The malicious spyware has also been found in use in countries known for targeting human rights.
Original release date: September 18, 2018 NCCIC will conduct a series of webinars on Protecting Enterprise Network Infrastructure Devices over the next two weeks. Each webinar will be held from 1-2:30 p.m. ET on the dates listed below: Monday, September 24 Thursday, September 27 Tuesday, October 2 Thursday, October 4 NCCIC encourages decision makers, network defenders, and procurement analysts to register for the webinar by clicking on one of the dates listed above. The webinar will feature a discussion on identified …
Read More »
The newly expanded Facebook bug bounty program sniffs out access token exposure flaws.
Firmware used in up to 800,000 CCTV cameras open to attack thanks to buffer overflow zero-day bug.
Old instances of the popular WordPress Duplicator Plugin are leaving sites open to remote code execution attacks.
The attack stems from a glitch in WebKit, an HTML layout browser engine in Apple’s Safari browser.
Original release date: September 17, 2018 Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review Apple security pages for the following products and apply the necessary updates: Apple Support 2.4 for iOS Safari 12 watchOS 5 tvOS 12 iOS 12 This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: September 17, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »
Third-party breaches have become an epidemic as cybercriminals target the weakest link. Organizations such as BestBuy, Sears, Delta and even NYU Medical Center are just a few that have felt the impact of cyberattacks through third-party vendors. The fallout from these breaches can be costly, as the average enterprise pays $1.23 million per incident, up […]
The attack bypasses BIOS mitigations for cold-boot compromise on models from Apple, Dell, Lenovo and all others made in the last 10 years.