“Wanna Cry” Ransomware Warning
A dangerous form of malware is circulating across the globe in the form of a PDF email attachment. Users who open the attachment are exposed… Read more »
security advisory
Yahoo Encourages Users to Change Passwords
Yahoo released a statement warning users that over 500 million account credentials – including passwords, telephone numbers, and security questions and answers – were compromised during… Read more »
Dropbox Encourages Users to Change Passwords
Dropbox released a statement warning users that 68 million account credentials were compromised during a data breach dating back to 2012. Dropbox has emailed all… Read more »
Lenovo Addresses Vulnerability in Accelerator
Lenovo has released a security advisory addressing a vulnerability in its preloaded Accelerator Application software. The vulnerability could be exploited by a “man-in-the-middle” attack, in which… Read more »
Sandworm Vulnerability Requires Another Fix from Microsoft
BACKGROUND Hackers have bypassed Microsoft’s security patch to address the Sandworm vulnerability in Windows resulting in the company issuing another advisory and warning users of… Read more »
Adobe Flash Vulnerability Currently Being Exploited
BACKGROUND There is a vulnerability in Adobe Flash that is being exploited in large scale attacks. The vulnerability is being tracked as CVE-2014-0569 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0558) on the Common… Read more »
Bash Vulnerability Update
Please note the following updates to the September 25 post regarding the Bash / Shellshock vulnerability.
More OpenSSL Vulnerabilities Reported
Security researchers have recently identified several vulnerabilities in the OpenSSL encryption library in addition to the widely publicized Heartbleed bug (see https://it-security.usc.edu/2014/04/09/openssl-heartbleed-bug for more information… Read more »
Zero-Day Vulnerability in Internet Explorer
On September 17, Microsoft published an emergency security advisory and “Fix it” solution to address a zero-day vulnerability affecting all supported versions of Internet Explorer.… Read more »
Phishing Warning 2013-08-28
Many users have reported receiving the following phish email. If you have received the phish, do not reply, click the link, or supply any login… Read more »