University of Southern California

Tag Archives: security advisory

← Older posts

Yahoo Encourages Users to Change Passwords

Posted on by mechling

Yahoo released a statement warning users that over 500 million account credentials – including passwords, telephone numbers, and security questions and answers – were compromised during a data breach dating back to 2014. Yahoo is notifying potentially affected users and is … Continue reading

Posted in Password Security, Security Breach | Tagged ,

Dropbox Encourages Users to Change Passwords

Posted on by mechling

Dropbox released a statement warning users that 68 million account credentials were compromised during a data breach dating back to 2012. Dropbox has emailed all users believed to be affected by the breach and initiated a password reset for those … Continue reading

Posted in Password Security, Security Breach | Tagged ,

Lenovo Addresses Vulnerability in Accelerator

Posted on by mechling

Lenovo has released a security advisory addressing a vulnerability in its preloaded Accelerator Application software. The vulnerability could be exploited by a “man-in-the-middle” attack, in which a hacker intercepts communication between two systems. Lenovo recommends that users uninstall Accelerator, an application that … Continue reading

Posted in Security Updates | Tagged ,

Sandworm Vulnerability Requires Another Fix from Microsoft

Posted on by mbordas

BACKGROUND Hackers have bypassed Microsoft’s security patch to address the Sandworm vulnerability in Windows resulting in the company issuing another advisory and warning users of the new threat. IMPACT The vulnerability could allow remote code execution if a user opens … Continue reading

Posted in Malware, Security Updates | Tagged , ,

Adobe Flash Vulnerability Currently Being Exploited

Posted on by mbordas

BACKGROUND There is a vulnerability in Adobe Flash that is being exploited in large scale attacks. The vulnerability is being tracked as CVE-2014-0569 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0558) on the Common Vulnerabilities and Exposures (CVE) database. The exploit includes memory corruption vulnerabilities and an integer overflow vulnerability that … Continue reading

Posted in Malware, Security Updates | Tagged , , ,

Bash Vulnerability Update

Posted on by mbordas

Please note the following updates to the September 25 post regarding the Bash / Shellshock vulnerability.

Posted in Security Breach, Security Updates | Tagged , , , ,

More OpenSSL Vulnerabilities Reported

Posted on by mbordas

Security researchers have recently identified several vulnerabilities in the OpenSSL encryption library in addition to the widely publicized Heartbleed bug (see https://it-security.usc.edu/2014/04/09/openssl-heartbleed-bug​ for more information about Heartbleed). System Administrators within USC’s IT units should complete the action items (fixes) summarized … Continue reading

Posted in Security Updates | Tagged , , ,

Zero-Day Vulnerability in Internet Explorer

Posted on by mbordas

On September 17, Microsoft published an emergency security advisory and “Fix it” solution to address a zero-day vulnerability affecting all supported versions of Internet Explorer. (Zero-day vulnerabilities are those that exploit previously unknown vulnerabilities and for which there is no … Continue reading

Posted in Security Updates | Tagged ,

Phishing Warning 2013-08-28

Posted on by mbordas

Many users have reported receiving the following phish email. If you have received the phish, do not reply, click the link, or supply any login information. If you have replied or followed the link, change your USC password as soon … Continue reading

Posted in Phishing | Tagged , ,

Patch Tuesday Roundup for April 2013

Posted on by mbordas

Today is Patch Tuesday for April 2013.  Microsoft released nine security bulletins, two of which are considered critical and address vulnerabilities that could allow remote users to execute code on your machines.  For more information and to download the updates, … Continue reading

Posted in Patch Tuesday | Tagged , , ,

← Older posts