Researchers say malware infects phones in order to sneak ads on devices for profit.
Intel issued patches for a high-severity flaw in its processor diagnostic tool as well as a fix for a medium-severity vulnerability in its data center SSD lineup.
The software giant also addressed 15 critical flaws and advised on the recently disclosed Linux Kernel “SACK Panic” bug.
Original release date: July 9, 2019 Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s July 2019 Security Update Summary and Deployment Information and apply the necessary updates. This product is provided subject to this Notification and this Privacy & Use policy.
Original release date: July 9, 2019 Intel has released security updates to address vulnerabilities in Intel Solid State Drives for Data Centers and Intel Processor Diagnostic Tool. An attacker could exploit these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Intel Security Advisories INTEL-SA-00267 and INTEL-SA-00268 and apply the necessary updates. This product is provided subject to this Notification and this Privacy & …
Read More »
The vulnerability can be exploited on a drive-by basis by a malicious website.
Original release date: July 8, 2019 The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info actiontec — web6000q_firmware On Telus Actiontec …
Read More »
Original release date: July 8, 2019 The U.S. Coast Guard has released a Safety Alert with recommended cybersecurity best practices for commercial vessels. With a dynamic cybersecurity threat landscape and growing reliance on technology to support vessels, the maritime community can help strengthen their defenses by implementing the following basic cybersecurity measures: Implement network segmentation. Create network profiles for each employee, require unique login credentials, and limit privileges to only those necessary. Be wary of external media. Install anti-virus software. Keep …
Read More »
Google Project Zero finds Apple iMessage bug that bricks iPhones running older versions of the company’s iOS software.
How companies can identify their own insecure data, remediate data breaches and proactively secure data against future attacks.