Security Bulletins

Subscribe to Security Bulletins feed
Updated: 1 hour 12 min ago

Canadian Centre for Cyber Security Releases Advisory on Fileless Malware

Thu, 07/18/2019 - 17:57
Original release date: July 18, 2019

The Canadian Centre for Cyber Security (CCCS) has released an advisory on an Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such as credentials and keystrokes, and obtain other sensitive data.
 

Read more

Categories: Tech

WaterISAC Releases Cybersecurity Fundamentals

Wed, 07/17/2019 - 18:10
Original release date: July 17, 2019

The Water Information Sharing and Analysis Center (WaterISAC) recently released an updated cybersecurity fundamentals guide for water and wastewater utilities. The guide includes cybersecurity best practices, grouped into 15 categories, to help sector utilities reduce exploitable weaknesses and attacks. WaterISAC is a CISA partner focused on protecting Water and Wastewater Systems Sector utilities from all hazards.

Read more

Categories: Tech

Drupal Releases Security Update

Wed, 07/17/2019 - 12:20
Original release date: July 17, 2019

Drupal has released a security update to address a vulnerability in Drupal Core. An attacker could exploit this vulnerability to take control of an affected website.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Drupal’s security advisory SA-CORE-2019-008 and apply the necessary update.
 

Read more

Categories: Tech

Cisco Releases Security Updates for Multiple Products

Wed, 07/17/2019 - 12:15
Original release date: July 17, 2019

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following advisories and apply the necessary updates:

Read more

Categories: Tech

NCSC Releases 2019 Active Cyber Defence Report

Tue, 07/16/2019 - 17:27
Original release date: July 16, 2019

The United Kingdom’s National Cyber Security Centre (NCSC) has released their 2019 Active Cyber Defence (ACD) report, which provides an analysis of program outcomes throughout 2018. NCSC’s ACD program—stood up in 2016—seeks to reduce harm from commodity cyberattacks against the United Kingdom.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review NCSC’s report for more information.

Read more

Categories: Tech

Microsoft Releases Security Updates for PowerShell Core

Tue, 07/16/2019 - 16:25
Original release date: July 16, 2019

Microsoft has released updates to address a vulnerability in PowerShell Core versions 6.1 and 6.2. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary updates.

Read more

Categories: Tech

Oracle Releases July 2019 Security Bulletin

Tue, 07/16/2019 - 16:12
Original release date: July 16, 2019

Oracle has released its Critical Patch Update for July 2019 to address 319 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle July 2019 Critical Patch Update and apply the necessary updates.

Read more

Categories: Tech

DHS Webinar: Cybersecurity Threats to the Healthcare Sector

Tue, 07/16/2019 - 15:55
Original release date: July 16, 2019

The Department of Homeland Security (DHS) and the American Hospital Association (AHA) are conducting a webinar focused on current cybersecurity threats to the healthcare sector. The webinar will be held on Wednesday, July 17, 2019, at 1 p.m. ET.

Read more

Categories: Tech

IRS Releases Six Cybersecurity Safeguards

Tue, 07/16/2019 - 13:46
Original release date: July 16, 2019

The Internal Revenue Service (IRS) has issued a news release outlining six cybersecurity safeguards to protect computers, email, and sensitive data. The recommendations are part of the Taxes. Security. Together. Checklist, which the IRS created to help tax professionals protect sensitive taxpayer data.

Read more

Categories: Tech

Google Releases Security Updates for Chrome

Mon, 07/15/2019 - 15:55
Original release date: July 15, 2019

Google has released Chrome 75.0.3770.142 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

Read more

Categories: Tech

Vulnerability Summary for the Week of July 8, 2019

Mon, 07/15/2019 - 03:26
Original release date: July 15, 2019

 

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit the NIST NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

Read more

Categories: Tech

NCSC Releases Advisory on Ongoing DNS Hijacking Campaign

Fri, 07/12/2019 - 18:44
Original release date: July 12, 2019

The United Kingdom’s National Cyber Security Centre (NCSC) has released an advisory about an ongoing Domain Name System (DNS) hijacking campaign. The advisory details risks and mitigations for organizations to defend against this campaign, in which attackers use compromised credentials to modify the location to which an organization’s domain name resources resolve to redirect users, obtain sensitive information, and cause man-in-the-middle attacks.

Read more

Categories: Tech

Atlassian Releases Security Updates for Jira

Thu, 07/11/2019 - 15:27
Original release date: July 11, 2019

Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system.

Read more

Categories: Tech

Microsoft Releases July 2019 Security Updates

Tue, 07/09/2019 - 12:38
Original release date: July 9, 2019

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Read more

Categories: Tech

Intel Releases Security Updates

Tue, 07/09/2019 - 10:54
Original release date: July 9, 2019

Intel has released security updates to address vulnerabilities in Intel Solid State Drives for Data Centers and Intel Processor Diagnostic Tool. An attacker could exploit these vulnerabilities to gain an escalation of privileges on a previously infected machine.

Read more

Categories: Tech

Mozilla Releases Security Updates for Firefox and Firefox ESR

Tue, 07/09/2019 - 09:41
Original release date: July 9, 2019

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

Read more

Categories: Tech

Adobe Releases Security Updates

Tue, 07/09/2019 - 09:32
Original release date: July 9, 2019

Adobe has released security updates to address vulnerabilities affecting Bridge CC, Experience Manager, and Dreamweaver. An attacker could exploit one of these vulnerabilities to take control of an affected system.

Read more

Categories: Tech

Privacy and Mobile Device Apps

Tue, 07/09/2019 - 05:59
Original release date: July 9, 2019

Read more

Categories: Tech

U.S. Coast Guard Releases Cybersecurity Measures for Commercial Vessels

Mon, 07/08/2019 - 18:07
Original release date: July 8, 2019

The U.S. Coast Guard has released a Safety Alert with recommended cybersecurity best practices for commercial vessels. With a dynamic cybersecurity threat landscape and growing reliance on technology to support vessels, the maritime community can help strengthen their defenses by implementing the following basic cybersecurity measures:

Read more

Categories: Tech

Vulnerability Summary for the Week of July 1, 2019

Mon, 07/08/2019 - 03:34
Original release date: July 8, 2019

The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

Read more

Categories: Tech

Pages

© 2000-2019 Systems By....