Alerts

Data Breach Bonanza: Dating Apps, Equifax, Mass Credential Dumps

Data-exposure “lowlights” for the week ending Feb. 15, 2019.


Critical OkCupid Flaw Exposes Daters to App Takeovers

The flaw is only one of many romance-related security issues as bad actors take advantage of Valentine’s Day.


Lenovo Watch X Riddled with Security Vulnerabilities

Researchers have identified multiple security issues with this Lenovo smartwatch.


Unpatched Apple macOS Hole Exposes Safari Browsing History

There are no permission dialogues for apps in certain folders for macOS Mojave, which allows a malicious app to spy on browsing histories..


‘Dirty Sock’ Flaw in snapd Allows Root Access to Linux Servers

The issue affects default installations of Ubuntu Server and Desktop and is likely included in many Ubuntu-like Linux distributions.


Siemens Warns of Critical Remote-Code Execution ICS Flaw

The affected SICAM 230 process control system is used as an integrated energy system for utility companies, and as a monitoring system for smart-grid applications.


Critical WordPress Plugin Flaw Allows Complete Website Takeover

Users of the popular plugin, Simple Social Buttons, are encouraged to update to version 2.0.22.


Microsoft Patches Zero-Day Browser Bug Under Active Attack

In its February Patch Tuesday bulletin Microsoft patches four public bugs and one that under active attack.


Internet Romance Scams

Original release date: February 12, 2019 The Federal Trade Commission (FTC) has released an article addressing a rise in reports of internet romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. Use caution when online dating, and never send money or gifts to someone you have not met in person. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages …
Read More »


Microsoft Releases February 2019 Security Updates

Original release date: February 12, 2019 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Microsoft’s February 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this …
Read More »