Tag Archives: security advisory
← Older posts“Wanna Cry” Ransomware Warning
A dangerous form of malware is circulating across the globe in the form of a PDF email attachment. Users who open the attachment are exposed to the “Wanna Cry” ransomware, which encrypts all the files on the target computer. Wanna … Continue reading
Posted in Malware, Phishing | Tagged malware, phishing, ransomware, security advisory
Yahoo Encourages Users to Change Passwords
Yahoo released a statement warning users that over 500 million account credentials – including passwords, telephone numbers, and security questions and answers – were compromised during a data breach dating back to 2014. Yahoo is notifying potentially affected users and is … Continue reading
Posted in Password Security, Security Breach | Tagged security advisory, yahoo
Dropbox Encourages Users to Change Passwords
Dropbox released a statement warning users that 68 million account credentials were compromised during a data breach dating back to 2012. Dropbox has emailed all users believed to be affected by the breach and initiated a password reset for those … Continue reading
Posted in Password Security, Security Breach | Tagged dropbox, security advisory
Lenovo Addresses Vulnerability in Accelerator
Lenovo has released a security advisory addressing a vulnerability in its preloaded Accelerator Application software. The vulnerability could be exploited by a “man-in-the-middle” attack, in which a hacker intercepts communication between two systems. Lenovo recommends that users uninstall Accelerator, an application that … Continue reading
Posted in Security Updates | Tagged lenovo, security advisory
Sandworm Vulnerability Requires Another Fix from Microsoft
BACKGROUND Hackers have bypassed Microsoft’s security patch to address the Sandworm vulnerability in Windows resulting in the company issuing another advisory and warning users of the new threat. IMPACT The vulnerability could allow remote code execution if a user opens … Continue reading
Posted in Malware, Security Updates | Tagged microsoft, sandworm, security advisory
Adobe Flash Vulnerability Currently Being Exploited
BACKGROUND There is a vulnerability in Adobe Flash that is being exploited in large scale attacks. The vulnerability is being tracked as CVE-2014-0569 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0558) on the Common Vulnerabilities and Exposures (CVE) database. The exploit includes memory corruption vulnerabilities and an integer overflow vulnerability that … Continue reading
Posted in Malware, Security Updates | Tagged adobe, exploits, security advisory, software patches and updates
Bash Vulnerability Update
Please note the following updates to the September 25 post regarding the Bash / Shellshock vulnerability.
Posted in Security Breach, Security Updates | Tagged exploits, information security, malware, security advisory, software patches and updates
More OpenSSL Vulnerabilities Reported
Security researchers have recently identified several vulnerabilities in the OpenSSL encryption library in addition to the widely publicized Heartbleed bug (see https://it-security.usc.edu/2014/04/09/openssl-heartbleed-bug for more information about Heartbleed). System Administrators within USC’s IT units should complete the action items (fixes) summarized … Continue reading
Posted in Security Updates | Tagged Heartbleed, OpenSSL, security advisory, software patches and updates
Zero-Day Vulnerability in Internet Explorer
On September 17, Microsoft published an emergency security advisory and “Fix it” solution to address a zero-day vulnerability affecting all supported versions of Internet Explorer. (Zero-day vulnerabilities are those that exploit previously unknown vulnerabilities and for which there is no … Continue reading
Posted in Security Updates | Tagged microsoft, security advisory
Phishing Warning 2013-08-28
Many users have reported receiving the following phish email. If you have received the phish, do not reply, click the link, or supply any login information. If you have replied or followed the link, change your USC password as soon … Continue reading
Posted in Phishing | Tagged phishing, security advisory, user education