Cisco

Cisco patches ASA IKE VPN vulnerability

Cisco has patched a ‘critical’ buffer overflow vulnerability affecting the Internet Key Exchange (IKE) implementation in Cisco ASA.  The company published a security advisory for CVE-2016-1287 on Wednesday the 10th Feb.    The flaw, originally discovered by researchers at Exodus Intelligence, means that the ASA devices connected to the Internet could be completely compromised. […]

Microsoft Releases February 2016 Security Bulletin

Original release date: February 09, 2016 Microsoft has released 13 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS16-009 through MS16-022 and apply the necessary updates. This product Read more about Microsoft Releases February 2016 Security Bulletin[…]

Adobe Releases Security Updates

Original release date: February 09, 2016 Adobe has released security updates to address vulnerabilities in Connect, Experience Manager, Flash Player, and Photoshop CC and Bridge CC. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-07, Read more about Adobe Releases Security Updates[…]

Oracle Releases Security Updates for Java

Original release date: February 08, 2016 Oracle has released security updates to address a vulnerability in Java SE versions 6, 7, and 8 for Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle security alert and apply the Read more about Oracle Releases Security Updates for Java[…]

Comodo Chromodo Browsers Vulnerable to Cross-Domain Attacks

Original release date: February 04, 2016 Some Comodo Chromodo browser versions (45.8.12.392, 45.8.12.391, and possibly earlier) are vulnerable to cross-domain attacks. When a user of a vulnerable Chromodo browser visits a specially crafted web page, an attacker may obtain access to web content from another domain. US-CERT recommends users and administrators review Vulnerability Note VU#305096 Read more about Comodo Chromodo Browsers Vulnerable to Cross-Domain Attacks[…]

Information Security

FTC Announces Enhancements to IdentityTheft.gov

Original release date: January 29, 2016 The Federal Trade Commission (FTC) has upgraded its IdentityTheft.gov site to provide improved help to victims of identity theft. Enhancements include more personalized response plans for consumers, automatic generation of documents to aid in recovery, and better integration of the site with the FTC’s consumer complaint system. Resources are Read more about FTC Announces Enhancements to IdentityTheft.gov[…]

OpenSSL Releases Security Advisory

Original release date: January 28, 2016 OpenSSL versions 1.0.2f and 1.0.1r have been released to address vulnerabilities in prior versions. Exploitation of these vulnerabilities may allow a remote attacker to obtain sensitive information. US-CERT encourages users and administrators to review the OpenSSL Security Advisory and apply the necessary update. For more information, please see Vulnerability Read more about OpenSSL Releases Security Advisory[…]

Cisco

Cisco Releases Security Update

Original release date: January 27, 2016 Cisco has released a security update to address a vulnerability in the web-based management interface of Cisco RV220W Wireless Network Security Firewall devices. Exploitation of this vulnerability could allow a remote attacker to take control of an affected device. Users and administrators are encouraged to review the Cisco Security Read more about Cisco Releases Security Update[…]

IRS Releases Tenth Security Tip

Original release date: January 25, 2016 The Internal Revenue Service (IRS) has released the tenth in a series of tips intended to help the public protect personal and financial data online and at home. This tip describes steps tax preparers can take to protect sensitive information. Recommendations include conducting a full scan of all computer Read more about IRS Releases Tenth Security Tip[…]