Holiday Scams and Malware Campaigns

Original release date: November 16, 2017 US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Emails and ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver attachments infected with malware. Spoofed email messages and phony posts on social networking sites may request support for fraudulent causes. To avoid seasonal campaigns that could result in security breaches, identity theft, or…

November 17, 2017
Read More >>

Oracle Releases Security Alert

Original release date: November 16, 2017 Oracle has released a security alert to address multiple vulnerabilities in Oracle Tuxedo. A remote attacker could exploit these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Oracle Security Alert Advisory and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy. Source: https://www.us-cert.gov

November 17, 2017
Read More >>

Microsoft Releases November 2017 Security Updates

Original release date: November 14, 2017 Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review Microsoft’s November 2017 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy. Source: https://www.us-cert.gov

November 14, 2017
Read More >>

Microsoft Releases Security Advisory on Dynamic Data Exchange (DDE)

Original release date: November 09, 2017 Microsoft has released an advisory that provides guidance on securing Dynamic Data Exchange (DDE) fields in Microsoft Office applications. Exploitation of this protocol may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Microsoft Security Advisory for more information and US-CERT’s Tip on Using Caution with Email Attachments. This product is provided subject to this…

November 9, 2017
Read More >>

Cisco Releases Security Update for IOS XE Software

Original release date: November 03, 2017 Cisco has released a security update to address a vulnerability in its IOS XE software. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy. Source: https://www.us-cert.gov

November 3, 2017
Read More >>

Protecting Critical Infrastructure from Cyber Threats

Original release date: October 31, 2017 October is National Cybersecurity Awareness Month, an annual campaign to raise awareness about cybersecurity. Building resilience in critical infrastructure is crucial to national security. The essential infrastructure systems that support our daily lives—such as electricity, financial institutions, and transportation—must be protected from cyber threats. US-CERT encourages users and administrators to review the following: Your Part in Protecting Critical Infrastructure, Critical Infrastructure Cyber Community Voluntary…

October 31, 2017
Read More >>

Google Releases Security Update for Chrome

Original release date: October 26, 2017 Google has released Chrome version 62.0.3202.75 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to cause a denial-of-service condition. US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy. Source: https://www.us-cert.gov

October 27, 2017
Read More >>

The Internet Wants You: Consider a Career in Cybersecurity

Original release date: October 24, 2017 October is National Cybersecurity Awareness Month, an annual campaign to raise awareness about cybersecurity. The month’s themes educate students and professionals about cybersecurity attack methods, best practices, and preventive measures and are geared toward informing the next generation of cybersecurity professionals. According to a study by the Center for Cyber Safety and Education, by 2022, there will be a shortage of 1.8 million information…

October 24, 2017
Read More >>

IC3 Issues Alert on DDoS Attacks

Original release date: October 17, 2017 The Internet Crime Complaint Center (IC3) has issued an alert on distributed denial-of-service (DDoS)-for-hire services advertised on criminal forums and marketplaces. Using DDoS attacks to prevent legitimate users from accessing websites or information can lead to serious consequences. US-CERT encourages users and administrators to review the IC3 Alert for more information and US-CERT’s Alert on Heightened DDoS Threat Posed by Mirai and Other Botnets….

October 18, 2017
Read More >>