7.8.1 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2ZECpYL via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is […]

Original release date: June 20, 2019 The CERT Coordination Center (CERT/CC) has released information on TCP networking vulnerabilities affecting Linux and FreeBSD kernels. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC Vulnerability Note VU#905115 for more information and refer to vendors for updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2Rv3iLZ via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement […]

Original release date: June 20, 2019 Microsoft has released an update to address a vulnerability in Outlook for Android. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update.  This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2L43alB via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the US-CERT […]

Original release date: June 20, 2019 Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 67.0.4 and Firefox ESR 60.7.2 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2Zy7z48 via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent […]

Original release date: June 19, 2019 The Internet Systems Consortium (ISC) has released updates that address a vulnerability in versions of ISC Berkeley Internet Name Domain (BIND). A remote attacker could exploit this vulnerability to cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ISC advisory for CVE-2019-6471 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. from US-CERT Current Activity http://bit.ly/2N1uBiu via US-CERT Current Activity http://ift.tt/1Btyqkb Stay safe *”This link is provided for informational purposes only and does not represent […]