New version of OpenSSL to address critical vulnerability out soon

OpenSSL update due soonThe OpenSSL Project team announced on Monday the 6th of July that OpenSSL versions 1.0.2d and 1.0.1p will be released shortly to address a serious security bug.  According to the developers of the popular open-source toolkit for SSL/TLS, OpenSSL 1.0.2d and 1.0.1p will be released on Thursday, July 9, and they will fix a single high severity vulnerability. […]

Information Security

IC3 Issues Internet Crime Report for 2014

Original release date: May 22, 2015 The Internet Crime Complaint Center (IC3) has released its Internet Crime Report for 2014, indicating that scams relating to social media — including doxing, click-jacking, and pharming — have increased substantially over the past five years. US-CERT encourages users to review the IC3 Alert for details and refer to Read more about IC3 Issues Internet Crime Report for 2014[…]

Information Security

Google Releases Security Update for Chrome

Original release date: May 19, 2015 Google has released Chrome version 43.0.2357.65 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Google Chrome blog entry and apply the necessary Read more about Google Releases Security Update for Chrome[…]

Information Security

Cisco Releases Security Advisories for TelePresence Products

Original release date: May 14, 2015 Cisco has released two security advisories to address multiple vulnerabilities in TelePresence products. Successful exploitation could allow an attacker to bypass system authentication, execute arbitrary code with elevated privileges, or cause a denial-of-service condition. Users and administrators are encouraged to review Cisco Advisories cisco-sa-20150513-tc and cisco-sa-20150513-tp and apply the Read more about Cisco Releases Security Advisories for TelePresence Products[…]

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Original release date: May 12, 2015 The Mozilla Foundation has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. Exploitation of one of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition or steal sensitive information. Available updates include: Firefox 38 Firefox ESR 31.7 Thunderbird 31.7 US-CERT encourages users Read more about Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird[…]

Information Security

Adobe Releases Security Updates for Flash Player, Reader, and Acrobat

Original release date: May 12, 2015 Adobe has released security updates to address multiple vulnerabilities in Flash Player, Reader, and Acrobat. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB15-09 and APSB15-10 and apply the Read more about Adobe Releases Security Updates for Flash Player, Reader, and Acrobat[…]

Information Security

Microsoft Releases May 2015 Security Bulletin

Original release date: May 12, 2015 Microsoft has released 13 updates to address vulnerabilities in Microsoft Windows. Some of these vulnerabilities could allow elevation of privilege, denial of service, remote code execution, information disclosure, or security feature bypass. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-043 – MS15-055 and apply the necessary Read more about Microsoft Releases May 2015 Security Bulletin[…]

Information Security

Cisco UCS Central Software Vulnerability

Original release date: May 08, 2015 Cisco has released a security advisory to address a vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Cisco Security Advisory Read more about Cisco UCS Central Software Vulnerability[…]

WordPress Security and Maintenance Release

Original release date: May 07, 2015 WordPress 4.2 and prior versions contain critical cross-site scripting vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website. Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade to WordPress 4.2.2. This product is provided subject Read more about WordPress Security and Maintenance Release[…]

Information Security

Apple Releases Security Updates for Safari

Original release date: May 07, 2015 Apple has released security updates for Safari to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of the affected system. Available updates include: Safari 8.0.6 for OS X Yosemite v10.10.3 Safari 7.1.6 for OS X Mavericks v10.9.5 Safari 6.2.6 for Read more about Apple Releases Security Updates for Safari[…]