Étiquette : US GOV

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. Source : https://www.us-cert.gov/ncas/bulletins/sb19-280 Date : October…

Original release date: October 4, 2019 The Microsoft Threat Intelligence Center (MSTIC) has released a blog post describing an increase in malicious cyber activity from the Iranian group known as Phosphorus. These threat actors are exploiting password reset or account recovery features to take control of targeted email accounts. Source…

Original release date: October 4, 2019 The United Kingdom (UK) National Cyber Security Centre (NCSC) has released an alert on advanced persistent threat (APT) actors exploiting vulnerabilities in Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/10/04/vulnerabilities-exploited-multiple-vpn-applications…

Original release date: October 3, 2019 Cisco has released security updates to address vulnerabilities affecting multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/10/03/cisco-releases-security-updates Date : October 3, 2019 at 05:10PM Tag(s) : US GOV Share this……

Original release date: October 1, 2019 Exim has released a security update to address a vulnerability affecting Exim versions 4.92 to 4.92.2. A remote attacker could exploit this vulnerability to take control of an affected email server. Source : https://www.us-cert.gov/ncas/current-activity/2019/10/01/exim-releases-security-update Date : October 1, 2019 at 05:06PM Tag(s) : US…

Original release date: September 30, 2019 October is National Cybersecurity Awareness Month (NCSAM), which is a collaborative effort between the Cybersecurity and Infrastructure Security Agency (CISA) and its public and private partners—including the National Cyber Security Alliance (NCSA)—to ensure every American has the resources they need to stay safe and…

Source : https://www.us-cert.gov/ncas/bulletins/sb19-273 Date : September 30, 2019 at 05:55PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

Original release date: September 26, 2019 Cisco has released security updates to address vulnerabilities affecting multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/26/cisco-releases-security-advisories Date : September 26, 2019 at 05:05PM Tag(s) : US GOV Share this……

Original release date: September 25, 2019 Adobe has released security updates to address vulnerabilities in ColdFusion. An attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/25/adobe-releases-security-updates-coldfusion Date : September 25, 2019 at 05:25PM Tag(s) : US GOV Share this… Email Facebook Twitter…

Original release date: September 23, 2019 Microsoft has released out-of-band security updates to address vulnerabilities in Microsoft software. A remote attacker could exploit of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/23/microsoft-releases-out-band-security-updates Date : September 23, 2019 at 09:03PM Tag(s) : US GOV Share this… Email…

Original release date: September 23, 2019  The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available….

VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/17/vmware-releases-security-updates-multiple-products Date : September 17, 2019 at 05:15PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

MITRE has released the 2019 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors list. The Top 25 is a compilation of the most frequent and critical errors that can lead to serious vulnerabilities in software. An attacker can often exploit these vulnerabilities to take control of an affected…

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available Source : https://www.us-cert.gov/ncas/bulletins/sb19-259 Date : September…

GSA’s Technology Transformation Services is prototyping a human-centered approach to cultivating an environment of lifelong learning to attract and retain the best talent to serve our citizens. Source : https://digital.gov/2019/09/11/technology-transformation-begins-with-people-closing-human-technology-gap/ Date : September 11, 2019 at 06:26PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

Adobe has released security updates to address vulnerabilities affecting Flash Player and Application Manager. An attacker could exploit these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/adobe-releases-security-updates Date : September 10, 2019 at 07:31PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/microsoft-releases-september-2019-security-updates Date : September 10, 2019 at 07:51PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released a Security Event Primer on Malware. The white paper outlines general malware operations and includes common malware event types and best practice recommendations. An attacker can use malware to gain access to a network, obtain sensitive data, and damage systems….

Google has released Chrome version 77.0.3865.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/google-releases-security-updates-chrome Date : September 11, 2019 at 01:44AM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit one of these vulnerabilities to gain an escalation of privileges on a previously infected machine. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/intel-releases-security-updates Date : September 11, 2019 at 02:55AM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp…