Feed aggregator

VMware Releases Security Updates

Feb 15, 2019

Original release date: February 15, 2019 VMware has released security updates to address a vulnerability affecting multiple VMware products. An attacker could exploit this vulnerability to take control of an affected system.  The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0001 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Mozilla Releases Security Update for Thunderbird

Feb 14, 2019

Original release date: February 14, 2019 Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.5.1 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Mozilla Releases Security Updates for Firefox

Feb 12, 2019

Original release date: February 12, 2019 Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Mozilla Security Advisories for Firefox 65.0.1 and Firefox ESR 60.5.1 and apply the necessary updates.  This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Microsoft Releases February 2019 Security Updates

Feb 12, 2019

Original release date: February 12, 2019 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Microsoft's February 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Internet Romance Scams

Feb 12, 2019

Original release date: February 12, 2019 The Federal Trade Commission (FTC) has released an article addressing a rise in reports of internet romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. Use caution when online dating, and never send money or gifts to someone you have not met in person.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users to review FTC’s article on Romance Scams and NCCIC’s tip on Staying Safe on Social Networking Sites. If you think you have been a target of a romance scam, file a report withthe online dating site,the Federal Trade Commission, andthe Federal Bureau of Investigation's Internet Crime Complaint Center. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Cisco Releases Security Update

Feb 12, 2019

Original release date: February 12, 2019 Cisco has released a security update to address a vulnerability in Network Assurance Engine. An attacker could exploit this vulnerability to obtain sensitive information.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Cisco Security Advisory and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Adobe Releases Security Updates

Feb 12, 2019

Original release date: February 12, 2019 Adobe has released security updates to address vulnerabilities affecting Adobe Flash Player, Acrobat and Reader, ColdFusion, and Creative Cloud Desktop Application. An attacker could exploit some of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Adobe Security Bulletins, APSB19-06, APSB19-07, APSB19-10, and APSB19-11, and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

New Session Added: CISA Awareness Briefing on Chinese Malicious Cyber Activity

Feb 12, 2019

Original release date: February 12, 2019 The Cybersecurity and Infrastructure Security Agency (CISA) has added an additional session to the virtual awareness briefing on Chinese malicious cyber activity targeting managed service providers. The briefing will be held on Thursday, February 14, 2019, from 1-2 p.m. ET. The briefing will provide a background on the identified cyber activity and mitigation techniques. Click here to register. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Securely Disposing Mobile Devices

Feb 11, 2019

Do you plan on giving away or selling one of your older mobile devices? Make sure you wipe or reset your device before disposing of it. If you don't, the next person who owns it will have access to all of your accounts and personal information.

Continue Reading ›

runc Open-Source Container Vulnerability

Feb 11, 2019

Original release date: February 11, 2019 The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a vulnerability affecting several open-source container management systems that leverage runc.NCCIC encourages users and administrators to review the runc security advisory, and the RedHat and Amazon Web Services blogs; and refer to OS and application vendors for mitigations and updates as they become available. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Apple Releases Multiple Security Updates

Feb 7, 2019

Original release date: February 07, 2019 Apple has released security updates to address vulnerabilities in multiple products, including the recently discovered FaceTime vulnerability. An attacker could exploit some of these vulnerabilities to take control of an affected system.  The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:Shortcuts 2.1.3 for iOSmacOS Mojave 10.14.3 Supplemental UpdateiOS 12.1.4 This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Microsoft Releases Security Advisory for Exchange Server

Feb 5, 2019

Original release date: February 05, 2019 Microsoft has released an advisory to address an elevation of privilege vulnerability in Microsoft Exchange Server. An attacker could exploit this vulnerability to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Microsoft Security Advisory and the CERT Coordination Center's Vulnerability Note VU#465632 and consider the workarounds until an update is available. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Marvell Avastar Wi-Fi Vulnerability

Feb 5, 2019

Original release date: February 05, 2019 The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Marvell Avastar wireless system on chip (SoC) models. An attacker could exploit this vulnerability to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Note VU#730261 for more information and refer to vendors for appropriate updates, when available. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

NSA Releases Updated Guidance on Side-Channel Vulnerabilities

Feb 1, 2019

Original release date: February 01, 2019 The National Security Agency (NSA) has released updated information on a set of side-channel vulnerabilities affecting modern computer processors. An attacker can exploit these vulnerabilities to obtain sensitive information.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the NSA Cybersecurity Advisory on Updated Guidance for Vulnerabilities Affecting Modern Processors and Hardware and Firmware Security Guidance GitHub website for more information and updated mitigations. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Back up Your Files

Jan 31, 2019

Eventually, we all have an accident or get hacked. And when we do, backups are often the only way to recover. Backups are cheap and easy; make sure you are backing up all of your personal information (such as family photos) on a regular basis.

Continue Reading ›

NCCIC Awareness Briefing on Chinese Malicious Cyber Activity

Jan 30, 2019

Original release date: January 30, 2019 The Cybersecurity and Infrastructure Security Agency (CISA) will conduct a series of virtual awareness briefings on Chinese malicious cyber activity targeting managed service providers (MSPs). Briefings will be held from 1–2 p.m. ET on the dates listed below:Wednesday, February 6Friday, February 22CISA encourages MSPs and their customers to register for the briefing by clicking on one of the dates listed above. The briefing will provide a background on the identified cyber activity and mitigation techniques.    This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

MS-ISAC Releases Advisory on DNS Flag Day

Jan 30, 2019

Original release date: January 30, 2019 The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released an alert on Domain Name System (DNS) Flag Day, which is Friday, February 1, 2019. On DNS Flag Day, DNS software and service providers will roll out updates to remove workarounds that allow users to bypass the Extension Mechanisms Protocol for DNS (EDNS). While the updates will improve DNS operations, some domains served by DNS servers operating out-of-date software may become unavailable.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review MS-ISAC's Cyber Alert: DNS Flag Day for more information and the DNS Flag Day website to determine whether a domain name will be affected. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Mozilla Releases Security Update for Thunderbird

Jan 30, 2019

Original release date: January 30, 2019 Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit one of these vulnerabilities to take control of an affected system.The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.5 and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Never Try to Fix the Problem When Hacked

Jan 29, 2019

Eventually, we all get hacked. The bad guys are very persistent and we can all make a mistake. If you suspect you have been hacked never try to fix the situation, instead report it right away. If you try to fix the situation, such as paying an online ransom or deleting the infected files, not only could you stil be hacked but you are most likely causing far more harm than good.

Continue Reading ›

Google Releases Security Updates for Chrome

Jan 29, 2019

Original release date: January 29, 2019 Google has released Chrome version 72.0.3626.81 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system.  The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Chrome Releases page and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.

Continue Reading ›

Pages

Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000

Contacts

Did you know?

Stay Safe Online Tips