FTC Announces Resource for Small Business Owners

The Federal Trade Commission (FTC) has released an announcement about its new website devoted to protecting small businesses. This resource aims to help business owners avoid scams, protect their computers and networks, and keep their customers’ and employees’ data safe.

Business owners and other interested parties are encouraged to explore the new FTC website and review US-CERT resources for small and midsize businesses.

Source: https://www.us-cert.gov/ncas/current-activity/2017/05/09/FTC-Announces-Resources-Small-Businesses

Apple Releases Security Update

Apple has released a security updates to address a vulnerability in GarageBand. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Apple security page for GarageBand (link is external) and apply the necessary update.

Source: https://www.us-cert.gov/ncas/current-activity/2017/02/14/Apple-Releases-Security-Update

Cisco Clock Signal Component Failure Advisory

Cisco has released a hardware advisory for a clock signal component used in some of its devices, which include switches and routers. Devices that contain the faulty component could potentially fail after 18 months of use.

US-CERT encourages users and administrators to review the Cisco advisory (link is external) for more information and replacement guidance

Source: https://www.us-cert.gov/ncas/current-activity/2017/02/06/Cisco-Clock-Signal-Component-Failure-Advisory

Vulnerability Summary for the Week of January 30, 2017

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.  Please click the link below to view the full summary.

Source: https://www.us-cert.gov/ncas/bulletins/SB17-037

Oracle Releases Security Bulletin

Oracle has released its Critical Patch Update for January 2017 to address 270 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Oracle January 2017 Critical Patch Update (link is external) and apply the necessary updates

Source: https://www.us-cert.gov/ncas/current-activity/2017/01/18/Oracle-Releases-Security-Bulletin

Microsoft Releases January 2017 Security Bulletin

Microsoft has released four updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system.

Source: https://www.us-cert.gov/ncas/current-activity/2017/01/10/Microsoft-Releases-January-2017-Security-Bulletin

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

Source: https://www.us-cert.gov/ncas/current-activity/2016/10/12/Cisco-Releases-Security-Updates