Alerts

Mirai Variant Goes After Enterprise Systems

The newest Mirai variant is targeting WePresent WiPG-1000 Wireless Presentation systems and LG Supersign TVs used by enterprises.


Privacy Regulations Needed for Next-Gen Cars

With wide deployment expected in the next decade, the driverless automobile landscape looks fraught – from road safety to data protection.


SB19-077: Vulnerability Summary for the Week of March 11, 2019

Original release date: March 18, 2019 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »


Lenovo Patches High-Severity Arbitrary Code Execution Flaws

Lenovo has issued patches for several serious vulnerabilities in its products stemming from Intel technology fixes.


New Zealand-Related Scams and Malware Campaigns

Original release date: March 15, 2019 In the wake of the recent New Zealand mosque shooting, the Cybersecurity and Infrastructure Security Agency (CISA) advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shooting, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous …
Read More »


Intel Releases Security Advisories on Multiple Products

Original release date: March 15, 2019 Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Intel Product Security Center Advisories page, apply the necessary mitigations, and refer to software vendors for appropriate patches, when available. This product is provided subject to this Notification and this Privacy & …
Read More »


VMware Releases Security Updates for Workstation and Horizon

Original release date: March 15, 2019 VMware has released security updates to address vulnerabilities affecting Workstation 14 and 15, and Horizon 6 and 7. An attacker could exploit some of these vulnerabilities to take control of an affected system.   The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisories VMSA-2019-0002 and VMSA-2019-0003 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.


Unpatched Fujitsu Wireless Keyboard Bug Allows Keystroke Injection

An unpatched high-severity vulnerability allows keystroke injections in Fujitsu wireless keyboards.


Microsoft Releases Security Update for Azure Linux Guest Agent

Original release date: March 14, 2019 Microsoft has released an update to address a vulnerability in Azure Linux Guest Agent. An attacker could exploit this vulnerability to obtain access to sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update. This product is provided subject to this Notification and this Privacy & Use policy.


MS-ISAC Releases Security Primer on TrickBot Malware

Original release date: March 14, 2019 The Multi-State Information Sharing and Analysis Center (MS-ISAC) has released a security primer on TrickBot malware. TrickBot is a modular banking Trojan that targets users’ financial information and acts as a dropper for other malware. An attacker can leverage TrickBot’s modules to steal banking information, conduct system and network reconnaissance, harvest credentials, and achieve network propagation. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review MS-ISAC’s White Paper: Security Primer …
Read More »