firefox-browser

Mozilla Releases Security Updates

Mozilla has released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Available updates include:

  • Firefox 48
  • Firefox ESR 45.3

Users and administrators are encouraged to review the Mozilla Security Advisories for Firefox and Firefox ESR and apply the necessary updates.

Source: https://www.us-cert.gov/ncas/current-activity/2016/08/03/Mozilla-Releases-Security-Updates

Security on Dark Digital Background.

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in several products. Exploitation of some of these vulnerabilities could allow an unauthenticated remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

Source: https://www.us-cert.gov/ncas/current-activity/2016/08/03/Cisco-Releases-Security-Updates

security

VMware Releases Security Update

VMware has released a security update to address vulnerabilities in vCenter Server, vSphere Hypervisor (ESXi), Workstation Pro, Workstation Player, Fusion, and Tools. Exploitation of one of these vulnerabilities could allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review VMware Security Advisories VMSA-2016-0010 (link is external) and apply the necessary updates.

Source: https://www.us-cert.gov/ncas/current-activity/2016/08/05/VMware-Releases-Security-Update-0

apple

Apple Releases Security Update

Apple has released a security update to address a vulnerability in iOS. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. The update is for iPhone 4s and later, iPad 2 and later, and iPod touch (5th generation) and later.

Users and administrators to review the Apple security page for iOS (link is external) and apply the necessary updates.

Source: https://www.us-cert.gov/ncas/current-activity/2016/08/05/Apple-Releases-Security-Update

olympics

Cybersecurity Tips for the Rio Olympics

As the 2016 Olympic Games begin in Rio de Janeiro, US-CERT reminds travelers to be aware of cybersecurity risks. At high-profile events, hacktivists may take advantage of the large audience to spread their message. Cyber criminals may attempt to steal personally identifiable information or harvest users’ credentials for financial gain. There’s also the possibility that mobile or other communications will be monitored.

US-CERT encourages users to protect themselves against these risks, especially risks associated with portable devices such as smart phones and tablets. Following the security practices suggested in the documents listed below will help travelers stay more secure in Rio and other travel destinations:

Source: https://www.us-cert.gov/ncas/current-activity/2016/08/02/Cybersecurity-Tips-Rio-Olympics

TechSummary

Vulnerability Summary for the Week of July 25, 2016

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.  Please click on the link below.

Source: https://www.us-cert.gov/ncas/bulletins/SB16-214

Security on Dark Digital Background.

ACSC Releases Risk Mitigation Strategies Against Malicious Email

The Australian Cyber Security Centre (ACSC) has published guidance to organizations on risks posed by malicious email. Systems infected through targeted email phishing campaigns act as an entry point for attackers to spread throughout an organization’s entire enterprise, steal sensitive business or personal information, or disrupt business operations.

US-CERT encourages users and administrators to review the ACSC publication on Malicious Email Mitigation Strategies and US-CERT Alert TA15-213A for additional information.

Source: https://www.us-cert.gov/ncas/current-activity/2016/08/01/ACSC-Releases-Risk-Mitigation-Strategies-Against-Malicious-Email