Avast’s Piriform Releases Security Update for CCleaner

Original release date: September 19, 2017 Piriform, a subsidiary of Avast, has released CCleaner 5.34 and has pushed v1.07.3214 to CCleaner Cloud users. These versions do not contain the Floxif malware found in the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191. Floxif malware collects information from the victim’s system and can download additional malware to the system. US-CERT encourages users and administrators to review the Piriform Security Notification…

September 19, 2017
Read More >>

Apache Releases Security Updates for Apache Tomcat

Original release date: September 19, 2017 The Apache Foundation has released security updates to address vulnerabilities in Apache Tomcat. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected server.  US-CERT encourages users and administrators to review the Apache advisories for CVE-2017-12615 and CVE-2017-12616 for more information and apply the necessary updates. This product is provided subject to this Notification and this Privacy…

September 19, 2017
Read More >>

Potential Phishing Scams Related to Equifax Data Breach

Original release date: September 14, 2017 The Federal Trade Commission (FTC) has released an alert on scams related to the Equifax data breach. FTC warns consumers to be wary of calls or emails purporting to be from Equifax agents. Legitimate Equifax representatives will not contact consumers to ask for verification of their information. US-CERT encourages consumers to report fraudulent calls and emails to the FTC Complaint Assistant and to refer…

September 14, 2017
Read More >>

BlueBorne Bluetooth Vulnerabilities

Original release date: September 12, 2017 US-CERT is aware of a collection of Bluetooth vulnerabilities, known as BlueBorne, potentially affecting millions of unpatched mobile phones, computers, and Internet of Things (IoT) devices. A remote attacker could exploit several of these vulnerabilities to take control of affected devices. US-CERT recommends that users and administrators read Vulnerability Note VU#240311 for more information. This product is provided subject to this Notification and this…

September 13, 2017
Read More >>

Microsoft Releases September 2017 Security Updates

Original release date: September 12, 2017 Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of a system. US-CERT encourages users and administrators to review Microsoft’s September 2017 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. Source: https://www.us-cert.gov

September 13, 2017
Read More >>

Cisco Releases Security Advisory

Original release date: September 11, 2017 Cisco has released an advisory describing an Apache Struts 2 vulnerability potentially affecting multiple Cisco products. A remote attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisory for more information. This product is provided subject to this Notification and this Privacy & Use policy. Source: https://www.us-cert.gov

September 11, 2017
Read More >>

Cisco Releases Security Advisories

Original release date: September 11, 2017 Cisco has released advisories describing Apache Struts 2 vulnerabilities potentially affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisories for more information: Apache Struts 2 Remote Code Execution Vulnerability Affecting Multiple Cisco Products: September 2017 cisco-sa-20170909-struts2-rce Multiple Vulnerabilities in Apache Struts 2 Affecting…

September 11, 2017
Read More >>

Hurricane-Related Scams

Original release date: September 08, 2017 As the peak of the 2017 hurricane season approaches, US-CERT warns users to be watchful for various malicious cyber activity targeting both disaster victims and potential donors. Users should exercise caution when handling emails that relate to recent hurricanes, even if those emails appear to originate from trusted sources. Disaster-related phishing emails may trick users into sharing sensitive information. Such emails could also contain…

September 8, 2017
Read More >>

Apache Software Foundation Releases Security Update

Original release date: September 06, 2017 The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system. US-CERT encourages users and administrators to review the Apache Security Bulletin and upgrade to Struts 2.5.13. This product is provided subject to this Notification and this Privacy & Use policy. Source: https://www.us-cert.gov

September 6, 2017
Read More >>

Beware of Hurricane Harvey Relief Scams

August 29, 2017

U.S. federal agencies are warning citizens anxious to donate money for those victimized by Hurricane Harvey to be especially wary of scam artists. In years past we’ve seen shameless fraudsters stand up fake charities and other bogus relief efforts in a bid to capitalize on public concern over an ongoing disaster. Here are some tips to help ensure sure your aid dollars go directly to those most in need. The Federal Trade…

Read More >>