Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in its IOS, IOS XE, and IOx Software. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system or cause a denial-of-service condition.

Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates:

Source: https://www.us-cert.gov/ncas/current-activity/2017/03/22/Cisco-Releases-Security-Updates

Advertisements

Aviation Phishing Scams

US-CERT has received reports of email-based phishing campaigns targeting airline consumers. Systems infected through phishing campaigns act as an entry point for attackers to gain access to sensitive business or personal information.

US-CERT encourages users and administrators to review an airline Security Advisory (link is external) and US-CERT’s Security Tip ST04-014 for more information on phishing attacks.

Source: https://www.us-cert.gov/ncas/current-activity/2017/03/23/Aviation-Phishing-Scams

Mozilla Releases Security Update

Mozilla has released a security update to address multiple vulnerabilities in Firefox. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Users and administrators are encouraged to review the Mozilla Security Advisory for Firefox and apply the necessary update.

Source: https://www.us-cert.gov/ncas/current-activity/2017/03/07/Mozilla-Releases-Security-Update

Vulnerability Summary for the Week of February 27, 2017

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.  Please click on the link below to view the whole bulletin.

Source: https://www.us-cert.gov/ncas/bulletins/SB17-065

Apple Releases Security Update

Apple has released a security updates to address a vulnerability in GarageBand. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Apple security page for GarageBand (link is external) and apply the necessary update.

Source: https://www.us-cert.gov/ncas/current-activity/2017/02/14/Apple-Releases-Security-Update

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Digital Editions, and Campaign. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-04 (link is external), APSB17-05 (link is external), and APSB17-06 (link is external)and apply the necessary updates.

Source: https://www.us-cert.gov/ncas/current-activity/2017/02/14/Adobe-Releases-Security-Updates

Cisco Clock Signal Component Failure Advisory

Cisco has released a hardware advisory for a clock signal component used in some of its devices, which include switches and routers. Devices that contain the faulty component could potentially fail after 18 months of use.

US-CERT encourages users and administrators to review the Cisco advisory (link is external) for more information and replacement guidance

Source: https://www.us-cert.gov/ncas/current-activity/2017/02/06/Cisco-Clock-Signal-Component-Failure-Advisory