[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 14, 2019

Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.5.1 and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.


[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 12, 2019

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Mozilla Security Advisories for Firefox 65.0.1 and Firefox ESR 60.5.1 and apply the necessary updates. 


This product is provided subject to this Notification and this Privacy & Use policy.


[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 12, 2019

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Microsoft's February 2019 Security Update Summary and Deployment Information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Internet Romance Scams

Feb. 12th, 2019 19:28
[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 12, 2019

The Federal Trade Commission (FTC) has released an article addressing a rise in reports of internet romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. Use caution when online dating, and never send money or gifts to someone you have not met in person.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users to review FTC’s article on Romance Scams and NCCIC’s tip on Staying Safe on Social Networking Sites. If you think you have been a target of a romance scam, file a report with


This product is provided subject to this Notification and this Privacy & Use policy.


Cisco Releases Security Update

Feb. 12th, 2019 18:35
[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 12, 2019

Cisco has released a security update to address a vulnerability in Network Assurance Engine. An attacker could exploit this vulnerability to obtain sensitive information.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Cisco Security Advisory and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.


Adobe Releases Security Updates

Feb. 12th, 2019 16:39
[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 12, 2019

Adobe has released security updates to address vulnerabilities affecting Adobe Flash Player, Acrobat and Reader, ColdFusion, and Creative Cloud Desktop Application. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Adobe Security Bulletins, APSB19-06, APSB19-07, APSB19-10, and APSB19-11, and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 12, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) has added an additional session to the virtual awareness briefing on Chinese malicious cyber activity targeting managed service providers. The briefing will be held on Thursday, February 14, 2019, from 1-2 p.m. ET. The briefing will provide a background on the identified cyber activity and mitigation techniques. Click here to register.


This product is provided subject to this Notification and this Privacy & Use policy.


[syndicated profile] dubious_prospects_feed

Posted by Graydon

Which is good, in as much as that increases the chance of something being done about it.

The science types have been aware of this for years; work on trying to figure out why the whole guild -- that is, a group of organisms with a similar ecological role, not necessarily related -- of aerial insectivores has been declining has been going since at least 2010.

(Some bats, some birds, and some
[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 11, 2019 | Last revised: February 12, 2019

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a vulnerability affecting several open-source container management systems that leverage runc.

NCCIC encourages users and administrators to review the runc security advisory, and the RedHat and Amazon Web Services blogs; and refer to OS and application vendors for mitigations and updates as they become available.


This product is provided subject to this Notification and this Privacy & Use policy.


[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 07, 2019

Apple has released security updates to address vulnerabilities in multiple products, including the recently discovered FaceTime vulnerability. An attacker could exploit some of these vulnerabilities to take control of an affected system.  

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:


This product is provided subject to this Notification and this Privacy & Use policy.


[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 05, 2019

Microsoft has released an advisory to address an elevation of privilege vulnerability in Microsoft Exchange Server. An attacker could exploit this vulnerability to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Microsoft Security Advisory and the CERT Coordination Center's Vulnerability Note VU#465632 and consider the workarounds until an update is available.


This product is provided subject to this Notification and this Privacy & Use policy.


[syndicated profile] us_cert_current_feed

Posted by US-CERT

Original release date: February 05, 2019

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Marvell Avastar wireless system on chip (SoC) models. An attacker could exploit this vulnerability to take control of an affected system.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review CERT/CC’s Vulnerability Note VU#730261 for more information and refer to vendors for appropriate updates, when available.


This product is provided subject to this Notification and this Privacy & Use policy.


Another new year haul

Feb. 2nd, 2019 18:38
[syndicated profile] eaglespath_feed

The last haul I named that was technically not a new year haul since it was posted in December, so I'll use the same title again. This is a relatively small collection of random stuff, mostly picking up recommendations and award nominees that I plan on reading soon.

Kate Elliott — Cold Fire (sff)
Kate Elliott — Cold Steel (sff)
Mik Everett — Self-Published Kindling (non-fiction)
Michael D. Gordin — The Pseudoscience Wars (non-fiction)
Yoon Ha Lee — Dragon Pearl (sff)
Ruth Ozeki — A Tale for the Time Being (sff)
Marge Piercy — Woman on the Edge of Time (sff)
Kim Stanley Robinson — New York 2140 (sff)

I've already reviewed New York 2140. I have several more pre-orders that will be delivered this month, so still safely acquiring books faster than I'm reading them. It's all to support authors!

Profile

piranha: red origami crane (Default)
renaissance poisson

July 2015

S M T W T F S
   123 4
567891011
12131415161718
19202122232425
262728293031 

Most Popular Tags

Expand Cut Tags

No cut tags