Catégorie : US GOV
Vulnerability Summary for the Week of September 30, 2019
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. Source : https://www.us-cert.gov/ncas/bulletins/sb19-280 Date : October…
Microsoft Reports Cyberattacks on Targeted Email Accounts
Original release date: October 4, 2019 The Microsoft Threat Intelligence Center (MSTIC) has released a blog post describing an increase in malicious cyber activity from the Iranian group known as Phosphorus. These threat actors are exploiting password reset or account recovery features to take control of targeted email accounts. Source…
Vulnerabilities Exploited in Multiple VPN Applications
Original release date: October 4, 2019 The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an alert on advanced persistent threat (APT) actors exploiting vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/10/04/vulnerabilities-exploited-multiple-vpn-applications…
Cisco Releases Security Updates
Original release date: October 3, 2019 Cisco has released security updates to address vulnerabilities affecting multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/10/03/cisco-releases-security-updates Date : October 3, 2019 at 05:10PM Tag(s) : US GOV Share this……
Exim Releases Security Update
Original release date: October 1, 2019 Exim has released a security update to address a vulnerability affecting Exim versions 4.92 to 4.92.2. A remote attacker could exploit this vulnerability to take control of an affected email server. Source : https://www.us-cert.gov/ncas/current-activity/2019/10/01/exim-releases-security-update Date : October 1, 2019 at 05:06PM Tag(s) : US…
Prepare for National Cybersecurity Awareness Month
Original release date: September 30, 2019 October is National Cybersecurity Awareness Month (NCSAM), which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and its public and private partners—including the National Cyber Security Alliance (NCSA)—to ensure every American has the resources they need to stay safe and…
Vulnerability Summary for the Week of September 23, 2019
Source : https://www.us-cert.gov/ncas/bulletins/sb19-273 Date : September 30, 2019 at 05:55PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print
Cisco Releases Security Advisories
Original release date: September 26, 2019 Cisco has released security updates to address vulnerabilities affecting multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/26/cisco-releases-security-advisories Date : September 26, 2019 at 05:05PM Tag(s) : US GOV Share this……
Adobe Releases Security Updates for ColdFusion
Original release date: September 25, 2019 Adobe has released security updates to address vulnerabilities in ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/25/adobe-releases-security-updates-coldfusion Date : September 25, 2019 at 05:25PM Tag(s) : US GOV Share this… Email Facebook Twitter…
Microsoft Releases Out-of-Band Security Updates
Original release date: September 23, 2019 Microsoft has released out-of-band security updates to address vulnerabilities in Microsoft software. A remote attacker could exploit of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/23/microsoft-releases-out-band-security-updates Date : September 23, 2019 at 09:03PM Tag(s) : US GOV Share this… Email…
Vulnerability Summary for the Week of September 16, 2019
Original release date: September 23, 2019 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available….
VMware Releases Security Updates for Multiple Products
VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/17/vmware-releases-security-updates-multiple-products Date : September 17, 2019 at 05:15PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print
2019 CWE Top 25 Most Dangerous Software Errors
MITRE has released the 2019 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors list. The Top 25 is a compilation of the most frequent and critical errors that can lead to serious vulnerabilities in software. An attacker can often exploit these vulnerabilities to take control of an affected…
Vulnerability Summary for the Week of September 9, 2019
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available Source : https://www.us-cert.gov/ncas/bulletins/sb19-259 Date : September…
Technology Transformation Begins With People: Closing the Human-Technology Gap
GSA’s Technology Transformation Services is prototyping a human-centered approach to cultivating an environment of lifelong learning to attract and retain the best talent to serve our citizens. Source : https://digital.gov/2019/09/11/technology-transformation-begins-with-people-closing-human-technology-gap/ Date : September 11, 2019 at 06:26PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities affecting Flash Player and Application Manager. An attacker could exploit these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/adobe-releases-security-updates Date : September 10, 2019 at 07:31PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print
Microsoft Releases September 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/microsoft-releases-september-2019-security-updates Date : September 10, 2019 at 07:51PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print
MS-ISAC Releases Security Event Primer on Malware
The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released a Security Event Primer on Malware. The white paper outlines general malware operations and includes common malware event types and best practice recommendations. An attacker can use malware to gain access to a network, obtain sensitive data, and damage systems….
Google Releases Security Updates for Chrome
Google has released Chrome version 77.0.3865.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/google-releases-security-updates-chrome Date : September 11, 2019 at 01:44AM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print
Intel Releases Security Updates
Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit one of these vulnerabilities to gain an escalation of privileges on a previously infected machine. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/intel-releases-security-updates Date : September 11, 2019 at 02:55AM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp…