Alerts

Agent Smith Malware Infects 25M Android Phones to Push Rogue Ads

Researchers say malware infects phones in order to sneak ads on devices for profit.


Intel Patches High-Severity Flaw in Processor Diagnostic Tool

Intel issued patches for a high-severity flaw in its processor diagnostic tool as well as a fix for a medium-severity vulnerability in its data center SSD lineup.


Microsoft Patches A Pair of Zero-Days Under Active Attack

The software giant also addressed 15 critical flaws and advised on the recently disclosed Linux Kernel “SACK Panic” bug.


Microsoft Releases July 2019 Security Updates

Original release date: July 9, 2019 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s July 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.


Intel Releases Security Updates

Original release date: July 9, 2019 Intel has released security updates to address vulnerabilities in Intel Solid State Drives for Data Centers and Intel Processor Diagnostic Tool. An attacker could exploit these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Intel Security Advisories INTEL-SA-00267 and INTEL-SA-00268 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & …
Read More »


Zoom Zero-Day Bug Opens Mac Users to Webcam Hijacking

The vulnerability can be exploited on a drive-by basis by a malicious website.


Vulnerability Summary for the Week of July 1, 2019

Original release date: July 8, 2019 The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info actiontec — web6000q_firmware On Telus Actiontec …
Read More »


U.S. Coast Guard Releases Cybersecurity Measures for Commercial Vessels

Original release date: July 8, 2019 The U.S. Coast Guard has released a Safety Alert with recommended cybersecurity best practices for commercial vessels. With a dynamic cybersecurity threat landscape and growing reliance on technology to support vessels, the maritime community can help strengthen their defenses by implementing the following basic cybersecurity measures: Implement network segmentation. Create network profiles for each employee, require unique login credentials, and limit privileges to only those necessary. Be wary of external media. Install anti-virus software. Keep …
Read More »


Apple Patches iMessage Bug That Bricks iPhones with Out-of-Date Software

Google Project Zero finds Apple iMessage bug that bricks iPhones running older versions of the company’s iOS software.


Data Breach Lessons from the Trenches

How companies can identify their own insecure data, remediate data breaches and proactively secure data against future attacks.