Original release date: December 06, 2018
Adobe has released security updates to address vulnerabilities in Adobe Flash Player and Adobe Flash Player installer. An attacker could exploit some of these vulnerabilities to take control of an...
Original release date: December 05, 2018
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC encourages...
Original release date: December 04, 2018
Google has released Chrome version 71.0.3578.80 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected...
Original release date: December 04, 2018
The Federal Trade Commission (FTC) has released an alert to provide affected users with recommended precautions against identity theft after the recent breach of the Marriott International Starwood...
Original release date: December 03, 2018
The Department of Homeland Security and the Federal Bureau of Investigation have identified cyber threat actors using SamSam ransomware—also known as MSIL/SAMAS.A—to target industries in the United...
Original release date: November 29, 2018
As the holidays draw near, many consumers turn to the internet to shop for goods and services. Although online shopping can offer convenience and save time, shoppers should be cautious online and...
Original release date: November 28, 2018
Cisco has released a security update to address a vulnerability in Cisco Prime License Manager. A remote attacker could exploit this vulnerability to obtain sensitive information.NCCIC encourages...
Original release date: November 27, 2018
The Department of Homeland Security and the Federal Bureau of Investigation have released a joint Technical Alert (TA) on a major online ad fraud operation—referred to by the U.S. Government as...
Original release date: November 27, 2018
The Samba Team has released security updates to address several vulnerabilities in Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.NCCIC...
Original release date: November 22, 2018
VMware has released security updates to address a vulnerability in Workstation and Fusion. An attacker could exploit this vulnerability to take control of an affected system.NCCIC encourages users...
Original release date: November 20, 2018
As the holiday season begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be...
Original release date: November 20, 2018
VMware has released security updates to address vulnerabilities in vSphere Data Protection. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC...
Original release date: November 20, 2018
Adobe has released security updates to address a vulnerability in Adobe Flash Player. An attacker could exploit this vulnerability to take control of an affected system. NCCIC encourages users and...
Original release date: November 19, 2018
As the holidays approach, NCCIC reminds users to be aware of seasonal scams and malware campaigns. Users should be cautious of unsolicited emails that contain malicious links or attachments with...
Original release date: November 19, 2018
Google has released Chrome version 70.0.3538.110 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.NCCIC...
Original release date: November 19, 2018
On November 16, 2018, the President signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018. This Act elevates the mission of the former Department of Homeland Security...
Original release date: November 13, 2018
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC...
Original release date: November 13, 2018
Adobe has released security updates to address vulnerabilities in Flash Player, Adobe Acrobat and Reader, and Adobe Photoshop CC. An attacker could exploit these vulnerabilities to obtain access to...
Original release date: November 09, 2018
VMware has released security updates to address vulnerabilities in ESXi, Workstation, and Fusion. An attacker could exploit these vulnerabilities to take control of an affected system.NCCIC...
Original release date: November 08, 2018
NCCIC has released Analysis Report (AR) AR18-312A: JexBoss - JBoss Verify and EXploitation Tool. Cyber threat actors use JexBoss to remotely access victims' systems. The report provides information...
Original release date: November 07, 2018
Cisco has released security updates to address vulnerabilities affecting Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.NCCIC...
Original release date: November 06, 2018
NCCIC is aware of reports of vulnerabilities in the hardware encryption of certain self-encrypting solid-state drives. An attacker could exploit these vulnerabilities to obtain access to sensitive...
CVE-2018-12037 There is no cryptographic relation between the password provided by the end user and the key used for the encryption of user data. This can allow an attacker to access the key without knowing the password provided by the end...
CWE-124: Buffer Underwrite ('Buffer Underflow') - CVE-2018-5388 In stroke_socket.c, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. According...
CWE-325: Missing Required Cryptographic Step - CVE-2018-5383 Bluetooth utilizes a device pairing mechanism based on elliptic-curve Diffie-Hellman (ECDH) key exchange to allow encrypted communication between devices. The ECDH key pair consists of...