Drupal

Drupal Releases Security Updates

Original release date: February 24, 2016 Drupal has released updates to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. Available updates include: Drupal core 6.38 for 6.x users Drupal core 7.43 for 7.x users Drupal core 8.0.4 for 8.0.x users Users and Read more about Drupal Releases Security Updates[…]

ASUS

FTC Shares Security Tips for ASUS Wireless Routers

Original release date: February 23, 2016 | Last revised: February 24, 2016 The Federal Trade Commission (FTC) has provided network security tips for vulnerable ASUS-branded wireless routers. Major security flaws in these routers may have exposed customers’ sensitive information to malicious actors. FTC urges consumers to download the latest security updates for their routers and Read more about FTC Shares Security Tips for ASUS Wireless Routers[…]

Microsoft Releases Update for EMET

Original release date: February 23, 2016 US-CERT is aware of a vulnerability in Microsoft Enhanced Mitigation Experience Toolkit (EMET) versions prior to 5.5. Exploitation of this vulnerability may allow a remote attacker to bypass or disable EMET to take control of an affected system. US-CERT recommends users and administrators visit the Microsoft Security TechCenter  and Read more about Microsoft Releases Update for EMET[…]

Cisco

Cisco patches ASA IKE VPN vulnerability

Cisco has patched a ‘critical’ buffer overflow vulnerability affecting the Internet Key Exchange (IKE) implementation in Cisco ASA.  The company published a security advisory for CVE-2016-1287 on Wednesday the 10th Feb.    The flaw, originally discovered by researchers at Exodus Intelligence, means that the ASA devices connected to the Internet could be completely compromised. […]

Microsoft Releases February 2016 Security Bulletin

Original release date: February 09, 2016 Microsoft has released 13 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS16-009 through MS16-022 and apply the necessary updates. This product Read more about Microsoft Releases February 2016 Security Bulletin[…]

Adobe Releases Security Updates

Original release date: February 09, 2016 Adobe has released security updates to address vulnerabilities in Connect, Experience Manager, Flash Player, and Photoshop CC and Bridge CC. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-07, Read more about Adobe Releases Security Updates[…]

Oracle Releases Security Updates for Java

Original release date: February 08, 2016 Oracle has released security updates to address a vulnerability in Java SE versions 6, 7, and 8 for Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle security alert and apply the Read more about Oracle Releases Security Updates for Java[…]

Comodo Chromodo Browsers Vulnerable to Cross-Domain Attacks

Original release date: February 04, 2016 Some Comodo Chromodo browser versions (45.8.12.392, 45.8.12.391, and possibly earlier) are vulnerable to cross-domain attacks. When a user of a vulnerable Chromodo browser visits a specially crafted web page, an attacker may obtain access to web content from another domain. US-CERT recommends users and administrators review Vulnerability Note VU#305096 Read more about Comodo Chromodo Browsers Vulnerable to Cross-Domain Attacks[…]

Information Security

FTC Announces Enhancements to IdentityTheft.gov

Original release date: January 29, 2016 The Federal Trade Commission (FTC) has upgraded its IdentityTheft.gov site to provide improved help to victims of identity theft. Enhancements include more personalized response plans for consumers, automatic generation of documents to aid in recovery, and better integration of the site with the FTC’s consumer complaint system. Resources are Read more about FTC Announces Enhancements to IdentityTheft.gov[…]